The year 2020 has witnessed a shift in the digital ecosystem as major number of employees have taken a turn towards working from home. Thus, most organizational networks are now being accessed remotely by employees sitting at diverse locations spanning across the globe. This has given rise to new opportunities for hackers who are exploring different techniques to disrupt the vulnerable networks.

Here is a list of popular modern hacking techniques:

• H2C Smuggling: H2C stands for HTTP/2 cleartext. These attacks abuse H2C unaware front-ends to create a tunnel to backend systems. This enables the attackers to bypass frontend rewrite rules and exploit internal HTTP headers.
• Portable Data exFiltration: Cross Site Scripting (XSS) attacks are extensively being used to compromise data stored in PDF files and exfiltrate it to a remote server. The rate of these attacks has extensively increased with the increasing popularity of server-side PDF generation such as generation of e-tickets, boarding passes, etc. These PDF documents often contain sensitive information including bank details, passport numbers, addresses, and other personal data. In this attack, a malicious injection vector is injected into the PDF. When a user clicks on the link or anywhere in the PDF, the hacker can extract all the sensitive information entered by the user.
• TLS Attacks: Exploiting features of TLS (Transport Layer Security) makes it possible to land Server Side Request Forgery attacks. The attack technique involves exploiting technologies involved with TLS session caching. The hacker can manipulate the session to send a TLS session ID ticket or psk (pre-shared key) identity to his server.
• NAT Slipstreaming: NAT slipstreaming exploits the victim’s browser in conjunction with the Application Level Gateway (ALG) connection tracking mechanism built into NATs, routers, and firewalls. This is done by chaining internal IP extraction via timing attack or WebRTC, automated remote MTU and IP fragmentation discovery, protocol confusion through browser abuse, etc. As the destination ports are opened by NAT or firewall, this helps in bypassing any browser-based port restrictions.

Understanding of the hacking techniques is essential to formulate effective prevention strategy against modern hacking attacks. An effective prevention strategy is important to ensure the safety of organization’s network and individual user systems. A loophole in the cyber security strategy can cause major losses in terms of stolen data, user information, business secrets, etc.

For more information on popular modern hacking techniques, call Centex Technologies at (972) 375 - 9654.        

View Full Image

In a practical environment, a cyber security strategy is actually an amalgamation of multiple strategies. Cyber security professionals employ different strategies in coordination with each other in order to ensure a multidimensional protection against cyber threats.

Here is a brief guide to cyber security strategies:

Creating A Secure Cyber Ecosystem: The cyber ecosystem involves a wide range of entities including devices, individuals, management, private organizations, etc. which interact with each other. This strategy emphasizes on having a robust cyber ecosystem that would permit its devices to interact in a secure manner. A strong cyber ecosystem has three symbiotic structures – automation, interoperability, and authentication.

Creating An Assurance Framework: The basic objective of this strategy is to design an outline in compliance with global security standards. The framework that is designed is in compliance with industry wide standards, guidelines, and practices. These parameters help businesses to manage cyber security related risks.

Encouraging Industry Standards: Standards help in defining the outline of how an organization approaches the information security related issues. Implementation of cyber security standards enhance the efficiency of security processes, enable systems incorporations, provide a medium to test new applications, organize the approach to arrange new technologies in the cyber framework, etc.

Creating Mechanisms For IT Security: Different IT security mechanisms differ in their internal application features and attributes of security they provide. Following are the common IT security mechanisms:

• Link Oriented Measures
• End-To-End Measures
• Association-Oriented Measures
• Data Encryption

Protecting Critical Information: Critical information such as user data, login credentials, financial data, business trade secrets, etc. is the backbone of any organization. Safeguarding critical information against growing cyber threats needs a structured approach. This strategy can be implemented via following steps:

• Defining critical information
• Categorizing the available information
• Prioritizing information categories
• Securing the most critical information
• Testing the framework
• Securing the second category and repeating the cycle

Security As A Service: SaaS providers offer a cyber security solution with different attributes to meet diverse cyber security needs of organizations. This strategy can be implemented based on 5 C’s:

• Change – Organizations face changing pressures from different sources such as competitive threats, new regulations, internal threats, cyber threats, etc. SaaS model enable organizations to respond to these changes quickly.
• Compliance – SaaS solutions are designed keeping in mind the governances, regulations, etc.
• Cost – SaaS provides an alternative cyber security solution allowing the in-house IT teams to focus on core business.
• Continuity – Multi-tenant SaaS services are hosted in highly reliable data centers with built-in redundancy.
• Coverage – SaaS solutions offer clear benefits with geographically dispersed sites allowing easy management of remote users.

For more information on basics of cyber security strategy, call Centex Technologies at (972) 375 - 9654. 

SQL injection (SQLi) attacks exploit existing vulnerabilities to alter SQL queries by injecting malicious code. If successful, SQL injection attacks can allow the cyber attackers to modify database information, access sensitive data, execute administrator tasks on the database, and recover files from the target system. In extreme cases, attackers can also issue commands to the database operating system.

In order to defend against SQL injection attacks, it is imperative to understand the working of the attack.

How Does A SQL Injection Attack Work?

Cyber criminals may use several different types of SQL injections to execute an attack. Here are some common variants of SQL injections:

• SQL Injection Based On User Input: In this type of SQL attack, the user inputs are used to inject malicious code and gain access to the system. Web applications accept user inputs via forms. The information collected by these forms is then passed on to the database for processing. If the web application server does not screen the forms, the attacker can inject SQL statements via user input form fields and delete, copy, or modify the contents of the database.
• SQL Injection Based On Cookies: In this approach to SQL injection, the cookies are modified to infect database queries. Web applications often load cookies to use data stored in them as part of database operations. The malicious users or a malware installed on the system can modify the cookies to inject SQL statement in the backend database. Once infected, cyber attackers can access the database to steal, modify or delete the data stored in the database.
• SQL Injection Based On HTTP Headers: Some web applications are designed to accept inputs from HTTP headers. In such cases, malicious actors create fake headers containing arbitrary SQL statements. When the web application accepts input from these fake HTTP headers, the malicious code is injected into the database.
• Second Order SQL Injection: These are most complex SQL injection attacks because they are designed in a way that allows the SQL code to lie dormant in the system for a long time.

What Is The Impact Of SQL Injection Attacks?

SQL injection attacks can cause various harms to the victim system:

• Steal user credentials resulting in identity theft.
• Access information stored in database server.
• Alter or add new information to infected database.
• Delete database records leading to DoS attacks.

 For more information on SQL injection attack, call Centex Technologies at (972) 375 - 9654.

History Sniffing is an umbrella term that defines different techniques used to monitor the web browser history for diverse purposes including the launch of a cyber attack. Although it is an old trick, the technique is still being used for victimizing internet users. In the recent times, studies have shown a rise in the types and numbers of history sniffing cyber attacks for the sheer ease of launching such attacks.

How Is History Sniffing Cyber Attack Launched?

• The cyber attackers create fake online advertisement and preload attacker code in this ordinary looking advertizement.
• The code is embedded with a list of target websites (the websites that hackers want to know if the user has visited).
• When user clicks on the advertizement, the code starts running and checks the browsing history for target websites.
• If the user has visited any of the target websites, the program will indicate a match to the hacker.
• The hackers then redirect the victim to corresponding fake version of the website to cause further damage.

How Are History Sniffing Attacks Used?

The data collected by history sniffing attacks is used as a foundation for other types of cyber attacks by hackers.

• Phishing: Hackers use history sniffing techniques to find out the financial organization websites visited by the victim. This data is then used to launch customized phishing attacks which automatically match every victim to a fake page of actual financial organization. The victims are tricked into filling their financial details which can be used by hackers to steal money from users’ accounts.
• Stalking: History sniffing can be used to stalk internet users by keeping an eye on their browsing behavior. Hackers may keep a track of social media pages or locations saved in the browser history. Stalking may cause some serious problems for the victim such as kidnapping, physical damage, assault, etc.
• Identity Theft: It is common for internet users to save their login details or choose the option to ‘keep Logged In’ on their browser. Hackers can use history sniffing coupled with other malicious code to check the social media profiles logged in on the browser and access these profiles to pose as the user. They can further use these accounts to send unauthorized messages, post fake news, etc.

For more information on history sniffing cyber attacks, call Centex Technologies at (972) 375 - 9654.        

With increasing use of internet, there has been an alarming increase in number of cybersecurity threats. In addition to number, the risk and severity of cybersecurity threats has also increased. Advancement of technology and wide use of digital media have added to the skills of cyber criminals. The best practice to combat these cybersecurity threats is to be aware of different threat types and be prepared with effective cybersecurity strategies.

Here is a detailed list of cybersecurity threats that businesses should be aware of:

• Cloud Vulnerability: Cloud vulnerability is and will continue to be one of the biggest cybersecurity challenges faced by business organizations. The major reason behind this is the changing business scenario as organizations have increasing number of remote employees. The employees need to access business data from different locations in order to be efficient and productive. Thus, organizations are leveraging cloud applications and storing sensitive business data on cloud storage. Some of these cloud vulnerability attacks include data breach, mis-configuration, insecure interfaces and APIs, account hijacking, malicious insider threats, and DDoS attacks.
• AI-Enhanced Cyberthreats: AI and machine learning have found extensive applications in all fields including marketing, manufacturing, security, supply chain management, business mainstream, etc. Cyber criminals are also exploiting AI to launch sophisticated cybersecurity attacks such as AI Fuzzing and Machine Learning Poisoning.
• AI Fuzzing: Fuzzing refers to usually automated process of finding hackable software bugs by randomly feeding different permutations of data into a target program until one of those permutations reveals vulnerability. AI fuzzing integrates AI with traditional fuzzing techniques to create a tool that detects system vulnerabilities, start, automate and accelerate zero-day attacks.
• Machine Learning Poisoning: The cyber criminals target a machine learning model and inject malicious software in it. This makes the system (operating the model) vulnerable to cyber security attacks. As machine learning models feed on data sourced from surveys or social media, cyber criminals exploit user-generated information such assatisfaction ratings, purchasing histories, or web traffic by using malicious samples, introducing backdoors or Trojans for poisoning training sets and compromising the model.
• Smart Contract Hacking: Smart contracts are specially designed programs that contain self-executing codes for creating rules and processes that build blockchain-based applications. Since this is a new concept, researchers are still finding bugs in these programs. Cyber criminals exploit these vulnerabilities and target the programs for hacking into applications. this poses as a new cybersecurity threat for businesses.
• Deepfake: It is a fake video or audio created by modes such as swapping a famous person’s face in videos or altering the audio track of a video to spread fake news. The technology is AI-based and is being used extensively by cyber criminals to cause disruption across various industry segments such as financial market, media, entertainment and politics. In business world, these fake videos may be used to impersonate CEOs to spread fake news about a business.

For more information on cybersecurity threats, call Centex Technologies at (972) 375 - 9654.      

View Full Image

When working on a computer, it is common to receive pop-ups suggesting you that ‘a software update is available’. It is tempting to click on ‘Cancel’ or ‘Remind Me Later’ button, when you are busy with some work. However, it is not a healthy practice to put off software updates for a long time or even worse neglecting them.

The sooner you update your system, the higher will be your confidence in the security of the system. But it is common for users to ask why it is so important to install software updates.

Here are some points that emphasize on the importance of software updates:

• What Do Updates Do? : Software updates offer an array of benefits & revisions. The updates might include fixes to security loopholes detected in previous versions of the software. Another benefit of software updates is that they may include fixes to combat or remove software bugs for an improved efficiency and performance. Installing updates to the operating system can help in improving the speed and performance of the complete computer system. It also makes the system ready for new types of software that are designed to be compatible with latest OS versions.
• Patch Security Flaws: Software vulnerabilities are security flaws found in the programming of the software. They tend to offer easy entry point for the hackers. Hackers take advantage of these vulnerabilities by creating a code to target these security holes. The code is packed into malicious software which then infects the system to steal confidential data or cause other damage. Software updates contain security patches that cover the security holes to keep hackers out of the system and create a secure environment.
• Secure Your Peers: Undoubtedly, installing a software update helps in preventing security attack on the system, it is also essential to protect other systems connected to the same network as the system in question. The reason being that if a system is infected by a malware, it can result in lateral spread of the malicious code in the connected devices.
• Enhance Software Features: Software updates may be designed to enhance some features of the software or add new features to the software. These updates ensure that the performance of the software is improved. While these updates may be considered to be non-essential and low priority in nature, these software updates help in ensuring that the business uses a software version that is fully compatible with what clients and customers are using.

For more information on importance of software updates and how to maintain computer systems for enterprise, call Centex Technologies at (972) 375 - 9654.       

The trend of work from home has gained momentum in the time of pandemic. A large number of employees are now working remotely due to COVID-19. The businesses that have remote employees require making important changes for the transition. Amongst other changes, the businesses are required to make some technological additions to help their employees in working efficiently from remote location.

Following is the list of important tools and programs the businesses need to assist the remote workers:

• Hardware: Hardware is the most basic requirement when facilitating remote working environment. It is an essential starting point for remote workspace, including a working desktop, laptop or computer. Once a computer system is setup, the next requirement is reliable WiFi and a smartphone. Depending upon the job requirements, some additional hardware may be required such as printer, scanner, a landline phone.

• Document Creation & Editing Tools: The remote employees may be required to create and edit documents, notes and presentations. Thus, businesses need document creation & editing tool packages. These tools are necessary for every approximately every office job. A common example of such tool package is Microsoft Office 365. The package includes Word, Excel, Outlook and PowerPoint. Other features that can be helpful for the remote workers include Microsoft Teams. This feature enables the remote workers to collaborate with their coworkers through messages, live editing, file sharing, chats, etc.

• Project Management Tools: Project management tools help in keeping track of the projects remotely. The tools aide the remote employees and teams to effectively organize work and manage projects & tasks. Different types of project management tools include desktop tools, web-based tools, mobile tools, personal tools, single user tools, collaborative tools and visual tools.

• Cloud Computing: Cloud computing helps in recreating the work environment in a virtual space, offering storage, application management, data analysis, security, support, etc. The solutions are scalable to allow businesses to add resources and services that can be easily accessible to remote employees.

• Video Conferencing & Chat Platforms: In order to manage the projects efficiently, it is important to maintain the communication between remote employees. Video conferencing and chat platforms allow remote employees to send direct messages to individuals and groups. These platforms also allow remote workers to send and share documents.

• Cybersecurity Tools: In a remote work environment, it is highly important to secure the business data being shared across the network. Cybersecurity tools help in ensuring the privacy of the business data and network. These tools also help in preventing the cyber criminals from accessing the private network.

For more information on technology requirements of businesses having remote workers, call Centex Technologies at (972) 375 - 9654.              

Data anonymization is the process of protecting private or individual sensitive information by either erasing or encrypting the personal identifiers that form the connection between an individual and stored data. This helps in retaining the data while keeping the source anonymous.

What Is the Need For Anonymization Of Patient Data?

• Data science including collection and analysis of patient data is of immense importance for improving healthcare. It forms the basis of healthcare research for improving drug discovery, predicting epidemics, designing advanced cures, etc.

However, the law requires healthcare researchers to keep the PHI (Personal Health Information) of people secure. So, the only way of using patient’s data for research is to get their consent beforehand. This places a limitation on the data sets as some patients may decline the consent. Data anonymization lifts certain restrictions as it removes the patient’s identifiers and renders the data anonymous. It provides healthcare researchers the ability to access extensive, coherent, and historic data that can be built upon without damaging patient trust.

• Second reason that emphasizes the importance of genuine anonymization of patient data is that patients may be reluctant to seek medical attention if they fear that their PHI may be shared with someone. Genuine anonymization helps the healthcare institutes in offering privacy assurance to their patients.
• An information leak or disclosure that an individual has tested positive for STIs such as HIV/AIDS can invite discrimination or social stigma. Anonymization of such data helps in reducing the risk of such disclosure and maintaining the privacy and confidentiality of patient data.
• Another reason for incorporating genuine anonymization of patient data in the healthcare industry is to keep the data secure from cyber criminals who may cause a data breach and negatively affect the patients.

What Data Anonymization Techniques Can Be Used?

Data Masking: Real data is hidden by altering values. For example, a mirror of a dataset may be created and the value characters may be replaced with symbols such as ‘*’ or ‘x’.

Pseudonymization: The private identifiers such as name, address, etc. are replaced with face identifiers or pseudonyms.

Generalization: Some of the identifier data is removed while retaining a measure of data accuracy. For example, removing house number from the patient’s address while retaining the road name.

Data Swapping: It is also known as shuffling or permutation. The dataset attribute values are rearranged so that they don’t correspond with original values.

Data Perturbation: The original data set is modified by adding noise to the data and rounding off the numbers such as age or house number of the patient.

Synthetic Data: An artificial data set is created instead of altering the original dataset based on patterns and statistical analysis.

For more information on the importance of genuine anonymization of patient data and methods of implementation in healthcare, call Centex Technologies at (972) 375 - 9654.