Ashish Chhatani WRITINGS

A new email-based attack campaign is targeting key employees from companies in the U.S., Middle East and Asia with the goal of compromising their computers and email accounts. What is BEC? Business Email Compromise (BEC) as a sophisticated scam targeting businesses working with foreign suppliers and businesses that regularly perform wire transfer payments. Formerly known as Man-in-the-Email scams, these schemes compromise official business email accounts to conduct unauthorized fund transfers. BEC involves attackers hijacking the email accounts of business executives or accounting employees who typically authorize financial transactions inside organizations. Their hijacked email accounts can then be used to trick other employees, suppliers or business partners to initiate fraudulent payments to accounts controlled by the attackers. Security researchers from antivirus firm Trend Micro recently detected an attack against companies from 18 countries where key employee...

What is Ransomware? Ransomware   is one type of malware which prevents or limits users from accessing their system.   File-encrypting ransomware which is also called as Cryptolocker applications that target Android devices are becoming increasingly sophisticated. One new such program is using clickjacking techniques to trick users into granting it administrator rights. What’s this Clickjacking? Clickjacking is a method that involves manipulating the UI in a way that allows attackers to hijack users' clicks and trigger unauthorized actions. It is mostly used in Web-based attacks, where various technologies allow creating invisible buttons and positioning them on top of seemingly harmless page elements. Due to the restrictive application permissions system in Android, ransomware apps targeting the OS have historically been less effective than on Windows. For example, many of the early Android ransomware threats only displayed a persistent window on the screen wit...

Dell  installed a self-signed root certificate  and corresponding private key on its customers’ computers, apparently without realizing that this exposes users’ encrypted communications to potential spying, in an attempt to streamline remote support. Even more surprising is that the company did this while being fully aware of a  very similar security blunder  by one of its competitors, Lenovo, that came to light in February,2015. This incident surely raises questions on Dell’s Research and Development team. In Lenovo’s case it was an advertising program called Superfish that came preinstalled on some of the company’s consumer laptops and which installed a self-signed root certificate. In Dell’s case it was one of the company’s own support tools, which is arguably even worse because Dell bears full responsibility for the decision. Dell actually took advantage of Lenovo’s mishap to highlight its own commitment to privacy and to advertise its products. The produ...

STAGEFRIGHT- a vulnerability that made tech giants sleepless WHAT IS STAGEFRIGHT? Stagefright is a serious vulnerability found in Android's media processing service. The Android service that processes multimedia files has been the source of some vulnerabilities. In recent time, including a new one that could give rogue applications access to sensitive permissions to access the data.The vast majority of Android phones can be hacked by sending them a specially crafted multimedia message (MMS). WHO DISCOVERED? This latest vulnerability in Android's media server component was discovered by security researchers from antivirus firm Trend Micro and Joshua Drake,vice president of platform research and exploitation at mobile security firm Zimperium. BRIEF ME ABOUT THIS: Drake developed the dangerous exploit that only requires knowing the victim’s phone number. He found multiple vulnerabilities in a core component called  Stage fright  which is used to...