Android vulnerabilities (Part-1)

The android operating system

Android is an open source Linux based operating system for mobile devices (specifically smartphones, tablets and computers). It was developed by open handset alliance lead by Google and some other companies. Android operating system is linux based and it can be programmed in C/C++ whereas most of the application development is done in java. Java access to C libraries via JNI (Java Native Interface).

The iPhone operating system

Apple Inc. developed iOS. It was originally released in 2007 for iPhone, iPod Touch and Apple TV. Apple's Mobile version of the OS X operating system used in Apple computers is iOS. BSD( Berkeley Software Distribution) is Unix based and can be programmed in Objective C and Swift languages.

Free cyber security tools that can be utilized by startups

Investment in security is major challenge either it is online or on hardware. The available solutions are not cost effective. But do not be disheartened, as there are freewares which startups can utilize.

1. IT security- Soteria: This include reputation monitoring, phishing detection and take down, endpoint complaince monitoring and protection.

2. VPN- cyberghost: This uses 256 bit AES encryption algorithm means military upgrade.

3. Software update automation-Heimdal: Heimdal promises to automate software updates and eliminate vulnerabilities that are used in cyber attacks. It also allows to install new apps safely.

4. Customized, professional training- Cybrary: The courses include understand cloud computing, protection of information assets, manage a network infrastructure and develop a security strategy.

Wannacry ransomware was stopped just by Rs.686

The ransomware which hit 100,000 computers worldwide mainly in Asia,Europe and United States. This ransomware which hit many hospitals,institutions and government agencies demanded 300$-600$ as per economics times. The ransomware came in the form of malware which had attachments upon when clicked encrypted the data and asked for ransom. The cyber security analyst who is a researcher slowed down the attack by registering the domain which malware was trying to connect. This took Rs.686 as per Indian currency to register the domain. The loss has not been known yet. It will be disclosed till monday. Many systems with Microsoft Windows were affected just because they were not updated. The experts say that if the ransomware needs to be avoided then proper updates, backups of data and not clicking the attachments mechanisms should be followed.

Military cadets fought with NSA in mock cyber war

The National Security Agency has been testing the military cadets since 2000 by hacking servers and kept an eye on their classrooms for an entire week. The various Academies participated such as Naval Academy, the Military Academy, the Coast Guard Academy and Royal Military college to find out who can fend off NSA's cyber attacks. Red team and blue team were formed. The teams were restricted in night to perform any task. They made a Grey cell to make the task harder. The politician would come with the laptop with a virus. The team had to clean the device, remove any malware before Grey Cell connects to the server.

Four important questions to be asked by businesses about cyber security attacks

The senior director, Peter Tran of advanced defense for RSA, provided the answers to these four questions related to cyber security attacks.

1) Are all hacks created equal?
Ans. It all depends upon how we take the word as equal. Hackers don't follow any standard.

2) Why are some attacks popular?
Ans. The attacks which involves the credit cards, the money involvement are popular though some of the attacks which are nation state attacks are also covered.

3) Do we actually need to know who hacked us?
Ans. Yes, but only if the business can prove a net profit by proving attribution.

4) What steps need to be taken?
Ans. As starters, we need to use VIX to determine the potential vulnerability of our data. 

Patients records leaked at New York hospital

Thousands of medical records were exposed by the attackers in one of the hospitals in New York. The leak was caused by a misconfigured backup server by the company which was responsible for using records management technology. It is unclear since how long the records were exposed. The records related to patient's mental health, mental diagnoses, HIV statuses, sexual assaults and domestic violence were exposed. Other information including names, home addresses, addiction histories and religious affiliations were exposed. The leak was discovered in early May during a routine sweep of internet using Shodan which is a search engine for networked devices.

Think like a bad guy!!

Cyber security is growing concern. We tend to improve the security but on what basis? Do we ever use the updated or recent tools or even think of making a new one to deal with the attacks?

Cyber war is in trend. Black hat hackers search for vulnerabilities and find the loopholes to track the information. If we start thinking like bad guys, work to find vulnerabilities and perform penetration testing for our organization then we can really build a strong algorithm to improve security.

A way to store information on a single atom..

IBM scientists have found a way to store information on a single atom. In the experiment which they performed was atoms of holmium were placed on magnesium oxide which gave them magnetic properties that scientists came to a conclusions that this mimics a hard drive's magnetic disk.

Acceptance of terms and conditions!!

We often download so many applications from Google Play Store and the first pop-up comes of asking to get the access to the contact details and all relevant information regarding the data in the phone for downloading the app. But how far is this safe?

In a layman language we don't know what harm it can do. So, in order to secure our phone and the apps inside it, better to download the apps from renowned companies so that any virus or malwares can be avoided.

Suggestions(People you may know)

Have you ever come across suggestions in your Facebook account? I think yes almost all the time. Why do we get these suggestions? Because we have mutual friends but this is not enough. We have some information in common those set of people. This information can be used by hackers to hack any of the user accounts.

Facebook marketplace

Oct 04,2016

Security warnings regarding Facebook  marketplace where the user can sell his house. But this marketplace can be used by criminals to auction stolen goods. These might be fake wherein they may ask for handsome amount for the house picture they posted.

Virtual friendship is risky!!

Feb 19,2016

Virtual Friendship comes with privacy risks and campaigners warn the users to fraud risks. The survey was conducted for 2000 people where they found 79% who maintained their friendship even without social media and 72% believed that online networks have strengthened their friendship with people.

And 80% of people are not aware that sharing information over services are not transparent.

Apple embroiled with US authorities when it refused an FBI request for encryption algorithm. So, under investigatory powers bill,UK government could make similar orders to equipment manufacturers like Apple, Facebook or Whatsapp in total secrecy.