Archive for category Security

5G & Data Security

PDF Version: 5G-and-Data-Security

, , ,

No Comments

How Are Attackers Targeting Organizations With Steganographic Techniques?

Steganography is the act of hiding secret information within an ordinary, non-secret file or message to avoid detection. The main strengths of steganography are its capacity to keep a message as secret as possible and hide a large amount of data. Cyber attackers are exploiting these strengths to target organizations by launching sophisticated attacks.

Cyber attacks employ steganography to embed malicious code in seemingly benign content to bypass an organization’s cyber security. The basic layout of a cyber attack using steganography is based on four concepts.

  • Social Engineering: When the user opens the compromised document, the malware code instructs the victim to enable content in the document.
  • Network Security Monitoring Evasion: Once the content is enabled, the document runs a PowerShell script to download a file with embedded malware. The file may be as simple as a popular image, a wallpaper, etc. and is stored on a remote server.
  • Manual Analysis Evasion: The attackers make use of obfuscated VB macros to decode the malicious content hidden within the pixels of these images and install the malware.
  • Persistence: The malware is designed to register scheduled tasks to enable the script to survive system reboots.

What Is PowerShell?

Microsoft introduced it as a scripting language and command line. It is now open-source and cross-platform enabling developers to use multiple languages and libraries for building applications for mobile, gaming, desktop, and IoT solutions. It is popular among cyber criminals for launching steganography attacks because:

  • It’s easy-to-use and versatile, providing access to all major OS functions.
  • It is used and trusted by many administrators, allowing PowerShell malware to blend in with benign activity on the network.

What Type Of Information Hidden Is Via Steganography By Cyber Criminals?

Cyber criminals can use the information hiding at different stages of a cyber attack depending upon the kind of information hidden.

  • Identities: Anonymization techniques are used to hide the identities of communicating parties.
  • Communication: Steganography is used to hide the fact that a conversation is taking place. It conceals the data packet flow by using traffic-type obfuscation methods.
  • Content: Cyber criminals may hide the content of data but not the transmission or presence of data itself.
  • Code: The structure of executable malicious code is hidden by binary code obfuscation and masquerading techniques.

With an increase in the number of sophisticated cyber-attacks using Steganographic techniques, the organizations are required to update their cyber security measures.

For more information on the use of steganography in cyber attacks, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Switching To An Encrypted Communication App

Encryption is the process of encoding information for preventing anyone other than the intended recipient from viewing it. It uses an algorithm known as a cipher to convert the information into a code that appears like random characters or symbols. This renders the information unreadable to anyone who does not have the decryption key. Same concept is applied to an encrypted communication app.

What Is An Encrypted Communication App?

An end-to-end encrypted communication app secures the messages being sent and makes sure the information is visible only to the end users – the sender and receiver.

Why Is It Important To Switch To An Encrypted Communication App?

As privacy has become an important consideration for organizations and individuals alike, securing the communications has gained leverage. Common reasons behind a leaked communication are:

  • Monitoring of communications by the app providers
  • Security breach by hackers/cyber criminals

A leaked communication text may cause damage to personal/organizational reputation by exposing personal/trade secrets. Additionally, communications may include the exchange of media files such as personal photos, videos, etc. Breach of these files may cause a serious threat to the parties involved.

How To Choose An Encrypted Communication App?

While it has been established that now is the time to switch to an encrypted communication app, a major question is how to choose a suitable app from the large pool of available communication apps.

In order to choose a suitable encrypted communication app, it is important to consider following points:

  • Encrypted Metadata: In the context of messaging, metadata includes information such as the sender’s phone number, recipient’s phone number, date and time of the message. This information may seem trivial, but it can be used to map with whom and when the individual communicates. So, choose a communication app that encrypts the metadata along with the body of the message.
  • In-App Encryption: Some communication apps do encrypt the messages being shared over the network but do not encrypt the messages stored on the device. This may cause a threat in case the device is stolen. Thus, it is important to confirm that all the messages are encrypted before being stored on the device prior to choosing a communication app.
  • Online Backups: It is a common practice to back up the communications on cloud (Google Drive, etc.) to combat situations like failed/stolen devices. However, in this case, the messages are protected by a single layer of security (mostly a password). So, consider a communication app that offers an alternate solution to secure the backup.
  • Security Analysis: In the case of closed source communication apps, it is practically impossible to review the code and see how well the encryption has been integrated. So, it is advisable to choose an open-source communication app that allows analysis of the security measures enforced by the app.
  • Security Settings: Choose a communication app that has security-focused settings such as ‘Self-destructing messages’ that disappear after a pre-selected time, ‘Screen Security’ that prevents anyone from taking a screenshot of the conversation, etc.

For more information on encrypted communication apps, contact Centex Technologies at (254) 213 – 4740.

, , ,

No Comments

Things To Know About Browser Security Headers

Browser security headers are HTTP response headers that define whether a set of security measures should be activated or deactivated on the web browser. They govern the way the browser behaves when communicating with the site. So, these security headers can be used to outline communication and improve web security.

Here are five security headers that need to be understood for securing a website:

  • HTTP Strict Transport Security (HSTS): A common practice of securing a website is to use a SSL/TLS certificate and migrate the website from HTTP to HTTPS. However, most website administrators forget that their website may still be available over HTTP connection. This issue can be overcome by employing HSTS. If HSTS is used for a website equipped with HTTPS, the server forces the browser to communicate over secure HTTPS only; thus, eliminating the possibility of the HTTP connection.
  • Content Security Policy (CSP): CSP can be used to protect the website against Cross Site Scripting and other code injection attacks. It does not rule out the chances of these attacks entirely but helps in minimizing the damage. It equips the website admin with the authority to restrict the resources that a user is allowed to load when using the site. Thus, the admin can white list the website’s content resources as per the security requirements.
  • Cross Site Scripting Protection (X-XSS): This header can be used to protect against Cross Site Scripting attacks. It prevents the page from loading if any cross site scripting is detected. XSS filter is enabled in browsers such as Chrome, IE, and Safari by default.
  • X-Frame-Options: This type of browser security header can be used for protection against ‘Clickjacking’ attacks. In case of such attacks, the user is made to click on a page under the pretension that he is on an official site. However, a hidden code is being run in the background. This may lead to loss of confidential user information. X-Frame-Options disable the iFrames present on the site preventing others from embedding any code in your content.
  • X-Content-Type-Options: MIME Sniffing is a common feature that is used to discover an asset’s file format. However, it can also be used to execute cross site scripting attacks. X-Content-Type-Options acts as a precaution against MIME Sniffing as it instructs the browser to follow the MIME type instructed in the header.

For more information on browser security headers and how to secure your portal, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Ways In Which Data Is Keeping Us Safer Amid The Coronavirus Crisis

PDF Version: Ways-In-Which-Data-Is-Keeping-Us-Safer-Amid-The-Coronavirus-Crisis

, ,

No Comments