Replicate Real world Security Vulnerabilities with HackerOne Sandboxes for free



Popular bug bounty platform HackerOne is know to help the community in learning new skills and helping beginners get started. They already have Hacker101 where one can learn about security for free. Recently HackerOne tied up with cyber security training company HackEDU and offered five sandbox environment modeled after popular security bugs reported through their platform.

Its a very good step by them as most of the time when we are learning we don't get something like this and always trying things in live websites is a risk.

All the five hackboxes that they developed is very interactive and they guide you throughout.

Here are the five hackboxes

1. Worm Clickjacking in Twitter


This hackbox replicate a wormable clickjacking attack via playcards which was reported in May 2018 to twitter. You can access it here.

2. XXE flaw in Semrush



This attack challenges users to reproduce XML external Entity that could be exploited to at read arbitrary files from a server. This flaw was reported to SEMrush in March 2018. You can access it here.

3. Command Injection attack in Imgur



The third hackbox is for trying to get control of a server by using command injection attack. The real vulnerability was discovered in Imgur and reported in April 2017.

4. SQL Injection Grabtaxi



This flaw is about about a SQL injection that was discovered in Grabtaxi back in November 2017.

5. XSS in HackerOne



The final hackbox is about a Cross site scripting issue in a third party component used by hackerone to manage contact forms which was disclosed in August 2017.

The main purpose of these demos is to provide a safe and legal way to practice real case hacking techniques and best part is that it comes with explanations on how each bugs works and also they guide the uses in exploiting it.

Freelancers in Fiverr and Freelancer.com are baited with job offers to download malwares



Freelancer.com and Fiverr are two of the most popular freelancer platform in the internet. Thousands of people visit the website to get job or get their work done. And wherever a lot of people gather, hackers make it their target. Cybercriminals are targeting freelancers in a new malware campaign sending malicious macros disguised as job offers.

Security researchers at MalwareHunter team have discovered a new piece of malware that is targeting freelancers.



In one example, the threat actors sent an email asking the intended victim to check the attached document and then get back to them with a “cost and time frame,” while in another example the threat actor sent over a document entitled “My details.doc,” which also contained malware.

Once clicked, The recipient is asked to enable macros which work as malware dropper. MalwareHunterTeam has urged users to refrain from enabling macros and keep their anti-virus software activated once digging into new files. For instance, one of the victims who had their anti-virus software enabled was able to detect the malicious document.

Here is how Gentoo Linux Github Account was hacked



If you are someone who are read lot of infosec news then i'm sure you must have heard of how Popular linux distribution Gentoo Linux official github account was hacked last week . After the account was hacked, hacker changed some codes and added some malicious scripts in it that delete’s all the user files.

Gentoo is a free operating system with Pre compiled binaries and it is an ideal secure server for development workstation, professional desktop, gaming system, embedded solution.

The incident took place on 28 June at approximately 20:20 UTC and Gentoo regained control by 2018-06-28 23:10 UTC.

According to gentoo, the hack has not affected the code hosted on the the gentoo infrastructure and the code hosted in github is just a mirror . Gentoo.org was not compromised.

How they got hacked ?


Gentoo developers have revealed that the attackers were able to gain administrative privileges for its github account after guessing the account password. Its 2018 and i don't know why organisations like Gentoo does not use 2 factor authentication.

The organisation could have been saved if it was using a two-factor authentication, which requires an additional passcode besides the password in order to gain access to the account.

Steps taken to improve future attacks


After this incident, gentoo took the following steps to protect themselves from future attacks :


  • Making frequent backups of its GitHub Organization.
  • Enabling two-factor authentication by default in Gentoo's GitHub Organization, which will eventually come to all users the project's repositories.
  • Working on an incident response plan, particularly for sharing information about a security incident with users.
  • Tightening up procedures around credential revocation.
  • Reducing the number of users with elevated privileges, auditing logins, and publishing password policies that mandate password managers.
  • Introducing support for hardware-based 2FA for Gentoo developers




PoC Code published for instant Blue Screen of Death [ Flaw unfixed ]



If you are a windows user than I'm sure you are familiar with blue screen of death. A Romanian hardware expert has published a proof-of-concept code that crashes most of the Windows computer within seconds. , even if the computer is in a lock state.

This interesting code exploits a vulnerability in Microsoft's handling of NTFS filesystem images and was discovered by Marius Tivadar, a security researcher with Bitdefender.

Affected Systems


1. Windows 7 Enterprise
2. Windows 10 Pro
3. Windows 10 Enterprise

The researcher only tested on the above mentioned system so there is a high chance that other systems too are affected by it.

What exactly is the flaw ?


The  PoC contains a malformed NTFS image that users can take and place it on a USB thumb drive. Inserting this USB thumb drive in a Windows computer crashes the system within seconds, resulting in a Blue Screen of Death (BSOD).

"Auto-play is activated by default," Tivadar wrote in a PDF document detailing the bug and its impact.

"Even with auto-play [is] disabled, [the] system will crash when the file is accessed. This can be done for [example,] when Windows Defender scans the USB stick, or any other tool opening it."

Microsoft declined to fix !


Yes you read it right, Microsoft declined to fix the flaw stating that it requires physical access / social engineering. Tivadar contacted Microsoft about the issue in July 2017, but published the PoC code today after the OS maker declined to classify the issue as a security bug. What makes it more dangerous is that it works even when the PC is locked. So imagine the situation when you lock your system and so somewhere hoping no one can access or cause any damage to your PC, someone can come and plug their pendrive and crash your system completely.

"I strongly believe that this behavior should be changed, [and] no USB stick/volume should be mounted when the system is locked," the researcher said. "Generally speaking, no driver should be loaded, no code should get executed when the system is locked and external peripherals are inserted into the machine."


Online stored based on Magento hacked to steal card data, run cryptojacking scripts



Security researchers have identified 1000+ magento sites that have been hacked by hackers and infected them with malicious scripts which can be used to steal credit card data, deliver malware or run crypto mining scripts.

"The Magento sites are being compromised through brute-force attacks using common and known default Magento credentials," Flashpoint researchers say.

How the hacking took place ?

When users install magento they get a default credentials and in most of the cases brute force attack was sued to compromise the sites. Once attackers gain access to these sites, researchers say they've observed three main patterns of malicious activities.

The most common practice is to insert malicious code in Magento core files, code that logs payment card information entered inside the checkout process. Such malware is named a card scraper, and users should expect to find one on any e-commerce store that looks to have missed a few updates.

Second, attackers also deploy cryptojacking scripts that mine Monero on the computers of store visitors, a practice that has become quite common these days, across all sites, not just Magento stores.

Last but not least, hackers also use these compromised Magento stores to redirect some of the infected sites' visitors to malicious sites that attempt to trick users into downloading and installing malware on their computers. According to cases investigated by Flashpoint researchers, the most prevalent tactic was to redirect users to sites offering phony Adobe Flash Player update packages, which would infect users with the AZORult infostealers.





3 Interesting Ways Screen Recording Can Be Used



Simply put screen recording will allow you to record videos that consist of whatever may be on your screen. More often than not they are associated with video guides, tutorials, or demonstrations involving digital products – but there are a lot of other interesting ways in which they can be used as well.

If you want to explore the potential of screen recording, here are a few things that you should start with:

  • ‘Download’ online streaming videos
Nowadays online streaming videos are practically everywhere from social media to websites, video sharing platform, and even video-on-demand services. Very few platforms provide a way for their videos to be ‘downloaded’ however, which means that you need to be online to watch them and can’t transfer the videos to other devices. By using screen recording, you can record any online streaming videos from your screen – then save it and do with it as you please.

  • Save video calls
Between Skype, Facebook Messenger, Google Hangouts and other platforms, video calling has grown in popularity. Unfortunately most platforms don’t let you ‘save’ your calls – so you can’t refer to them or use their content once the call is done. If you record the call while it is on your screen however, you can save it – which can be extremely useful particularly if you conduct business meetings over video calls.

  • Record live or temporary content
Two of the most popular new types of content to appear online are ‘live’ video streams as well as temporary content that vanishes after a fixed duration (normally 24 hours or less). Being able to record your screen will give you the means to record that content, so you don’t miss out and can save it to watch at any point.

If you would like to use screen recording in any of the ways listed above, you should try using Movavi Screen Recorder. Because it will let you record any videos that you want from your screen, allowing you to effectively ‘download’ online streaming videos, save video calls or record live or temporary content.

Although at first you might feel that learning how to download movies from Netflix or using Movavi Screen Recorder to perform any of the other tasks listed above is complicated, nothing could be further from the truth. Even if you’ve never used it or any other screen recorder in the past, you should be able to set up and start recording your movie in just a couple of minutes.

Not only should you be able to set it up Movavi Screen Recorder easily, but the fact of the matter is you can use its features to fully adjust the recording parameters – which will open up even more possibilities. In short you should definitely try it out and see for yourself how it can be used.


Top Five Budget Laptops Under Rs 25,000


Nowadays, peoples are the moving their interest from outdated desktop computers to elite modern laptops, due to the easiness and flexibility. There are numerous laptop devices available, but if you have a tight budget and only want to invest less than ₹25,000 INR, then you are at the right place.

Here, we are going to light up some of the newest top rated, most reviewed budget laptops which you can buy under ₹25,000 INR.

1. Lenovo Ideapad 320-15AST



With marvelous thin design, Lenovo Ideapad 320-15AST is an incredible product which is lightweight and comes out of the box with elite features. The product offers you more than it’s worth, thanks to the 7th generation processor.

Price – ₹23,500 INR

Salient Specs

Processor
AMD E2-9000 Radeon R2, 7th Generation, 1.8 GHz
RAM
4-GB DDR4 (SDRAM)
Hard Drive
1 TB eSATA
Graphics Card
Integrated On-Board Graphics AMD Radeon R2 Graphic
Display
15.6 Inches, 1366x768 pixel
Wireless Type
802.11 ac
Ports
1xUSB 3.0 Type A, 1xUSB 3.0 Type C, 1xUSB 2.0, 1xEthernet, 1x Card Reader
Operating System
Windows 10 Home
Weight
2.4kg
Battery
2-Cell Battery (Non-removable)



2. Asus X541NA-GO121T



With elegant matte finish and incredible sound quality, Asus X541NA-GO121T has recently launched a charming device in this price range. The device powered with Intel Pentium processor, which has an impressive clock speed of 2.66 GHz. It also offers a dedicated 2GB cache memory to run your whole experience delight and smooth.

Price – ₹24,199 INR

Salient Specs

Processor
Intel Pentium Quad-Core N4200 Processor, 2.66 GHz
RAM
4-GB DDR3 (SDRAM)
Hard Drive
1 TB eSATA
Graphics Card
Integrated On-Board Graphics AMD Radeon R2 Graphic
Display
15.6 Inches, 1366x768 pixel
Wireless Type
802.11 ac
Ports
1xUSB 3.0 Type A, 1xUSB 3.0 Type C, 1xUSB 2.0, 1xHDMI, 1xEthernet, 1x Card Reader
Operating System
Windows 10 Pro or Home
Weight
2kg
Battery
3-Cell Battery


3. ACER E5-573-C7CD NX.MVHSI.049



With texture metallic finish impressive design, ACER E5-573 is an outstanding laptop with a powerful Dual Core Celeron Processor. The device offers many enhanced features with future-ready technology and available in vivid color options.

Price – ₹23,240 INR

Salient Specs

Processor
Intel Celeron Dual-core 2957U, 1.4 GHz
RAM
4-GB DDR3 (SDRAM)
Hard Drive
500 GB SATA
Graphics Card
Intel HD-Graphics, DDR3L Shared graphics memory
Display
15.6 Inches, 1366x768 pixel, ComfyView
Wireless Type
802.11 ac
Ports
1xUSB 3.0 Type A, 1xUSB 3.0 Type C, 1xUSB 2.0, 1xHDMI, 1xEthernet, 1x SD Card Reader
Operating System
Windows 10 Home
Weight
2.4kg
Battery
4-cell 2520 mAh Li-ion


4. HP 245 G6 NOTEBOOK PC



With 7th generation elite processor, HP 245 G6 Notebook PC is one of the top class devices available in this limited price range. Its processor is set to an incredible high clock speed of 3 GHz. It comes out of the box with Windows 10 Pro 64 bit, which you can replace with any OS of your choice.

Price – ₹24,000 INR

Salient Specs

Processor
7th Gen AMD A9-9420, 3.0GHz
RAM
4-GB DDR4
Hard Drive
1 TB SATA 5400 RPM
Graphics Card
Intel HD-Graphics, DDR3L Shared graphics memory
Display
14 Inches, HD Screen
Wireless Type
802.11 ac
Ports
1xUSB 2.0, 1xUSB 3.0 Type A, 1xUSB 3.0 Type C, 1xHDMI, 1xEthernet, 1x SD Card Reader
Operating System
Windows 10 Pro 64 bit
Weight
2.6kg
Battery
HP 3-cell battery, 31 Whr Li-ion


5. Fujitsu A555 Lifebook Notebook



With the mind-blowing i3 processor and eye-catching specification, Fujitsu A555 Lifebook Notebook is a newly launched Japanese company product which offers high-end features in this budget-oriented laptop. The result of this laptop is quite interesting, and customers have given the positive review after using it and recommended this budget range laptop to others.

Price – ₹21,935 INR

Salient Specs

Processor
Intel Core TM i3-5005U, 2 GHz
RAM
4-GB DDR3 (SDRAM)
Hard Drive
1 TB ATA HDD
Graphics Card
Integrated Graphics
Display
15.6 Inches, 1366x768 pixels
Wireless Type
802.11 ac
Ports
1xUSB 3.0 Type A, 1xUSB 3.0 Type C, 1xUSB 2.0, 1xHDMI, 1xEthernet, 1x Card Reader
Operating System
DOS
Weight
3.4kg
Battery
2-cell battery

Conclusion


We have researched a lot and prepared the above list. Hopefully, the above top five budget laptop under ₹25,000 INR will be your main choice at the time of purchasing. The only thing you should remember at the time of buying a laptop is your requirement, and then only you should choose your dream laptop.

Google Patches KRACK Vulnerability in Android



Last month I wrote about how researchers broke wifi's most popular encryption leaving millions of devices prone to KRACK attack. KRACK is a serious flaw as it affects WPA2 protocol.


But I have a good news today . Tech Giant Google has published this month's Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month.

The Android Security Bulletin for November 2017 is split as three separate packages — 2017-11-01, 2017-11-05, and 2017-11-06. The KRACK fixes are included in the latter — 2017-11-06.

If your phone receives the update and the security patch level is 2017-11-06, the KRACK fixes are also included.

It is to note that Microsoft, which silently deployed KRACK fixes to Windows users without telling anyone, a month before the vulnerability became public.Apple released KRACK patches at the end of October, as part of iOS 11.1 & macOS High Sierra 10.13.1.

Google is infact the last major vendor to release the fix for KRACK Vulnerability. 

Details About The Attack


The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

Researcher breaks Wi-Fi's Most Popular Encryption



Its 2017 and i'm sure most of you use wifi to connect internet. Specially if you are from India then i'm sure you use Jio hotspot to all your devices to connect to internet . Well if you are among those then i have a bad news for you. WPA2 ( Wi-Fi Protected Access  II ) is the security protocol we use to secure our internet connections. But recently a researcher Mathy Vanhoef of imec-DistriNet, KU Leuven found a flaw by which he was able to break this security protocol.

What is the risk ?


You might be asking well thats great that he have found the flaw but how will it affect me ? Well imagine this. You are connect in your home wifi network and chatting with your best friend and your neighbor ( a hacker guy ) looking at conversation. Or may be you are creating an account in your favorite shopping site and your neighbor ( a hacker guy ) see your login credentials. Scary right ?

Details About the attack


The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk.

Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.

The details about the attack can be found in this website : https://www.krackattacks.com/

FAQ ( Taken from Krackattacks  )


Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.

Should I change my Wi-Fi password?

Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. After updating your router, you can optionally change the Wi-Fi password as an extra precaution.

I'm using WPA2 with only AES. That's also vulnerable?

Yes, that network configuration is also vulnerable. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP). So everyone should update their devices to prevent the attack!

Is my device vulnerable?

Probably. Any device that uses Wi-Fi is likely vulnerable. Contact your vendor for more information.

What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.