Introduction Ransomware is a malware which encrypts all files on disk and prevents the users from accessing their system. It has become a raging epidemic and has impacted thousands of organizations all across the globe. The new generation of ransomware, such as Locky and Zepto are delivered via spam e-mails with the common aim to […]
Penetration Testing as per PCI DSS version 3.2 As per PCI DSS v3.2, Requirement 11.3 addresses penetration testing activity for organizations following PCI DSS compliance. The requirement is further divided into following sub requirements: Requirement 11.3.1: Conduct external penetration testing at least annually or after any significant change has occurred in organization’s environment Requirement 11.3.2: […]
One of the key security devices in a lot of organizations is an HSM – Hardware Security Module. All banks use it to store your debit card and credit card PINs. An HSM can be used to store any super-secret piece of information. Administration of the HSM is done via a custom client or CLI or directly […]
As per PCI DSS v3.2, Requirement 11.3 addresses penetration testing activity for organizations following PCI DSS compliance. The requirement is further divided into following sub requirements: Requirement 11.3.1: Conduct external penetration testing at least annually or after any significant change has occurred in organization’s environment Requirement 11.3.2: Conduct internal penetration testing at least annually or […]
Vendor Patches: Google Releases Security Update for Chrome Cisco Releases Security Update Oracle Releases Security Bulletin Apple Releases Multiple Security Updates Drupal Releases Security Advisory Security Breaches: Disney Playdom forums shut down following data breach Pokémon GO Creator’s Twitter Account Hacked North Korean hackers gain access to personal data of dozens of South Korean diplomats […]
If you are looking to navigate your way through the complexities of Big Data and its use in Security, here are some links to get you off the ground: Big Data Basics What is Big Data Which are the major technologies used for Big Data Hadoop (Apache’s open-source implementation of Google’s MapReduce algo) Elastic Search, […]
INTRODUCTION WhatsApp Messenger is an application used across various Mobile Platforms for instant messaging. It uses the internet to send and receive audios, videos, documents, location details, messages etc. WhatsApp saves all the message of user onto a database file in crypt form, which means no one could read anyone’s private messages. WhatsApp uses crypt2, […]
So here it is, PCI SSC has officially released the final version of PCI DSS v3.2 standard document. PCI DSS v3.1 will retire after six months from now and organizations are required to use PCI DSS v3.2 for assessments during this period. The newly added requirements will be considered best practices till 31st January 2018. […]
Spam-blasting malware infects thousands of Linux and FreeBSD servers. – Ars Technica, Apr 30, 2015. Mumblehard Malware: Linux-Based Spam Generator Went Unnoticed for Five Years. – Security Intelligence, May 5, 2015. One of the longest living email-spam botnets is dead. – The daily dot, Apr 7, 2016. Why is this malware so hyped? What […]
Introduction Device binding is commonly used in android application for tracking a user’s device and ensure accountability. Some android application developers use this device id binding technique to uniquely identify users. When an application offers the discount promo code for user’s benefits, application acquires device attribute to track users against that specific promo code. In […]
