Security Simplified ! - A Kaapagam Technologies IT Security Blog

Facebook Android app sends user phone numbers to Facebook servers without user consent

30. June 2013 09:32 by CA in IT Security, Privacy Leak

Norton released Norton Mobile Security for Android devices that contains new Norton Mobile Insight technology. Through automatic and proprietary static and dynamic analysis techniques, Mobile Insight is able to automatically discover malicious applications, privacy risks, and potentially intrusive behaviour. Further, Mobile Insight also advises on what risky behaviour an application performs and provides users with specific, relevant, and actionable information.


Mobile Insight flagged the Facebook application for Android because it leaked the device phone number. The first time you launch the Facebook application, even before logging in, your phone number will be sent over the Internet to Facebook servers. You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen. 


Cisco fixes vulnerabilities on its Web, email, content security appliances

28. June 2013 10:01 by CA in Software Updates & Patches

Cisco has released patches for its networking appliance users and customers in order to address a number of security flaws that could allow hackers to remotely execute commands or disrupt critical processes.


The vulnerabilities affected the underlying Cisco IronPort AsyncOS software for a number of the company's different appliances, including Cisco's Web Security Appliance, Email Security Appliance, and its Content Security Management Appliance.


It’s time to Update : Apple's OS X and Safari

6. June 2013 12:49 by CA in IT Security, Software Updates & Patches

Apple has published updates for all supported versions of OS X, namely Mountain Lion (10.8), Lion (10.7) and Snow Leopard (10.6).


The operating system part of this update fixes numerous holes in eleven distinct parts of OS X. This includes patches for security vulnerabilities in components that are themselves responsible for security. Affected components include Directory Services (remote code execution), OpenSSL (information disclosure) and SMB (information disclosure).


Mactans – A Malicious Charger that can infect iPhones

4. June 2013 14:45 by CA in Hack, IT Security

Scientists Billy Lau, Yeongjin Jang and Chengyu Song have invented a dangerous new “malicious charger” called Mactans, capable of infecting iPhones with any malware they choose under one minute


The Team will debut their evil plug at the Black Hat USA conference, which starts at the end of July. Describing their discovery, the team said: "Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming.


Microsoft EMET (Enhanced Mitigation Experience Toolkit) 4.0 – Making Life Difficult for Hackers

2. June 2013 17:47 by CA in IT Security

EMET is a toolkit provided by Microsoft to configure security controls on Windows systems making it more difficult for attackers to successfully launch exploits.


EMET doesn't take the place of antivirus or patch management, but it does provide an important set of safeguards against not only existing exploits, but also against future 0-day exploits which have yet to be developed or released. Even the best signature-based antivirus programs don't do a good job at protecting from 0-days.


EMET allows administrators to exercise fine-grained control over Windows' built-in security features in Windows 7 and higher, including: 



Mimikatz - Steal Windows Credentials in Clear text

1. June 2013 17:30 by CA in Hack, IT Security

In a recent update, the Metasploit framework added a very interesting tool called mimikatz to its massive tool repository. The tool enables you to steal Windows credentials - The key feature of this tool is that it steals the credentials in clear text instead of just the password hashes.

If you do any research on the Windows authentication process you will quickly find out that Windows does not store a clear text version of your password. Windows only stores a hashed version of your password. Mimikats collects the credentials from the WDigest dll. The HTTP digest authentication and Simple Authentication Security Layer (SASL) authentication modules use the WDigest dll. Both of these authentication modules require the user's plain text password. Mimikatz takes advantage of this and is able to extract the credentials in clear text.

Drupal Hacked, Millions of accounts exposed

1. June 2013 14:05 by CA in IT Security

Hackers are believed to have compromised the accounts of millions of users operating or developing the Drupal open-source content management system (CMS).

The Drupal Association says an individual or group has gained unauthorised access to the accounts on its and sites. Information exposed includes user names, email addresses, country information and hashed passwords.

Websites running the Drupal CMS, however, are not believed to be affected, Drupal Association executive director Holly Ross said. More...