Software Engineer Training

Have fun learning the skills to make big bucks!

You Might Also Like…

What is goog-malware-shavar?

by Leave a Comment

phishingEngineers,

If you happen to look at your firewall logs or perhaps browse your web-traffic with a tool like Fiddler or any other program that logs HTTP information, then you may see some things that sound pretty nasty…

… one of those pretty nasty sounding things is “goog-malware-shavar.”

In particular, the “malware” part of the name is a little worrisome…

But, this is in fact one of those cases where somebody just has a very bad taste in names.

… “goog-malware-shavar” is actually Google’s anti-phishing API.

Why they didn’t use a name like, “goog-anti-phishing” is a good question…

Google uses “goog-malware-shavar” to identify malware, specifically phishing. Google provides data for the anti-phishing feature implemented in Firefox and Google Desktop. These clients get their blacklist and whitelist data using an “update protocol”.

The protocol supports many different blacklists or whitelists.

List names are in the form “provider-type-format”, e.g. “goog-phish-shavar”.

Each item in a list will represent an expression that will match a malicious URL, but the exact format depends on the list type and how the content is used is application-specific.

For the “shavar” list format, hash prefixes are used to reduce bandwidth. A hash prefix is some number of the most significant bytes of a full-length, 256-bit hash.

So, when you see the goog-malware-shavar entry what follows is information relating to the anti-phishing built into the Firefox and Chrome browsers and/or the Google Toolbar.

If that didn’t make sense, whatever. Just know that “goog-malware-shavar” is not evil. It’s not a virus. It’s not malware.

It’s cool bro.

3 Reasons Why Document Security is Essential for Your Business

by Leave a Comment

drm document securityEngineers,

In the recent era of digitization, the potential for security breaches has grown manifold.  Most businesses have several security measures in place like firewalls, anti-malware software, and many others to prohibit the infiltration of their IT infrastructure by intruders, but they have ignored the possibility of internal security breaches, particularly breaches related to document security.

According to a survey carried out by the Ponemon Institute, an independent research firm, 90 percent of the respondent organizations based in the U.S. experienced leakage of confidential documents during the 12 months before the survey. A further, 59 percent revealed their controls are not effective enough at monitoring employees. In another survey conducted by ComputerScope and Ricoh, 85 percent of the respondents in Ireland admit security implications are one of their major IT concerns.

This shows that document security is an important concern. Regardless of format, whether analog or digital, business data and proprietary information needs to be secured in order to safeguard the interests of the business. This article explains why document security should not be ignored.

So, let’s start.

Restricts Unauthorized Access

According to a recent audit done at California Pacific Medical Center, an internal employee with CPMC accessed the records of 844 patients between October 2013 and October 2014 without any official purpose or authorization. The information types accessed vary among patient demographics, the last four digits of Social Security numbers, and clinical information.

That’s a troubling number. CPMC is not the only organization that faced such a breach. Many similar examples across several industries have been reported recently, such as the AT&T customer data breach and the BBC Investigation breach.

These are perfect examples to understand why document security is highly important for any business. However, with document security software that provides a user-based access system, businesses can easily avoid these breaches. Documents can be locked to specific users and to their devices, restrictions on sharing and distribution can be enabled, and moreover, location-based access can be allowed or prevented.

Prevents Duplication and Unauthorized Sharing

Last year the Australian immigration department faced a major data breach when one of its employees copied and pasted a chart from MS Excel into a Word document, which led to the leakage of information of more than 9,000 asylum seekers.  Although the reason stated was accidental, that doesn’t change the impact.

Implementing copy-protection software can easily nullify such occurrences.  In addition to preventing data from being copied, it can prohibit unauthorized document sharing and piracy.  Document security software can also provide functionality such as an expire and revoke document feature, enabling a business to set an expiration date for a document or revoke it at any stage irrespective of the file location.

Offers Better Control

Having a document security software solution not only ensures better security, but it also offers better control of monitoring.  We’ve already discussed user-access authorization, and along with that, document security software provides an opportunity to set usage instructions such as the number of times an authorized user is permitted to print documents. It can also enable you to change access controls even after distribution.

Another advantage it offers is the ability to oversee all types of users within an organization.  Even when documents are 100 percent secure from inappropriate employee use or access (acess control), the data is still vulnerable to employees in controlling positions like database administrators and system managers.  Document security software can help with this by providing an audit log that stores all the information regarding whether someone tried tampering with the data, making unauthorized changes, who used it, and other vital information.

So, when do you plan to implement document security in your organization?  Are there any other points you would like to add?  Please feel free to share your comments and thanks for reading!

Hacking Exposed 7: Network Security Secrets and Solutions

by Leave a Comment

Software Engineers,

Hacking Exposed 7 is a great book detailing the latest tactics for thwarting digital attack.

Zero-day attacks, advanced persistent threats, state-sponsored attacks, and the rapidly growing organized cyber-crime industry are the new realities all software engineers must consider when designing secure systems.

If your system is not designed with security requirements in mind, you will be compromised and there may be serious repercussions to your business.

Just consider some of the following news stories from the last few months:

Cybercriminals are overwhelmingly using legitimate compromised websites to launch web/email attacks…85 per cent of malicious links used in web/email attacks were located on compromised legitimate websites…. The global criminal-infrastructure-as-a-service economy is growing due to high-availability of exploit kits and redirection chains. [source]

Attackers are exploiting a newly discovered vulnerability in Microsoft Word that makes it possible to remotely seize control of computers… The in-the-wild attacks work by creating booby-trapped documents in the Rich Text Format that exploit a vulnerability in the 2010 version of Microsoft Word. Similar attacks work against other versions of Word, including 2003, 2007, and 2013 for Windows, Microsoft Office for Mac 2011, and multiple versions of Microsoft SharePoint Server. E-mails that are viewed or previewed using a default setting in Outlook allow the attacker to gain the same system privileges as the user who is currently logged in… [source]

A new Internet Explorer zero-day exploit that targets IE 10 users visiting a compromised website–a classic drive-by download attack. Upon successful exploitation, this zero-day attack will download a XOR encoded payload from a remote server, decode and execute it… Dubbed “Operation SnowMan.” [source]

“Adobe rushed out an unscheduled Flash Player update to counter exploits of a zero-day vulnerability in the software, CVE-2014-0502… The exploit targets Windows XP users, as well as Windows 7 users running an unsupported version of Java (1.6) or out of date versions of Microsoft Office 2007 or 2010. The vulnerability enables someone to remotely overwrite the vftable pointer of a Flash object to redirect code execution. The exploit bypasses ASLR and DEP protections native to Windows. It does so by building or using hard-coded return-oriented programming chains in XP and Windows 7 respectively… The hackers are installing the PlugX/Kaba RAT on infected computers… [source]

Hacking Exposed 7 is an easy reference for anyone. The book provides detailed explanations of different types of attacks and then goes on to explain the countermeasures for each.

Today, more than ever, security professionals need to get into the hacker’s mindset. You can’t defend against something you don’t understand. You need to understand the methods and tools used by the attackers in order to protect your data and infrastructure.

Hacking Exposed Countermeasures Cookbook

Hacking Exposed 7 contains all-new visual maps and a comprehensive countermeasures cookbook.

ubuntu terminal

Here are some topics covered:

  • Obstruct APTs and web-based meta-exploits
  • Defend against UNIX-based root access and buffer overflow hacks
  • Block SQL injection, spear phishing, and embedded-code attacks
  • Detect and terminate rootkits, Trojans, bots, worms, and malware
  • Lock down remote access using smartcards and hardware tokens
  • Protect 802.11 WLANs with multilayered encryption and gateways
  • Plug holes in VoIP, social networking, cloud, and Web 2.0 services
  • Learn about the latest iPhone and Android attacks and how to protect yourself

The book also covers other topics such as enumeration, foot printing, scanning, operating system detection, embedded hacking, database hacking, and mobile device hacking.

At over 700 pages, Hacking Exposed 7 covers all the core areas of interest for penetration testers and vulnerability assessors.

Find out more

This book will help you bolster your system’s security and defeat the tools and tactics of cyber-criminals.

The book contains expert advice and defense strategies from the world-renowned Hacking Exposed team.

Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies.

Learn how to block infrastructure hacks, minimize advanced persistent threats, neutralize malicious code, secure web and database applications, and fortify UNIX networks.

This edition is currently the best book on the topic. You can check-out the reviews on Amazon to see for yourself.

A must-read for all Software Engineers. Don’t leave security to the end of a project.

Check It Out:

Tags

android assembly battle city business c computer networks crowdfunding facebook games gimp gmail google google tech talk html html5 indiegogo ios ipad iphone jokes looble malware microsoft mobile music MySQL network open source ouya photoshop php phpbb project management raspberry pi requirements security SEO smartphone social media software engineer svn tablet tools web development wordpress

This Website Hosted By: