Friday, 13 December 2019

On 02:51 by admin in    4 comments
It is a huge privilege to be granted an interview with the "Founder of  UnitedCon" "Mr. Nitin Pandey". 


So now without wasting the time, lets start interview with him and find out more.

Q. As a renowned cyber security expert, can you give us a brief background on when and how your interest in cyber security sparked?

Mr. Pandey: Well, first of all I would like to thank The Hacker Samachar for again giving me this opportunity to interact and share my view with everyone. My curiosity developed into this field when I was in School, I guess in 2007 and I started learning articles, blogs, Vivek Ramachandran Sir’s “Security Tube” videos while pursuing my bachelors in Computer Application. So, Instead of attending classes I ended up having stuck to my computer at home and learning more and more about hacking. In those 11-12 years what I learnt is we should always keep learning and never stop it. It’s your kindness to call me a renowned cyber expert, but I call myself just a Cyber Security Learner because in this field new challenges come every day and we always have to be aware of these challenges and should learn from them. As I belong to Uttar Pradesh, being most populous state it packs together a huge percentage of unaware internet users. That was the main reason to start DEFCON Lucknow. Then I conducted first ever InfoSec conference in my state and from there I came in front of InfoSec Community.

Q. You are recognized for your works. In your personal point of view, what is your greatest
contribution to the industry?

Mr. Pandey: In my personal point of view I think my greatest contribution to InfoSec Community is to support my country in “Nation Building” & establishing a platform for new and young talented
security researchers to showcase their talent. I have noticed that most of the time new faces get
ignored which is completely unfair. Everyone deserves equal chance to share their knowledge &
skills. That was the main reason of conducting DEF CON Lucknow twice, Leading OWASP Lucknow Chapter for over 4 years and then forming my own Organization named as “National Information Security Council” followed by Hackers Day and UNITED CON. Before taking the initiative of conducting my first conference in 2014, I had conducted an individual research work and it revealed the fact that most of Uttar Pradesh government websites were damn vulnerable to attacks. The databases were out dated, the least secured ones. So as mentioned above, I started leaning and
apart from organizing conferences, I have delivered many Talks as Speaker in India & in abroad as
well, workshop training, seminars related to Ethical hacking and cyber security awareness program
because spreading awareness and sharing my knowledge is what I always love to do with everyone
so that they can understand these things.

I can say that the best moments from my contribution to this community were getting appreciation
and acknowledgement twice by His Excellency Shri Ram Naik Ji, Honourable Former Governor of
Uttar Pradesh, representing my country in Russian IT Synergy, Russia twice, training IT professionals
and students of Sri Lanka at SudoCon 2019 for almost 12 days and the love and respect I earned in
Russia & Sri Lanka is priceless. There are so many more memories are attached but I don’t think I am
able to share all of them here.

Q. What do you consider as the greatest incident of cyber-attack, hacking, or other related issues that struck the world recently?

Mr. Pandey: Well, if we talk about recent attacks then I must say it was “Wannacry Ransomware” attack which shook whole world, especially Russia, Ukraine & India as these were the most affected
nations. The whole world suffered from this Ransomware attack which targeted computer systems
running the Microsoft Windows Operating System by encrypting data and demanding ransom
payments in the Bitcoin cryptocurrency for the decryption key. I still remember when I was invited
for Russian IT Synergy 2017; my topic was even about “Cyber Terrorism & Ransomwares”. So as we
all know that after WannaCry Ransomware, so many Ransomwares got leaked such as Petya
Ransomware, Locky Ransomware, Bad Rabbit and so on. This gave cyber criminals a new way to
create Ransomwares and making money. Another big challenge I see is “Cyber Terrorism”. I found
many Terrorist chat groups, sensitive information related to terrorism when I was recently
researching on Dark Web for Russian IT Synergy 2019 which revealed that many Terrorist
Organizations are active on Internet and using Dark Web for communication and other purposes.
Women Safety is also a very important issue and challenge and that is why I have scheduled a special
Panel Discussion on it.

Q. How do you perceive the state of cyber security in the next 10 years? What should we prepare for?

Mr. Pandey: Cyber-attacks are happening daily which clearly shows the importance of security. I always say that Cyber Security is the “Fifth Dimension of National Security”. We need to spread awareness as much as we can do. Police, Web or Software developers must be well trained. Developers should always follow OWASP guidelines while developing Web applications. People are trained to perform their jobs in technology, accounting, sales, etc. but lack the basic knowledge of how to protect company data from the outside. You can’t assume that everyone knows the rules, cautions and dangers. Attackers are getting better and better at disguising their methods, it’s not always obvious. We should always be prepared for new challenges and emerging threats. As we encounter the new technologies and their parallel exploits we have to prepare ourselves to such a mechanism that allows individuals to face any attack and mitigate it in less possible time.

Q. Awards, Presentations all over the world, Publications etc., is Information Security your
profession or your passion?

Mr. Pandey:. I entered into this field as a passionate cyber security enthusiast but it became my profession with time. So, I can say that it is my passion as well as profession too.

Q. In terms of computer web security, what are the countries that show preparedness for cyber
terrorists?

Mr. Pandey: I always give example of “Israel” as a well prepared country to combat against terrorism. Also a few countries especially United States and China, are vigorously putting in place systems to combat the menace. Republic of India is also becoming a part of that race.

Q. Can you tell more about “UNITED CON” Conference?

Mr. Pandey:  As an organizer of my 6th conference, United Conference on Cyber Space (UNITED CON) is an International Information Security Conference & an initiative of National Information Security Council for Promoting, Demonstrating & Spreading Awareness Regarding the Field of Information Security. It is the Show that Sets the Benchmark for all Security & IT Professionals. We are bringing together the Brightest Minds in the World for Two Days of Learning, Networking, and Skill Building. Speakers and Delegates are coming to UNITED CON from Russian Federation, Israel, United States, Netherlands, Sri Lanka, Nepal and so on. The conference is scheduled on January 13 & 14, 2020 in New Delhi, India. Apart from Keynote & Technical Talks, we are also conducting hands-on Workshop trainings; Capture the Flag Contest, Panel Discussion, Lock Picking, Car Hacking & Hardware Soldering Villages and so many events. For those who are not eligible for Speaker, we have also planned something for them called “Hackers Journal” where everyone can submit their research papers and we will publish all papers in our Journal. I personally invite everyone to Join Us for Two Intense Days of Trainings and Two Jam-Packed Days of Briefings as it is my last conference as an organizer.

Q. You don’t want to continue organizing such conferences anymore? Would you like to share with us, why?

Mr. Pandey: Well, from the beginning, The Hacker Samachar is always very close to my heart. Therefore, I believe it is best time to announce that UNITED CON is my last conference as an organizer. That is the main reason I decided to conduct it in National Capital and this conference is also very special for me as it is my final one, so I want to make this conference a huge successful. I had already taken a break of 2 years from organizing any conferences as I was busy in learning and researches for International conference; I decided to give a farewell before saying goodbye to organizing conferences. The reason behind my decision is my career. I want to focus on my company, learning new things in Cyber Security domain and I really love doing researches. It’s full of fun and I learn a lot of new things from it. Frankly speaking, organizing a conference is a very difficult job. It takes lots of  hard work, team support, financial challenges etc. Sometimes people think that conducting conference on a very large scale makes the Organizing team rich which is completely wrong. Whatever comes from registration fee & sponsorship, we put it all in conference & in reality,
sometimes we face financial crisis and put own savings to conduct the conference successfully. That
is the truth what I have personally experienced. After UNITED CON, I want to focus on my career but I will be always there for everyone. Will keep participating in Cyber Security Events, will always be available for talks/trainings. I would also like to thank all of you for your continuous love and support to me which always helped me in serving the nation in the field of Information Security. Cyber Security is what I love and I will always be active in this field.

Q. Can you give us any hints about your topic?

Mr. Pandey:  I haven’t decided my topic so far as I am continuously engaged in preparation of the conference but will definitely announce my topic once I will finish the preparation.

Q. In what way this conference will help attendees?

Mr. Pandey: I have planned this conference in very unique way like Speakers are allowed to speak in their Native languages and it will be translated by a translator. The attendees will learn new things as
almost all speakers are highly skilled and their topics are so much interesting which will developer a
curiosity in attendees. Also there will be hands-on workshop trainings which will teach a lot to the
participants. I have also planned to put more very important topics in Panel Discussion
(Question/Answer) session such as “How Cyber Security can play an important role in Women
Safety” and “How technology can help making our National Capital pollution free” and so many
interesting events will be held during UNITED CON. All the details are available on our website
https://unitedcon.in.

Thank you so much Vismit Rakhecha for again giving me an opportunity to share my view with The Hacker Samachar. I really appreciate It. Jai Hind!

Wednesday, 13 November 2019

On 02:49 by admin   No comments

Ransomware

In the previous years of targeted attack mode, ransomware saw the possibility of success.Small and medium-sized enterprises are still the main target of ransomware because of their security budget and skills constraints.Whether it's for employees' phishing attacks or forcibly extorting with unsafe RDP, ransomware is as effective as ever.include:

1.Emotet–Trickbot–Ryuk(“Three in One Threat”):

In terms of economic losses, this is the most successful combination of 2019.They shifted their focus more to reconnaissance operations.A value is assigned after infecting the target network, and then the ransom of the amount is sent after moving and deploying the ransomware laterally.

2. Trickbot / Ryuk:

In the first half of 2019, Emotet was provided with a secondary payload, and Ryuk infection, usually spread by Trickbot, caused large-scale encryption of the entire network.

3. Dridex / Bitpaymer:

Dridex is not only an implant in the Bitpaymer ransomware infection chain, but also a secondary payload of Emotet.

4. GandCrab:

The most successful example of RaaS (ransomware as a service) to date, software makers claim a combined profit of more than $2 billion.

5. Sodinokibi– Sodin / REvil:

This combination was created after GandCrabstopped updating.For ransomware that has been successful before, it is not uncommon to try to start a new ransomware and get a lot of attention and success again.(Soyinokibi code is similar to GandCrab and is considered the "heir" of GandCrab ransomware)

Crysis / Dharma:

The ransomware has been on the "most notorious malware" list for the second year, and the malware has been distributed multiple times in the first half of 2019, and almost all of the observed infections have passed RDP.

Phishing

In 2019, the complexity and credibility of email-based malware activity increased dramatically.Phishing activities ave become more personal, and ransomware has done fraud with a leaked password.The phishing attacks include:

1. Enterprise invasion:

The biggest security risks for enterprises are usually employees rather than a distant hacker.In 2019, it turned out that the lack of security habits of employees (including re-use and shared passwords, as well as piracy using applications such as Microsoft, Facebook, Apple, Google and PayPal) had a serious impact on security.

2. Enterprise Email Intrusion (BEC):

In 2019, the frequency of email address hijacking and deep forgery attacks increased.The employees responsible for payment and purchase of gift cards have become the target of attack. The attackers mainly initiate email intrusion by counterfeiting corporate executives or acquaintances, and induce the victims to click and abandon the corresponding certificates and gift cards.

Botnet

The botnet is still the dominant force in the chain of infection attacks.No other type of malware can provide so many ransomware or crypto-currency mining payloads like botnets.The most notorious three botnets include:

1. Emotet:

As the most popular malware in 2018, it still dominated in 2019.Although it disappeared in June, it reappeared in September, becoming the largest botnet that provides a variety of malicious payloads.

2. Trickbot:

Trickbot's modular infrastructure poses a serious threat to any network it infects.Its combination with Ryuk ransomware is one of the more devastating targeted attacks of 2019.

3. Dridex:

Dridex is one of the most famous banking Trojans and is now used by Bitpaymer ransomware as an implant in the infection chain.

Encryption and encryption hijacking

From 2017 to 2018, the explosive growth of encrypted hijacking sites has disappeared, but crypto-currencies are not.Because of the low risk, guaranteed funds, and the less damage caused by ransomware and less profit, encrypted mining hijacking is still active.The 2019 mining hijacking attack includes:

1. Hidden Bee:

A vulnerability that provides crypto-currency mining payloads, which began using IE exploits last year, has evolved into payloads in JPEG and PNG images through shorthand technology and WAV media format flash exploits.

2. Retadup:

This is a mining worm that infects more than 850,000 crypto-currencies and was removed in August after the French National Gendarmerie Cyber ​​Crime Center (C3N) controlled the malware command and control server.

Finally, Webroot security analyst Tyler Moffitt said: "There is no doubt that we continue to see cyber-criminals constantly evolving their strategies. Although they may use some of the same malware, they are better off using a lot of stolen Personal information to plan more targeted attacks. Therefore, individuals and organizations need to adopt a layered security approach. While striving to improve the network's flexible security protection capabilities, they must also continue to conduct relevant security training. ""

Reference source : ZDNet

Thursday, 31 October 2019

On 00:14 by admin   No comments
We believe in transparency, the power of community, and building a more private and secure future for all. That’s why our web app has been open source since 2015, and it’s why we have contributed to the open source community by maintaining cryptographic libraries for the JavaScript and Go programming languages.

Now we’re taking the next step by open sourcing our iOS app. You can find the code on our Github page.

Why open source?

At Proton, security is our overriding priority, particularly because of the many dissidents and activists who use our service. Our emphasis on security extends to all areas of our work, from our use of end-to-end encryption, to the way we engineer our applications. As part of our commitment to security, we are putting all of our software through rigorous, independent third-party audits.

Already there are third-party audits for OpenPGPjs and GopenPGP, our open source cryptographic libraries. Earlier this year, we engaged the renowned security firm SEC Consult to conduct an independent audit of ProtonMail’s iOS application. We are now making our iOS app open source now that it has been independently vetted. For more information, read the full iOS app audit report.

Open source provides transparency and accountability to the Proton community. Allowing people to see and review our code increases trust in both the security of the platform and our commitment to develop a more secure and private Internet. By making our code available to the world, and with the help of our bug bounty program, we can leverage the global Proton community to make our software as secure as possible.

Open source at ProtonMail

We strongly believe in open source, and we are committed to open sourcing all of our client software. In pursuit of this goal, independent third-party audits of all our other clients are underway, and we look forward to open sourcing even more of our code.

In addition to making our iOS app open source, we have also documented and published our iOS security model. This is important to us because raw code without documentation can be almost unintelligible sometimes, and a documented security model will assist in rigorous assessment and review of our code by the public. Our iOS trust model is also available on our Github page.

There has been a recent increase in state-sponsored malware attacking iOS, and in some cases specifically targeting ProtonMail users. Our iOS security model also highlights exactly what we are doing to give Proton users a higher level of security compared to typical apps. In particular, we have implemented safeguards which allowed the ProtonMail iOS app to protect against a recent malware targeting Tibetans and Uyghurs (see our security advisory).

Making our code freely accessible to the developer community also encourages innovation in the field of privacy tech. Developers are free to implement and build upon the methods that we have documented and published. We believe that when developers work together to solve real-world privacy challenges, everyone benefits, and we hope that the publication of our code will result in safer and more robust iOS apps.

Source : https://protonmail.com/blog/

Wednesday, 30 October 2019

On 23:30 by admin   No comments
The GitHub Student Developer Pack now offers over $100k worth of tools and training to every student developer, anywhere that GitHub is available. If you’re new to the Pack, it provides verified students with GitHub Pro at no charge while they are in school, plus free access to the best developer tools and training—thanks to our partners—so they can learn by doing. 
As the Pack continues to grow and shape the next generation of developers, we continue to listen. We’re here to better understand how you’re using these tools and what’s missing that you hope to see included. Whether you’re developing your portfolio, building a new desktop app, or creating an interactive map—the goal of the Pack is to provide you with the tools you need to be successful.
This year, the value of the Pack tripled during the Fall semester by adding nineteen new partners in October plus a dozen in September to the twenty-one who joined our long-time partners for Back-to-School.

Partner details

The following are our new partners and the tools and training they are providing, for free, to students:

October

  • Appfigures, app store analytics, optimization, and intelligence
  • Astra Security, security suite for your website, including firewall, malware scanner, and a managed bug bounty platform
  • BoltFlare, reliable, secure, and scalable managed WordPress hosting
  • BrowserStack, test your web apps, providing instant access to 2,000+ browsers and real iOS and Android devices
  • Codecov, implement code coverage easier to develop healthier code
  • Educative, level up on trending coding skills at your own pace with interactive, text-based courses
  • EverSQL, boost your database performance by automatically optimizing your SQL queries
  • HazeOver, get focused while working on projects or studying
  • Iconscout, design resources marketplace with high quality icons, illustrations, and stock images
  • Interview Cake, makes coding interviews a piece of cake with practice questions, data structures and algorithms reference pages, cheat sheets, and more
  • Kaltura, build interactive video experiences and advanced media applications
  • MNX.io, managed Cloud hosting for developers
  • NetLicensing, cost-effective and integrated Licensing-as-a-Service (LaaS) solution for your software on any platform from Desktop to IoT and SaaS
  • Scrapinghub, battle-tested cloud platform for running web crawlers where you can manage and automate your web spiders at scale
  • Testmail, unlimited email addresses and mailboxes for automating email tests with powerful APIs
  • Typeform, interactive forms, surveys, and quizzes to engage and grow your audience
  • USE-Together, provides a remote pair programming and team collaboration tool
  • Weglot, make any website multilingual and manage your translations through a single platform
  • Wisej, build powerful web applications in Visual Studio with C# or VB.NET

September

  • Blackfire, Code performance measurement tool where you can find and fix bottlenecks
  • Canva, create professional looking graphics and designs, featuring thousands of templates and an easy to use editor
  • Covalence, provides an exclusive developer community and allows you to learn Full Stack web-development with no long-term commitments
  • Crowdin, cloud-based solution that streamlines localization management
  • Education Host, web hosting platform to host assignment and project work
  • GoRails, tutorials for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more
  • Honeybadger, exception, uptime, and cron monitoring
  • Mailgun, APIs that enable you to send, receive, and track email
  • One Month, learn HTML, CSS, JavaScript and Python in just 30 days
  • Repl.it, an online IDE that lets you instantly code in over fifty languages so you can start learning, building, collaborating, and hosting all in one place
  • Storyscript, top-level, cloud native programming language that helps you orchestrate data flow seamlessly between microservices
  • Vaadin, open source Java framework for building Progressive Web Applications

Monday, 10 June 2019

On 22:11 by admin   No comments
Jscrambler launches Self-Healing JavaScript to prevent code tempering
Jscrambler, a technology company specializing in JavaScript Application Security and Web Page Monitoring solutions announces Self-Healing JavaScript – a world first for JavaScript application security.
The latest statistics point out that 97% of modern web sites are running JavaScript, and every single Fortune 500 company uses it to build highly competitive web apps; JavaScript keeps growing as the powerhouse of the Web.
However, because JavaScript code can’t be encrypted, it remains exposed so that anyone can access and modify it. This allows malicious actors to reverse-engineer JavaScript code to uncover a company’s proprietary algorithms or bypass licensing agreements. Once again, Jscrambler is tackling this issue head-on with new proprietary technology: Self-Healing JavaScript.
“We are very pleased to introduce Self-Healing JavaScript and to thwart malicious actors head-on. Never before have enterprises put so much critical business logic into JavaScript. As attackers try harder than ever to steal and tamper with a company’s code, the technology we have developed proves once again that Jscrambler is at the forefront of JavaScript security.” said Rui Ribeiro, co-founder and CEO of Jscrambler.
Whenever attackers try to tamper with a piece of code, Jscrambler’s Self-Healing technology will automatically restore to its original, clean version. Not only does this thwart any malicious attempts to modify the code, but it also guarantees that the application does not break after tampering attempts – keeping the end-user’s experience unscathed.
Self-Healing is a must-have JavaScript protection technology for companies with critical applications where, running tampered code or having the application break, can result in serious damage to the business.
Industry sectors such as healthcare or manufacturing rely heavily on JavaScript to build applications and Self-Healing code means greater security, stability and reliability for them.
Source : helpnetsecurity.com
On 21:57 by admin in    No comments
Null meets are free for anyone to attend. There are absolutely no fees. Just come with an open mind and willingness to share and learn.

Proposed sessions for this event:

Scouring CI/CD for Sensitive Information by Darsh Patel
Egg hunting techniques by Malav Vyas
Owning the b0x like a L33T by Swar Shah
CTF by Jaimin Gohel

Schedule:
Date: Sunday June 16 2019
Time: 11am to 3pm

Venue:
ICT, Ganpat University,
3rd Floor, Block A, Ganesh Meridian, opp Kargil Petrol Pump,
S.G Highway, Sola,
Ahmedabad

Register yourself:
https://null.co.in/events/604-ahmedabad-null-ahmedabad-meet-16-june-2019-monthly-meet

Friday, 7 June 2019

On 02:19 by admin   No comments
The blockchain space always has something exciting going on in terms of innovative technologies and product launches. Recently, blockchain enthusiasts were treated with an interesting announcement by Kodak, the renowned imaging-tech company, which disclosed the firm’s latest offering – a document management system based on the blockchain technology. The announcement was made at the two-day Kodak Innovation Conference 2019 held in New York’s Rochester on 5th June.
The offering, titled KODAK Document Management Platform, has been launched by Kodak Services for Business. The platform has been designed, keeping in mind the targeted clientele of governments as well as businesses. According to the company, this document management system will help both kinds of their client base to safeguard and manage their sensitive documents hassle-freely. The use of blockchain technology will lend the required level of security and efficiency to the platform, states the company.
Apart from the KODAK Document Management Platform, the company also launched KODAK Scan Cloud, a specially designed solution that enables the user to process data regardless of their location. The conference also witnessed the discussion on the concept of “Smart Cities” which revolves around utilizing cutting-edge technologies for improving the services and infrastructure in a way that boosts the overall functionality of urban areas.
Source : cryptonewsz