Pages

Wednesday, September 6, 2017

INPAGE ZERO DAY USED IN ATTACKS AGAINST BANKS

A zero-day vulnerability in InPage publishing software used primarily in Urdu, Pashto and Arabic-speaking nations has been publicly exploited in attacks against financial institutions and government agencies in the region.
Kaspersky Lab said it’s possible a number of criminal or nation-state actors are using this exploit since it has recorded several different attacks against banks in Asia and Africa, as well as others targeting government agencies. The exploit is spreading via phishing campaigns, and was discovered during a separate investigation in September.

Probable Root cause

The parser in the software’s main module ‘inpage.exe’ contains a vulnerability when parsing certain fields. By carefully setting such a field in the document, an attacker can control the instruction flow and achieve code execution.
The shell code found in the document first looks for certain patterns in virtual memory space before launching a decoder that obtains an instruction pointer and decrypts the next stage of the attack. At that point, a downloader grabs and executes the payload.
At this moment, there is not any fix to the problem since the developers haven’t fixed the bug.
-->
Published @ https://threatpost.com/inpage-zero-day-used-in-attacks-against-banks/122112/

Also Refer:

https://www.linkedin.com/pulse/inpage-zero-day-used-attacks-against-banks-pradeep-m-s-?published=t

https://www.linkedin.com/in/pradeep-m-s-699a2522/detail/recent-activity/shares/
Posted by at No comments:

Monday, August 28, 2017

How Cyber Attack Works?

Posted by at 1 comment:

Wednesday, August 23, 2017

Vishing Attack

Vishing Attack
Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into revealing critical financial or personal information to unauthorized entities. Vishing works like phishing but does not always occur over the Internet and is carried out using voice technology. A vishing attack can be conducted by voice email, VoIP (voice over IP), or landline or cellular telephone.
Probable Root cause:
·      Vishing attacks usually have a recorded message that tells users to call a toll-free number. Attackers use a technique called caller ID spoofing to make it look like calls are coming from a legitimate or known phone number.
·      It's a very similar technique to email spoofing, which makes e-mail addresses look like they are coming from a trusted source. But because people typically trust the phone service and caller ID, spoofing phone numbers can be particularly damaging.
 Probable Recommendations:
Consumers can protect themselves by suspecting any unsolicited message that suggests they are targets of illegal activity, no matter what the medium or apparent source. Rather than calling a number given in any unsolicited message, a consumer should directly call the institution named, using a number that is known to be valid, to verify all recent activity and to ensure that the account information has not been tampered.
Also Refer:
https://www.linkedin.com/pulse/vishing-attack-pradeep-m-s-?published=t


https://www.linkedin.com/in/pradeep-m-s-699a2522/detail/recent-activity/shares/
-->

Posted by at No comments:
Subscribe to: Posts (Atom)