Stealing Windows Credentials Using Google Chrome

It's only fair to share...Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pageShare on RedditShare on StumbleUpon

Acrobat Stealing Windows Credentials Using Google Chrome
Author/Researcher: Bosko Stankovic (bosko@defensecode.com)
Source: http://www.defensecode.com
Overview: Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to local area networks. One of the rare research involving attacks over the internet was recently presented by Jonathan Brossard and Hormazd Billimoria at the Black Hat security conference[1] [2] in 2015. However, there have been no publicly demonstrated SMB authentication related attacks on browsers other than Internet Explorer and Edge in the past decade. This paper describes an attack which can lead to Windows credentials theft, affecting the default configuration of the most popular browser in the world today, Google Chrome, as well as all Windows versions supporting it. Read More

The ‘Security by’ model approach

It's only fair to share...Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pageShare on RedditShare on StumbleUpon

Passionate about it! Intrigued by it! Confused by it! SaaS, RaaS, XaaS, what! what!, okay let me PaaS, oops meant pass! Unlike the as-aservice model that inherently loves prepending strange InfoTech words, I am going to talk about another model, that seems to enjoy appending weird random like words; the ‘Security by’ model! Don’t you just love it? Oops, I meant I.T! Security by Obscurity, Security by Isolation, Security by Default!; The ‘Security by’ model approach!

 

 

The ‘Security by’ model approach seems to share and rely on; 

Read more

Mitigating Ransomware attacks using McAfee VSE Access Protection Policies

It's only fair to share...Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pageShare on RedditShare on StumbleUpon

The image on the left is an awesome reminder of my first blog post. Ransomware really caught my attention to a point were, it ended up featuring as my first article. That being said, my reply to Gail’s comment really sealed the deal, to an extend were i just felt I had to revisit and unearth this post! My response read, “This is proof we are living in the “Cyber Crime Era!”. It’s sad but what makes it even more scary is, it’s happening and happening around the clock. I bet you this is just the tip of an iceberg….” Oh yes, spot on! I am no Fortune Teller, but all I can tell ya (replacement for you), is we are living in that era! Hmmm, some deadly rhymes ending with ‘aaaah!’ right?; but definitely not deadlier than the gist of the flow, Ransomware!!!! Hold on, besides my rhymes, I will not let you (Ransomware) intimidate me, because I have something to use to mitigate against you, 

Read more

MyBitSecure – Codename ‘D3m0’ Project

It's only fair to share...Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pageShare on RedditShare on StumbleUpon

By MyBitSecure –  March 13, 2017 – mybitsecure.com

Have you ever had a brilliant I.T Security idea, which you needed an expert to tailor-make for you but where hesitant to pursue because you felt that you might end up not liking the idea / product at a later stage, or because of your fear of the costs involved? Well, look no further, The MyBitSecure Team will not only built an awesome custom solution for you, but will make arrangements to initially give you the Hardware-based security solution as a Demo unit to test drive (at no costs) for at least two weeks before you make your final decision. Below is a list of MyBitSecure’s I.T Security solutions on Demo! Read More

Youth Pathways into Cybercrime

It's only fair to share...Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pageShare on RedditShare on StumbleUpon

Acrobat Youth Pathways into Cybercrime
Author: Research leads: Professor Mary Aiken, Professor Julia Davidson & Dr Philipp Amann
Source: http://www.mdx.ac.uk/
Overview: Many security and police professionals spend their time analysing the technical and mechanical aspects of cybercrime, dissecting malware and exploit tools, forensically analysing code and techniques. However, few actively focus on the social and psychological aspects: who for example is the attacker, what motivates them, and more importantly how and when did this deviant behaviour begin? Understanding the behavioural and developmental aspects of cybercriminality is becoming increasingly important, and underlies the necessity of a shift in focus from sanctions to deterrence and prevention. That being said, there is an urgent need to understand the pathways that lead some young people into cybercrime hence it is important for parents to be aware of their own youth’s online activity and risk. Read More