eCybersec Interview on TV Derana
1. WHAT IS ADVANCE PERSISTENT THREAT

Advanced – Multiple, sophisticated tools are used to attack the target. Attackers may employ bots, malware, spam, keystroke loggers, social engineering, etc.

Persistent – Guided, low and slow, attacks are used to attack their victim under the radar. Attackers are not simply looking for the lowest hanging fruit. There is a clear objective and time is taken to reach this. Because of the time and effort required for this type of attack it is generally thought that this type of attack requires groups with the capability and resources required such as a government or organized crime faction.

Threat – This part is rather self explanatory. As there is both capability and intent on the part of the attackers this becomes a serious threat

2. WHAT IS A MALWARE

Malware is any kind of software that compromises security (or performs other bad actions) on a user’s computer. Malware, as a general category, includes spyware, viruses, Trojan horses, and a host of other sometimes whimsical names for security compromising software.

3. WHAT IS A SPYWARE

Spyware is computer software that is generally surreptitiously installed on a computer in order to collect information from the computer’s user. Such information includes:

• Web sites visited
• Keys typed (including chat sessions and word processors)
• Other application data (including the other half of chat sessions and displayed email)
• File contents
• Search habits
• Camera images
• Sound received by the computer’s microphone

4. WHAT IS APPLICATION SECURITY
Application security encompasses measures taken throughout the application’s life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application.
5.WHAT ARE THE MAJOR WEB APPLICATIONS THREATS

Cross-site scripting – Injecting lines of JavaScript into web pages. If not defended against, a hacker can submit malicious code through the search bar, for example, or post it in a user comment.

Session Hijacking – Each unique user is assigned a “session” when they log in to a website. Session hijackers will jump into the session of another user, reading information as it passes between the user and t he server.

Parameter Manipulation – Websites often pass information from one web page to the next through URL parameters. For example, if you search on Google, your search terms will be passed to the results page through the URL. A hacker can take advantage of this fact to rewrite these parameters in harmful ways.

Buffer Overflow – A buffer is a small amount of space allotted to store data. If a buffer is overloaded, the extra data will overwrite data in other areas. Hackers have exploited this knowledge to overfill a buffer, than overwrite other data with their own malicious code.

Denial of Service – Denial of Service attacks are simple but effective. They operate by overwhelming a site with requests for information, severely slowing the operation of a website or bringing it down entirely.

SQL Injection – SQL injection works similarly to cross-site scripting; in this case, however, it is malicious SQL statements that are inserted into the site. These statements are intended to manipulate the database in some way – either accessing sensitive data, or deleting it entirely, causing major headaches for the owners.

6. WHY IS MOBILE SECURITY IMPORTANT?
Mobile devices are the fastest growing consumer technology, with worldwide unit sales expected to increase from 300 million in 2010, to 650 million in 20121. Mobile applications are likewise booming. In June 2011, for the first time ever people on average spent more time using mobile applications (81 minutes) than browsing the mobile web (74 minutes) While once limited to simple voice communication, the mobile device now enables us to also send text messages, access email, browse the Web, and even perform financial transactions. As mobile devices grow in popularity, so do the incentives for attackers. Mobile malware, for example, is clearly on the rise, as attackers experiment with new business models by targeting mobile phones. Recently over 250,000 Android users were compromised in an unprecedented mobile attack when they downloaded malicious software disguised as legitimate applications from the Android Market. The emergence of mobile payments is another key driver of mobile threats. The value of mobile payment transactions is projected to reach almost $630 billion by 2014, up from $170 billion in 20105. Vendors, retailers, merchants, content providers, mobile operators, and banks are all actively establishing new payment services. Mobile payments create an attractive target for attackers, as they allow direct monetization of attacks. In addition to financial information, mobile devices store tremendous amounts of personal and commercial data that may attract both targeted and mass-scale attacks.

7. WHAT ARE THE TOP 10 MOBILE RISKS

Insecure Data Storage
Weak Server Side Controls
Insufficient Transport Layer Protection
Client Side Injection
Poor Authorization and Authentication

Improper Session Handling
Security Decisions Via Untrusted Inputs
Side Channel Data Leakage
Broken Cryptography
Sensitive Information Disclosure

CONTACT US

Copyright © 2015 eCybersec Pvt Ltd. All rights Reserved.