SlideShare una empresa de Scribd logo

Security News Bytes June 2014 Bangalore

n|u - The Open Security Community
n|u - The Open Security Community

null Bangalore Chapter - June 2014 Meet

EducaciónTecnologíaNoticias y política
1 de 21
Descargar para leer sin conexión
SECURITY NEWS BYTES Nishanth Kumar n|u Bangalore chapter Lead N |U M O N T H LY M E E T 14 Jun 2014
!!!! DISCLAIMER !!!! • The information contained in this presentation does not break any intellectual property, nor does it provide detailed information that may be in conflict with any laws (hopefully...) :) • Registered brands belong to their legitimate owners. • The opinion here represented are my personal ones and do not necessary reflect my employers views. 14 Jun 2014
HEADLINES • GameOver Zeus & CryptoLocker malware • Iraq Blocks Social Media Amid Militant Drive • “Absolute Software” Names New Chief Executive Officer • Cybercriminals Ramp Up Activity Ahead of 2014 World Cup • Former Microsoft Worker Sent to Prison for Theft of Trade Secrets 14 Jun 2014
CONTINUED … • P.F. Chang's ( Restaurant chain ) confirms theft of customer card data. December 2013 , 100 million customers data is hacked as per the news . • LulzSec hacker helps FBI stop over 300 cyber attacks • Austrian computer student: I accidentally hacked Twitter with a heart symbol • Chinese government hackers are coming for your cloud. 14 Jun 2014
CONTINUED • Schools Kids hacked BMO ATM using Operators manual found online just a random guess of the password • New Svpeng Trojan Targets US Mobile Users • Spotify latest to be hit by hack on users 14 Jun 2014
?...? • Netflix passwords leaked again? • Most common passwords registered • w4gw4g • Poosty72 • Moshimoshi • 500 usernames ‘n’ passwords leaked 14 Jun 2014
EXPLOIT DB – STATS ( JUNE 2014 ) • Remote exploit - 6 • Local exploit – 2 • Web application – 7 • DOS - 2 • Papers - 6 14 Jun 2014
INTERESTING TRICK • Loophole in PayPal Terms Allows Anyone to Double their PayPal Money Endlessly three separate PayPal account • one real • Virtual Credit Card (VCC) • Virtual Bank Account (VBA) Link : http://thehackernews.com/2014/06/loophole-in- paypal-terms-allows-anyone.html 14 Jun 2014
14 Jun 2014
NEWS FROM GIANTS 14 Jun 2014
MICROSOFT • Microsoft helps FBI in GameOver Zeus botnet cleanup • Microsoft Running Out Of IPv4 Address Space In The US To Use For Azure VMs 14 Jun 2014
SYMANTEC • TrueCrypt Migration to Symantec Encryption Desktop 14 Jun 2014
T O O L S W A T C H . O R G R E A D E R S 2013 TOP SECURITY TOOLS 14 Jun 2014
OWASP ZAP – ZED ATTACK PROXY PROJECT • tool for finding vulnerabilities in web applications. • ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Link : https://www.owasp.org/index.php/OWASP_Zed_Atta ck_Proxy_Project 14 Jun 2014
BEEF – THE BROWSER EXPLOITATION FRAMEWORK PROJECT • Penetration testing tool that focuses on the web browser. Link : http://beefproject.com/ 14 Jun 2014
BURP SUITE • Performing security testing of web applications and Proxy Server Link : http://portswigger.net/burp/ 14 Jun 2014
PE STUDIO • Free tool performing the static investigation of any Windows executable binary. Note : A file being analysed with PeStudio is never launched Link : www.winitor.com 14 Jun 2014
OWASP XENOTIX • Advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework • It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. Link : http://opensecurity.in/owasp-xenotix-xss-exploit- framework-v4-5-relesed/ 14 Jun 2014
LYNIS THE HARDENING UNIX TOOL • Tool to audit and harden Unix and Linux based systems. Link : http://cisofy.com/lynis/ 14 Jun 2014
14 Jun 2014
        THANK YOU 14 Jun 2014

Recomendados

Browser Exploit Framework
Browser Exploit FrameworkBrowser Exploit Framework
Browser Exploit Framework
n|u - The Open Security Community
 
Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014 Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014
n|u - The Open Security Community
 
Demystifying captcha Bangalore Meet April 18
Demystifying captcha Bangalore Meet April 18Demystifying captcha Bangalore Meet April 18
Demystifying captcha Bangalore Meet April 18
n|u - The Open Security Community
 
Flashack
FlashackFlashack
Flashack
n|u - The Open Security Community
 
The Shellshocker
The ShellshockerThe Shellshocker
The Shellshocker
Sharath Unni
 
Metasploit Demo
Metasploit DemoMetasploit Demo
Metasploit Demo
n|u - The Open Security Community
 
ESAPI
ESAPIESAPI
ESAPI
n|u - The Open Security Community
 
IE Memory Protector
IE Memory ProtectorIE Memory Protector
IE Memory Protector
3S Labs
 

Recomendados

Browser Exploit Framework
Browser Exploit FrameworkBrowser Exploit Framework
Browser Exploit Framework
n|u - The Open Security Community
 
Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014 Secuirty News Bytes-Bangalore may 2014
Secuirty News Bytes-Bangalore may 2014
n|u - The Open Security Community
 
Demystifying captcha Bangalore Meet April 18
Demystifying captcha Bangalore Meet April 18Demystifying captcha Bangalore Meet April 18
Demystifying captcha Bangalore Meet April 18
n|u - The Open Security Community
 
Flashack
FlashackFlashack
Flashack
n|u - The Open Security Community
 
The Shellshocker
The ShellshockerThe Shellshocker
The Shellshocker
Sharath Unni
 
Metasploit Demo
Metasploit DemoMetasploit Demo
Metasploit Demo
n|u - The Open Security Community
 
ESAPI
ESAPIESAPI
ESAPI
n|u - The Open Security Community
 
IE Memory Protector
IE Memory ProtectorIE Memory Protector
IE Memory Protector
3S Labs
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014
n|u - The Open Security Community
 
Recon ng null meet April 2015
Recon ng null meet April 2015Recon ng null meet April 2015
Recon ng null meet April 2015
n|u - The Open Security Community
 
Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015
n|u - The Open Security Community
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demo
Akash Mahajan
 
Rapid Android Application Security Testing
Rapid Android Application Security TestingRapid Android Application Security Testing
Rapid Android Application Security Testing
Nutan Kumar Panda
 
Metasploit Humla for Beginner
Metasploit Humla for BeginnerMetasploit Humla for Beginner
Metasploit Humla for Beginner
n|u - The Open Security Community
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015
n|u - The Open Security Community
 
OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014
Anant Shrivastava
 
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedTale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learned
Anant Shrivastava
 
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Anant Shrivastava
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Anant Shrivastava
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Anant Shrivastava
 
Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
n|u - The Open Security Community
 
Osint primer
Osint primerOsint primer
Osint primer
n|u - The Open Security Community
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
n|u - The Open Security Community
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
n|u - The Open Security Community
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
n|u - The Open Security Community
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
n|u - The Open Security Community
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
n|u - The Open Security Community
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
n|u - The Open Security Community
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
n|u - The Open Security Community
 

Más contenido relacionado

Destacado

Destacado (12)

Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014
 
Recon ng null meet April 2015
Recon ng null meet April 2015Recon ng null meet April 2015
Recon ng null meet April 2015
 
Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demo
 
Rapid Android Application Security Testing
Rapid Android Application Security TestingRapid Android Application Security Testing
Rapid Android Application Security Testing
 
Metasploit Humla for Beginner
Metasploit Humla for BeginnerMetasploit Humla for Beginner
Metasploit Humla for Beginner
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015
 
OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014
 
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedTale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learned
 
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
 

Más de n|u - The Open Security Community

Más de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
ssuserdda66b
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 

Último (20)

SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 

Security News Bytes June 2014 Bangalore

  • 1. SECURITY NEWS BYTES Nishanth Kumar n|u Bangalore chapter Lead N |U M O N T H LY M E E T 14 Jun 2014
  • 2. !!!! DISCLAIMER !!!! • The information contained in this presentation does not break any intellectual property, nor does it provide detailed information that may be in conflict with any laws (hopefully...) :) • Registered brands belong to their legitimate owners. • The opinion here represented are my personal ones and do not necessary reflect my employers views. 14 Jun 2014
  • 3. HEADLINES • GameOver Zeus & CryptoLocker malware • Iraq Blocks Social Media Amid Militant Drive • “Absolute Software” Names New Chief Executive Officer • Cybercriminals Ramp Up Activity Ahead of 2014 World Cup • Former Microsoft Worker Sent to Prison for Theft of Trade Secrets 14 Jun 2014
  • 4. CONTINUED … • P.F. Chang's ( Restaurant chain ) confirms theft of customer card data. December 2013 , 100 million customers data is hacked as per the news . • LulzSec hacker helps FBI stop over 300 cyber attacks • Austrian computer student: I accidentally hacked Twitter with a heart symbol • Chinese government hackers are coming for your cloud. 14 Jun 2014
  • 5. CONTINUED • Schools Kids hacked BMO ATM using Operators manual found online just a random guess of the password • New Svpeng Trojan Targets US Mobile Users • Spotify latest to be hit by hack on users 14 Jun 2014
  • 6. ?...? • Netflix passwords leaked again? • Most common passwords registered • w4gw4g • Poosty72 • Moshimoshi • 500 usernames ‘n’ passwords leaked 14 Jun 2014
  • 7. EXPLOIT DB – STATS ( JUNE 2014 ) • Remote exploit - 6 • Local exploit – 2 • Web application – 7 • DOS - 2 • Papers - 6 14 Jun 2014
  • 8. INTERESTING TRICK • Loophole in PayPal Terms Allows Anyone to Double their PayPal Money Endlessly three separate PayPal account • one real • Virtual Credit Card (VCC) • Virtual Bank Account (VBA) Link : http://thehackernews.com/2014/06/loophole-in- paypal-terms-allows-anyone.html 14 Jun 2014
  • 11. MICROSOFT • Microsoft helps FBI in GameOver Zeus botnet cleanup • Microsoft Running Out Of IPv4 Address Space In The US To Use For Azure VMs 14 Jun 2014
  • 12. SYMANTEC • TrueCrypt Migration to Symantec Encryption Desktop 14 Jun 2014
  • 13. T O O L S W A T C H . O R G R E A D E R S 2013 TOP SECURITY TOOLS 14 Jun 2014
  • 14. OWASP ZAP – ZED ATTACK PROXY PROJECT • tool for finding vulnerabilities in web applications. • ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Link : https://www.owasp.org/index.php/OWASP_Zed_Atta ck_Proxy_Project 14 Jun 2014
  • 15. BEEF – THE BROWSER EXPLOITATION FRAMEWORK PROJECT • Penetration testing tool that focuses on the web browser. Link : http://beefproject.com/ 14 Jun 2014
  • 16. BURP SUITE • Performing security testing of web applications and Proxy Server Link : http://portswigger.net/burp/ 14 Jun 2014
  • 17. PE STUDIO • Free tool performing the static investigation of any Windows executable binary. Note : A file being analysed with PeStudio is never launched Link : www.winitor.com 14 Jun 2014
  • 18. OWASP XENOTIX • Advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework • It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. Link : http://opensecurity.in/owasp-xenotix-xss-exploit- framework-v4-5-relesed/ 14 Jun 2014
  • 19. LYNIS THE HARDENING UNIX TOOL • Tool to audit and harden Unix and Linux based systems. Link : http://cisofy.com/lynis/ 14 Jun 2014
  • 21.         THANK YOU 14 Jun 2014