Auditing a Data Centre – Key points Data centres house the data, applications and access critical to the success of many businesses. Our data centre […]
Category: Cybersecurity
Risk Identification Process – Burning Challenges
Risk Identification Process – Burning Challenges Risk identification is one of the most important factor which decides the fate of Risk Management in an Enterprise […]
Latest Linux vulnerabilities will make you feel insecure
In last two years major security bugs have been found and patched which might had affected innumerous users and servers. On 28th October 2014, HD […]
Changes to ISO 27001: What’s new in the 2013 ISO 27001 update?
ISO 27001:2013 is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO […]
NIST Cybersecurity Framework v1.0 – Key Takeaways
The NIST cyber security Framework is a risk-based approach to managing cyber security risk, and is composed of three parts: The Framework Core, the Framework […]
Security 101-How Can You Protect Your Website from Hacking?
Did you know that over 9,500 websites are blacklisted every single day by the major search engines? This is because they are infected with malware and thus are no longer qualified to be searched or indexed. Sadly, most of these webmasters are unaware that their website is compromised by malware and suffer great losses. While you can request a blacklist removal later on, the damage has been done. Your best option is to protect your website ahead of time rather than risk such catastrophe. Let’s consider a few simple points to ward off invasion.
Samsung Galaxy SII and SIII: Prone to a New Security Vulnerability
Samsung Galaxy SII and SIII: Prone to a New Security Vulnerability
In a recent demonstration by a security researcher, it was found out that Samsung Galaxy SII and SIII smart phones were vulnerable to being remotely wiped off their memory. In this regard, for the owners of these devices the precursor is here, you may want to watch your ways, especially when opening internet links that you receive through QR, NFC or Push messages.
In a recent demonstration by a security researcher, it was found out that Samsung Galaxy SII and SIII smart phones were vulnerable to being remotely wiped off their memory. In this regard, for the owners of these devices the precursor is here, you may want to watch your ways, especially when opening internet links that you receive through QR, NFC or Push messages.A researcher in the Security in Communications department at Technical University Berlin, Ravi Borgaonkar, manifested this particular vulnerability at the Ekoparty security conference, Argentina. According to him, the manner in which the devices make use of Unstructured Supplementary Service Data leaves them conveniently open to exploitation through a single line of malicious code embedded in a web page. The Unstructured Supplementary Service Data (also USSD) is basically what is used to transmit messages between an application server and a phone.
How does that work?
The malicious code as discussed above can be made use of in order to trigger the factory reset for the Galaxy SIII device. If the code is embedded in a single frame it will automatically lead a factory reset that does not have to be initiated by the user. Nonetheless, merely browsing a website with the embedded code does not result in triggering the reset, rather opening it through NFC, WAP Push SMS or QR does. As soon as the website link in the message opens, the wipe is started.
The techie take
Some techie responded rather optimistically to the news and thought that the weakness would not do much damage. The underlying argument was that many hackers will not go into frenzy over wiping a few phones, considering many consumers use Cloud Backups with their devices and it will be an exercise in futility as the users will simply be able to reverse the oh-so clever move. Still, the concern was that is there anything more that can come out from this exploit, because if there is than not opening a link that you didn’t call for would be a better idea.
The company’s response
Following the entire kerfuffle over the issue, Samsung finally responded and claimed that the issue was resolved. A spokesperson from the South Korean company explained that the vulnerability was now patched but failed to mention when exactly was it fixed and which version of the software was secure for now.
All that was given out was an assurance to the consumers that the recently discovered security weakness concerning Galaxy SIII was patched through a software update, recommending all the users of this device to download the latest software update. It can be done simply and rapidly using the over the air service, according to the company.
While that might be a reason for Galaxy SIII owners to sleep well at nights, what about the ones with other smart phones, the SII inclusive. According to the rumors the problem stemmed out from the TouchWiz UI as opposed to merely the Galaxy SIII. Well, the company has not responded in this vein, so for now, the Galaxy SIII users who feel reassured can sleep well and others can, perhaps take pill or go on trying to dodge the bullets of this demon as they do Android spy apps, mobile spy software and the like.
Author Bio: James Clark has been in the business of providing quality information on cell phone monitoring for a while now. He's an expert at all things spyware, but his main forte is iPhone spyware which has captured the interest of many.
Reset any password in windows through windows key enterprise
Have you ever imagined, what will happen, if you would forget or compromised your login password in Windows O.S.?
There may be a situation when your friends or relatives may play prank with you and will change administrator password. What you will do then?
In short, if you are using Windows Operating Systems and want to get rid of forgotten/lost password or want to reset almost all the existing password at one go. Then “Windows Key Enterprise Edition is for you only.”
Here are the listed features of this particular software:
Just burn it into CD and you are done!
Features
- 100% recovery rate
- All passwords are reset instantly
- Windows 7 New!, Vista, Vista SP1 supported
- All Windows Workstations supported
- All Windows Servers supported, including Server 2008 (Windows Key Professional and Enterprise editions only) New!
- Resets passwords with a bootable CD-ROM
- Resets passwords with a bootable USB drive (Windows Key Professional and Enterprise editions only)
- Burns password reset CD
- Resets local Administrator passwords
- Resets Domain Administrator passwords (Windows Key Enterprise edition only)
- Resets local policy settings
- Resets secure boot options: startup password or startup key disk
- Displays account properties
- Supports all Service Packs
- Supports RAID/SCSI/SATA drives Updated!
Its latest version is: 10.3.2585 whose archived size is: 5.12 MB (8.2 MB approx in iso format). It’s a shareware software. So you need to pay to use its full version. You can try demo though.
Other versions are Windows Key Professional and Windows Key only which has limited features.
Image Source: http://www.lostpassword.com
Download its Torrent file form here
Internet Explorer is found vulnerable again
A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of a vulnerable system. This issue is caused by a use-after-free error within the “mshtml.dll” library when processing a web page referencing a CSS (Cascading Style Sheets) file that includes various “@import” rules, which could allow remote attackers to execute arbitrary code via a specially crafted web page.