Talk Security

Hi Everyone, It has been a while I wrote stuff about anything...blame my employers...:D. Anyway, I just want to put down a short note on why pentesters are not performing well in Nigeria. The Nigerian Cyber Environment is filled with low-hanging fruits - poorly designed system and application infrastructures are all around the corner. Thus, a regular pentester can WooooW his/her client by just running few commercial tools. In a more difficult terrain, the same pentester will issue a certificate of no risk to the client. Ok, moving ahead of myself, back to the matter - most uses I have seen of hacking tools in the real world in this part of the globe is so limited, a bit script-kiddish I might say. Even the commercial ones that come with graphical tutorials are even not fully utilised. I dont really know the reason for this, but i think we are less inquisitive about what we see or observe, we still think that some things are really hard to understand, when in ac...

Hi all, I would like to talk about the coolness of android applications. So if you want to perform a security review an android app, how will you go about it? There are so many ways to go about this, i will highlight some of the ways I use. 1) Most android applications work just like Web applications, they send out HTTP requests using POST and GET methods. So a cool thing to do is to intercept and capture these requests, make modifications and monitor responses (which can also be intercepted and modified). So how can this be done? A sweet way to achieve this is by proxying all traffic from the application on your phone through a proxy tool such as Burp Suite (coolest tool for me). Now how can you direct that phone traffic to your Burp Suite which is probably running on a laptop or system? Well, you can use a great android tool called "Proxy Droid" to direct the traffic to the IP address and port on which the burp suite is listening. You can connect them to the same wire...

It is with deep regret that I announce the security atrocities being commited by Internet Service Providers. These ISPs sell broadband solutions and actually imbibe no element of security on their part. My story: I recently purchased a popular broadband router modem because of its reputation of being very fast. I had a staff of the company set it up for me. I actually thought that  the setup would include some basic security advice on how to manage my modem, but that was not the case, the staff just changed my SSID to the name I wanted and THATS ALL. These were the settings untouched: 1) Username and password to log into the management console of the router. The default was (user:user)...jeeeezzzz. 2) The Wireless security protocol: It was left on WEP, instead of using the more secure WPA/WPA2. 3) The default wireless password is the MAC address of the router, which is written on the carton enclosing the router. There are a lot of these routers where I li...

Hello Everyone, My topic was prompted after I got to listen to some presentations by IT Security companies on carrying out a penetration testing on a company's network. It was quite a colorful and rich presentation about how they were going to scan the network from inside and outside, but the problem was that this has been the trend for some years now. Real world hackers are ever-dynamic evolving, upgrading, and getting more sophisticated by the day, most security consultant firms do not change in their methodologies. Majority of attacks are now client-side based and exploits the weakest link in the network - the user. Social engineering attacks are now more sophisticated than ever, employing clever techniques to bypass endpoint security. Dozens of social engineering tools are out in the wild and can easily be used against targets. Real-world attacks are well-funded, motivated and have a specific aim. Simulating these attacks, which is the job of the pentester, will involve a h...

Truecaller, an app built by a Swedish company and also has the largest database of collaborative phone directory has been compromised by Syrian Electronic Army hackers. The app was running an outdated Wordpress version, and this has been compromised by hackers with millions of phone records stolen. They claimed to have downloaded more than 7 databases from Truecaller server of 450 GB in size. The Trucaller website is under maintenance, saying "We are doing some upgrades. Thank you for your patience" They also leaked the database admin usernames and passwords. Even if you are not a user of truecaller, you are still not exempted as one of your friends might be using it and has your number stored on his/her phone. Lesson : Limit the amount of information you put on the web. It is not safe and will never be.

Hi everyone, Hope your past week wasn't as crazy as mine...I had some good time with a great tool for reviewing logs. Ladies and gentlemen, I bring to you the gospel of SPLUNK..:) I had to review some logs during the week, in each log, I had about 200,000 events and had five logs to go through. I actually didn't know what I should be looking out for, but I was meant to spot suspicious behaviours. I didn't have to search the internet for long before i came across a myriad of log reviewing tools, but the one that caught my attention was SPLUNK. Great tool, easy to use, and great user interface. Manager Interface The search interface I didn't have to watch any tutorials before i got the hang of it. Anyways, for those that want to give it a try, there is free download at  http://www.splunk.com/download?ac=get_splunk_download

Hi Everyone, Work has been crazy lately, but I would like to brief you about the OWASP Top 10 2013 which was released recently. As expected, SQL injection is top on the list. Here are the Top 10: A1 - Injection A2 - Broken Authentication and Session Management A3 - Cross-Site Scripting (XSS) A4 - Insecure Direct Object References A5 - Security Misconfiguration A6 - Sensitive Data Exposure A7 - Missing Function Level Access Control A8 - Cross-Site Request Forgery (CSRF) A9 - Using components with known vulnerabilities A10 - Unvalidated Redirects and Forwards I wont go into the breakdown of each of these components, further details can be gotten at the official OWASP site . From the list above, it is disappointing to note that about a decade after the first OWASP top 10 was released, the major vulnerabilities have not been eliminated. Developers are still too focused on functionality and paying less attention to security. There is a need to engrave this list on the forehe...