New Ways of Spamming

We have gone through the days when a mobile used to be a very rare thing and SMS (Short messaging service) was the only messaging service, which was available at that time. Then came MMS (Multimedia Messaging service), where one could send videos over the phone. And finally came the mobile messaging through applications such as WhatsApp, WeChat, Skype, Viber, and Hike, which used internet as a mode of transportation of data.

WhatsApp, which is one of the most popular mobile apps worldwide, has more than 700 million monthly active users, up from over 400 million in December 2013. This well-designed app is cheaper than SMS, no international charges, user-friendly, ad-free and requires minimal user intervention. Moreover, it works on most of the mobile phones including Nokia, iPhone, Android, Blackberry and Windows Smartphones. Many of its users agree that it is a better way to connect with family and friends than Facebook. However, its popularity has made it as one of the most prominent target for cyber criminals.

Recently, it was reported that WhatsApp users in India were receiving phoney investment spam messages from USA. The messages were all about promotion of wide range of comfort goods from well known brands such as Ray-Ban and Louis Vuitton. These messages from USA were destined to WhatsApp users to Europe. However, recent investigation revealed that spam messages were broadcasted from China not USA. The spam is much similar to iMessage spam, which was reported in 2014. More information about iMessage spam can be found here http://bit.ly/1ITmB52.

It was reported that India had 67 million Smartphone users in 2013 and the number increased by 45% in the year 2014, in comparison with 2013. This is because users purchased Smartphones, so that they could communicate with another Smartphone user with the help of mobile messaging applications. A user could also send audio and video message at a much cheaper cost than traditional MMS. What they did not realize is that they could be prone to such spams.

The Indian mobile users got a sigh of relief when TRAI (Telecom Regulatory Authority of India) in September 2011 launched anti-spam regulations for SMS and pesky phone calls either from telemarketers or mobile operators in India. The tele marketeter or mobile operators who failed to oblige these rules were imposed penalties for every single incident of spam SMS or pesky calls reported by the mobile user.

So how can we safeguard ourselves against spam in instant messaging application? Below are some tips for same.

  • Be extremely careful while joining groups, in which all the group members are un-familiar to you.
  • If possible, avoid sharing your phone numbers with unknown person.
  • Download instant messaging applications or applications from their official website or from an official store such as Google Play for Android.
  • And finally, if be extremely cautious.
Posted in eScan 11 | Leave a comment

Caution!!! Your Computer may be prone to Unauthorized Access

Hackers constantly look out for vulnerabilities to gain control of computer systems and IT networks. Brutal cyber threats and high-end data breaches are as usual, on the rise.  The US-CERT Cyber Security Bulletin provides a summary of latest vulnerabilities that have been recorded by its research department for the week of December 29, 2014.

The National Institute of Standards and Technology (NIST) have found vulnerabilities that can make a system prone to malware attacks and unauthorized access.

Common vulnerabilities and their impact recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week are:

  • AjaXplorer, unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation. It allows unauthorized disclosure of information, unauthorized modification and disruption of service. Find out other vulnerable versions from here: http://1.usa.gov/1BxNxXt
  • EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FTP OCX 4.5.0.9 does not restrict access to certain methods, which allows remote attackers to execute arbitrary files via a pathname in the first argument to the execute or run method, write to arbitrary files via a pathname in the argument to the CreateLocalFile method, create arbitrary directories via a pathname in the argument to the CreateLocalFolder method, or delete arbitrary files via a pathname in the argument to the DeleteLocalFile method. Find out other vulnerable versions from here: http://1.usa.gov/1Armyv2
  • CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string. Find out other vulnerable versions from here: http://1.usa.gov/1wom05g
  • Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 allows remote attackers to cause a Denial-Of-Service (application crash) or possibly have unspecified other impact via crafted arguments to the chunk_split function. Find out other vulnerable versions from here: http://1.usa.gov/1DwqtaZ
  • Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake. Find out other vulnerable versions from here: http://1.usa.gov/1BJMIsG
  • SQL injection vulnerability in social-slider-2/ajax.php in the Social Slider plugin before 7.4.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the rA array parameter. Find out other vulnerable versions from here: http://1.usa.gov/1zSYy1e
  • A vulnerability in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer. Find out other vulnerable versions from here: http://1.usa.gov/1w0V36w
  • Cross-site request forgery (CSRF) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to hijack the authentication of administrators for requests that modify pages via the data [text] parameter. Find out other vulnerable versions from here: http://1.usa.gov/1wTHm9B
  • Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. Find out other vulnerable versions from here: http://1.usa.gov/1tIfN3c

There are many such vulnerable software ranked in the division of high, medium, and low severities.

To know more about these vulnerable software and the affected versions, read the US-CERT Cyber Security Bulletin from here: http://1.usa.gov/1BxQ0RD.

Posted in eScan 11 | Leave a comment

A great finish – 2014 – BLOCKED!!!

In the era of free speech , India seems to be lagging , however when it comes to competing with the Great Firewall of China, India is far much ahead. Very recently, as on 31st Dec 2014, Indian govt. has issued a directive via DOT’s (Department of Telecommunication) wherein 32 websites have been blocked.

At the time of writing this short blog-post, we have been unable to access quite a few of the sites mentioned in the circular through some ISPs. Even though the errors are inconsistent nor is there any specific reason provided for the blocks, 2014 is surely coming to an end for the Indian IT industry and also for its users in the worst possible manner.

If we are to believe the tweets posted by IT HEAD of BJP’s (The ruling Govt. Political Party) IT Cell, then this particular blockade has been initiated as these websites contained some objectionable content by a Terrorist Organization.

The Tweets

The Tweets

Great, however, by simply blocking the entire domain at the ISP level is something which bothers me a lot.

Websites such as github, pastebin, weebly etc. are the services on which many of us dependent for all sorts of reasons ranging from Software Development to sharing of information. Moreover, rather than investing in advanced technologies wherein one can initiate blocks based on URLs or the content, Indian ISPs and Govt. IT Cell is still living in the Neanderthal Timezone, as far as implementing the latest technology is concerned.

With a heavy heart we bid adieu to 2014 and welcome 2015 with a worrying thought in our minds as to when would the Indian Govt. force the ISPs into upgrading their Blocking mechanism.

Posted in eScan 11 | Leave a comment

Is India Turning Out To Be A Hub Of Cybercrime?

cyber crime

With the increase in online communication, the threat from cybercrime is also increasing, targeting individuals, businesses and governments at a fast growing rate. Going by the latest statistics, India reports an annual increase of 40 percent in cybercrimes cases. Hacking, phishing, credit card and banking frauds have increased by 40 percent in the country in the past two years, government report says.

It is a fact that most cybercrime incidents go unreported, however, a total of 256 cybercrime cases were reported this year in India as against 109 recorded in 2013, according to the Cyberabad Police Commissionerate. India still does not have a cybercrimes prevention strategy, although the National Cyber Security Policy 2013 of India has been formulated but it has not been implemented yet. The cyber forensics trends of India 2014 still states that India is incapable to deal with cyber forensics related issues and it is not investing effectively in the field of intelligence and law enforcement technology. As a result cybercrimes have increased in India.

Realizing the seriousness of the situation, Indian government has now set up an expert group to create strategies for effective tackling of cybercrime.

Researchers say, cybercrimes investigation training in India should be made modern and up to date. There is a terrible requirement to develop cyber forensics best practices in India as soon as possible.

A Home Ministry official stated that India with a fast growing economy is susceptible to international and domestic cyber-attacks and there is a need to ensure cybercrime-free environment.

About eScan: eScan, one of the leading Anti-Virus & Content Security solutions for Desktops & Servers is developed and marketed by MicroWorld. It is powered by innovative and futuristic technologies, such as MWL Technology, DIRC Technology, NILP Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provides protection from current threats, but also provides proactive protection against evolving threats.

Connect with us on Facebook, LinkedIn, Twitter, Google Plus

Posted in eScan 11, eScan 14, Security | Tagged , , , | Leave a comment