For solutions to these and other problems please contact us at The-Techy.com

Why exfil your payload via ASCII? A picture is worth…

July 6, 2020 Leave a comment

Malwarebytes has discovered a new type of skimming attack where the booty is sent via an image!

The attackers hides the credit card skimmers in the metadata of icon files and then sends the sensitive info after the attack is successful, to the C2 via an image.

Talk about the need for ‘copy protection’?

As if hiding JavaScript in the copyright tag of the ico file isn’t ingenuous enough, they capture input field data, obfuscate it and place it in a image file to be uploaded so your Siem doesn’t even see it?

They have shared the details in a blog post if you want to learn more.
https://latesthackingnews.com/2020/07/06/attackers-hide-credit-card-skimmers-in-image-files-to-steal-data/

Categories: General Tags: , ,

Thinking of rooting your Android…think again

June 30, 2020 Leave a comment

While many of us have been home, wondering if this virus will go away as quickly as it came upon us, Google has been silently preparing for ‘Round 2’ in the phone wars.

SafetyNet is Android’s third party attestation API and if you want to install legit software from the Google Play Store, you already have it.

Getting ready to route out the last of the modified bootloaders, they have now rolled out a hardware backed detection method to ensure application developers can tell if your device is rooted. This allows high risk vendors like your banking app to prevent the application from running to help curb fraud. Read more about it here.

https://www.xda-developers.com/safetynet-hardware-attestation-hide-root-magisk/amp/

Categories: General

How to create a solid and secure Content Security Policy

June 26, 2020 Leave a comment

As a security professional who provides security guidance to small business (as well as big!), If you use web based services in your organization (and the chances are that you do and you may/may not know it), there is one thing that your web services need to implement…

https://www.uriports.com/blog/creating-a-content-security-policy-csp/

Categories: General

‘Star Trek: Strange New Worlds’ is about the only captain that predates Kirk

May 19, 2020 Leave a comment

In what looks even better that the Picard series, who doesn’t love Captain Pike?

https://mashable.com/article/star-trek-strange-new-worlds-who-is-christopher-pike/

Categories: General

Azure Sentinel Incidents KPIs | Managed Sentinel

May 12, 2020 Leave a comment

If you are looking to improve your security in Azure, I have a tip for you. The guys from Managed Sentinel have done a great job articulating the how and the why of security so well, I would even say that you will get some return on your Azure investment by following what these guys do.

https://www.managedsentinel.com/2020/05/10/sentinel-incidents-kpi/

Categories: General

GoDaddy Confirms Data Breach: What 19 Million Customers Need To Know

If you were like some of my customers, you probably had a GoDaddy account to manage certificates, websites and even email. It’s time to start using a password manager and use ‘throwaway’ passwords.

https://www.forbes.com/sites/daveywinder/2020/05/05/godaddy-confirms-data-breach-what-19-million-customers-need-to-know/

Categories: General

Hackers have breached 60 ad servers to load their own malicious ads | ZDNet

April 22, 2020 Leave a comment

Imagine running your web server for little or money and putting up with some ads (don’t look down, DON’T LOOK DOWN 🤓) only to find that one of the visitors to your site gets pwned because of an ad like one of these?

Sample ads that contained malware

https://www.zdnet.com/article/hackers-have-breached-60-ad-servers-to-load-their-own-malicious-ads/

Categories: General

Developers Network Behind Android Apps With 69M+ Installs Unveiled

April 20, 2020 Leave a comment

Ever wonder why someone would spend time creating software for your cellphone…for FREE? I mean most of us would install an app with ads enabled rather than pay for the software but these guys may have actually created software to steal your data. This post lists the group by name and you are advised to remove apps that have been created by any of this group.

https://latesthackingnews.com/2020/04/20/secret-network-of-27-app-developers-boasting-android-apps-with-over-69m-installs-unveiled/

Categories: General

Want to learn how to counter Mobile App Risks?

April 18, 2020 Leave a comment

In what seems like a comprehensive list of the OWASP Mobile top 10, this blog entry from AppSealing brings you a great article about what developers need to worry about to protect your mobile apps.

AppSealing is an app-wrapping approach to protecting your mobile application and is a great approach to solve many issues after you have developed your app. You can look at it as an emergency curbside tire inflation kit. Nice to have and not need than need and not have.

It might be better to find a cure instead of just treating the symptom. If you can, make use the risks identified in this blog to effect design changes to your app to avoid many of these vulnerabilities from occuring.

Review this post to become aware of the many issues that plague mobile developers.

https://www.appsealing.com/owasp-mobile-top-10-a-comprehensive-guide-for-mobile-developers-to-counter-risks/

Categories: General

Great news for all you iOS hackers!

April 12, 2020 Leave a comment

You can now sideload unverified apps on iOS without Jailbreak or revokes. Anyone who thought that iOS was more secure than Android is going to learn the hard way. MDM rules are going to need to really clamp down on malicious apps.

https://www.notebookcheck.net/You-can-now-sideload-unverified-apps-on-iOS-without-Jailbreak-or-revokes.461039.0.html

Categories: General