Posts Tagged Cyber Security

Dictionary Attack: What Is It & How To Prevent It?

A dictionary attack is a type of identity breach where the hackers steal the password of the victim to gain access to personal or corporate information.

What Is A Dictionary Attack?

  • It is one of the cyber attacks where cyber criminals take advantage of the user’s habit of using common dictionary words as a password. Most internet users have a tendency to use simple or easy to remember words and phrases as their passwords.
  • In simpler words, it is an attempt to gain unauthorized access to a computer system or user account by using a large set of words to generate a potential password.
  • The traditional approach used by the hackers involved multiple attempts by making use of common words found in the dictionary. However, the attack has now evolved and the attackers make use of databases that include common dictionary words and passwords leaked in previous attacks to crack the password.
  • Some software are also available that help in cracking a password by using the password databases and producing common variations. In contrast to a brutal force attack, a dictionary attack tries only the password possibilities that are considered to be most likely to succeed.

Pre-Computed Dictionary Attack:

It involves pre-computing a list of hashes of common dictionary words these hashes are stored in a database. Once completed, the pre-computed database can then be used anytime to instantly lookup for the password hashes to crack the corresponding password. Although a lot of time is consumed in preparation, the actual attack can be executed faster than a simple dictionary attack.

Common Cracking Software Used In Dictionary Attack:

  • Burp Suite
  • Crack
  • Ophcrack
  • Cain and Abel
  • Aircrack-ng
  • John the Ripper
  • LophtCrack
  • Metasploit Project

How To Prevent A Dictionary Attack?

In order to prevent a dictionary attack, following steps can be helpful:

  • Change the security settings to lock the account after reaching a maximum number of authentication attempts.
  • Use multi-factor authentication to log in.
  • Use special characters and extra syllables in the password.
  • Use longer passwords.
  • Avoid reusing old passwords.

For more information on what is a dictionary attack and how to prevent it, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

5G & Data Security

PDF Version: 5G-and-Data-Security

, , ,

No Comments

How Are Attackers Targeting Organizations With Steganographic Techniques?

Steganography is the act of hiding secret information within an ordinary, non-secret file or message to avoid detection. The main strengths of steganography are its capacity to keep a message as secret as possible and hide a large amount of data. Cyber attackers are exploiting these strengths to target organizations by launching sophisticated attacks.

Cyber attacks employ steganography to embed malicious code in seemingly benign content to bypass an organization’s cyber security. The basic layout of a cyber attack using steganography is based on four concepts.

  • Social Engineering: When the user opens the compromised document, the malware code instructs the victim to enable content in the document.
  • Network Security Monitoring Evasion: Once the content is enabled, the document runs a PowerShell script to download a file with embedded malware. The file may be as simple as a popular image, a wallpaper, etc. and is stored on a remote server.
  • Manual Analysis Evasion: The attackers make use of obfuscated VB macros to decode the malicious content hidden within the pixels of these images and install the malware.
  • Persistence: The malware is designed to register scheduled tasks to enable the script to survive system reboots.

What Is PowerShell?

Microsoft introduced it as a scripting language and command line. It is now open-source and cross-platform enabling developers to use multiple languages and libraries for building applications for mobile, gaming, desktop, and IoT solutions. It is popular among cyber criminals for launching steganography attacks because:

  • It’s easy-to-use and versatile, providing access to all major OS functions.
  • It is used and trusted by many administrators, allowing PowerShell malware to blend in with benign activity on the network.

What Type Of Information Hidden Is Via Steganography By Cyber Criminals?

Cyber criminals can use the information hiding at different stages of a cyber attack depending upon the kind of information hidden.

  • Identities: Anonymization techniques are used to hide the identities of communicating parties.
  • Communication: Steganography is used to hide the fact that a conversation is taking place. It conceals the data packet flow by using traffic-type obfuscation methods.
  • Content: Cyber criminals may hide the content of data but not the transmission or presence of data itself.
  • Code: The structure of executable malicious code is hidden by binary code obfuscation and masquerading techniques.

With an increase in the number of sophisticated cyber-attacks using Steganographic techniques, the organizations are required to update their cyber security measures.

For more information on the use of steganography in cyber attacks, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Things To Know About Browser Security Headers

Browser security headers are HTTP response headers that define whether a set of security measures should be activated or deactivated on the web browser. They govern the way the browser behaves when communicating with the site. So, these security headers can be used to outline communication and improve web security.

Here are five security headers that need to be understood for securing a website:

  • HTTP Strict Transport Security (HSTS): A common practice of securing a website is to use a SSL/TLS certificate and migrate the website from HTTP to HTTPS. However, most website administrators forget that their website may still be available over HTTP connection. This issue can be overcome by employing HSTS. If HSTS is used for a website equipped with HTTPS, the server forces the browser to communicate over secure HTTPS only; thus, eliminating the possibility of the HTTP connection.
  • Content Security Policy (CSP): CSP can be used to protect the website against Cross Site Scripting and other code injection attacks. It does not rule out the chances of these attacks entirely but helps in minimizing the damage. It equips the website admin with the authority to restrict the resources that a user is allowed to load when using the site. Thus, the admin can white list the website’s content resources as per the security requirements.
  • Cross Site Scripting Protection (X-XSS): This header can be used to protect against Cross Site Scripting attacks. It prevents the page from loading if any cross site scripting is detected. XSS filter is enabled in browsers such as Chrome, IE, and Safari by default.
  • X-Frame-Options: This type of browser security header can be used for protection against ‘Clickjacking’ attacks. In case of such attacks, the user is made to click on a page under the pretension that he is on an official site. However, a hidden code is being run in the background. This may lead to loss of confidential user information. X-Frame-Options disable the iFrames present on the site preventing others from embedding any code in your content.
  • X-Content-Type-Options: MIME Sniffing is a common feature that is used to discover an asset’s file format. However, it can also be used to execute cross site scripting attacks. X-Content-Type-Options acts as a precaution against MIME Sniffing as it instructs the browser to follow the MIME type instructed in the header.

For more information on browser security headers and how to secure your portal, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

5 Reasons For Increased Cyber Security Threats During COVID-19

While the world is busy fighting against COVID-19, there is a section of cyber criminals who are exploiting the situation for lucrative benefits. They are taking advantage of the efforts made by organizations to sustain their operations during this pandemic. The cyber security attacks include phishing attacks, data breach, ransom, etc.

In order to defend your organization against cyber security threats during COVID-19, it is first important to understand the reasons that have resulted in an increase in cyber-attacks. Following are the 5 top reasons:

  • The foremost reason is that the employees are working from their home networks and their personal devices. These networks and devices are usually not updated with latest antivirus or operating system versions. The lack of a properly patched and protected system results in vulnerabilities leading to easy access for hackers.
  • The second reason that has led to an increase in the number of the cyber-attacks is the flow of organizational data. When employees work from their homes, sensitive organizational data travels outside the secure network of the organization. Additionally, while working with this data, employees tend to save it on their personal devices. This allows for easy data theft.
  • The third reason is that employees need to access the organization’s network to complete their work. This remote access may be insecure. Some organizations have already established a VPN for remote access. But again all the employees are not trained to install or use a VPN. Such untrained personnel pose a cyber-security threat when they access the organization’s network. On the contrary, there are some organizations that do not have a VPN setup for remote access. This may cause a cyber-threat of greater magnitude.
  • Fourth reason that has caused a rise in the number of cyber-attacks is an organization’s requirement to keep the employees involved and informed. The regular team meetings that were conducted to discuss the team operations have been replaced by online meetings. Organizations are making use of conference video calls or unique apps like ‘Zoom’ to conduct these meetings. The shift has been hasty and not all the involved employees are aware of how to use these apps securely. Insecure logins, poorly managed user credentials and login via an insecure network are some factors that have led to cyber-attacks such as video call hacking.
  • Fifth reason accounts for unauthorized access to an organization’s funds. The underlying reason is the need of the time to do things differently. A simple example of such an attack is that an employee receives an email from a fake account created on behalf of senior personnel in the organization. The email may instruct the employee to transfer funds to an account in lieu of some organizational purchase. Since employees may not be able to validate such emails, they may end up transferring funds to the hacker’s accounts.

In order to prevent such attacks, the organizations need to educate the employees to update their systems, download antivirus updates, secure their login details, use secure VPN to access the organization’s network and be aware of fake emails.

For more information on cyber security threats during COVID-19, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments