Skip to main content

Posts

Github Faces biggest DDos Attack(1.35 TBPS)

On Wednesday, February 28, 2018 GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to a distributed denial-of-service (DDoS) attack.BackgroundCloudflare described an amplification vector using memcached over UDP in their blog post this week, “Memcrashed - Major amplification attacks from UDP port 11211”. The attack works by abusing memcached instances that are inadvertently accessible on the public internet with UDP support enabled. Spoofing of IP addresses allows memcached’s responses to be targeted against another address, like ones used to serve GitHub.com, and send more data toward the target than needs to be sent by the unspoofed source. The vulnerability via misconfiguration described in the post is somewhat unique amongst that class of attacks because the amplification factor is up to 51,000, meaning that for each byte sent by the attacker, up to 51KB is sent toward the target. Over the past year we have deployed additio…
Recent posts

Loopholes in Aadhaar authentication API services

Loopholes in Aadhaar authentication API services Aadhar Logo

Using this loophole anybody can use Aadhaar demographic authentication API by piggybacking my requests through NSDL servers and bypass the checks at place by UIDAI. 
This story is going to be about how just about anyone can access the API that Aadhaar provides to third party services. What is Aadhaar? Aadhaar is the world’s largest biometric ID system, with over 1.19 billion enrolled members as of 30 Nov 2017. As of this date, over 99% of Indians aged 18 and above had been enrolled in Aadhaar. What is Aadhaar API?UIDAI (Unique Identification Authority of India) provides different APIs (application programming interface) which can be used to perform various actions like authentication (demographic and biometric), e-KYC (know your customer), e-sign etc. We are discussing aboutAadhaar Authentication API for now. Going further, you have to know what AUA and SA are Authentication User Agency (AUA): AUA is an organization or an ent…

Meltdown and Spectre

Meltdown and SpectreVulnerabilities in modern computers leak passwords and sensitive data.


Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents. Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.
Lets go in details of each one  by one. Meltdown
The Exploit In short: It is possible to exploit the speculative execution of x86 processors in order to read arbitrary ke…

CBI techie nabbed over software that hacks Railways Tatkal ticket system

CBI techie nabbed over software that hacks Railways Tatkal ticket system 
  How do some travel agents manage to book confirmed railway tickets under Tatkal category, while thousands of passengers make unsuccessful bids on their computers or at reservation counters?
Well, it seems it is all programmed. A software programmer of the anti-corruption agency CBI is alleged to be the brain behind one such illicit software which subverted the Railways reservation system, allowing the agents to book hundreds of Tatkal tickets at a single click of the mouse, officials said on Wednesday in New Delhi.  
The Central Bureau of Investigation (CBI) has arrested its assistant programmer Ajay Garg and his front, Anil Gupta, for developing and distributing the software to agents for a price, agency spokesperson Abhishek Dayal said. Besides Garg and Gupta, the agency has booked 13 others, including Garg's family members and travel agents.
Garg's parents, wife, sister, and brother-in-law were alleged…

1.4 Billion Clear Text Credentials Discovered in a Single Database

A Massive Resource for Cybercriminals Makes it Easy to Access Billions of Credentials.

Now even unsophisticated and newbie hackers can access the largest trove ever of sensitive credentials in an underground community forum. Is the cyber crime epidemic about become an exponentially worse? While scanning the deep and dark web for stolen, leaked or lost data, 4iQ discovered a single file with a database of 1.4 billion clear text credentials — the largest aggregate database found in the dark web to date. None of the passwords are encrypted, and what’s scary is the we’ve tested a subset of these passwords and most of the have been verified to be true. The breach is almost two times larger than the previous largest credential exposure, the Exploit.in combo list that exposed 797 million records. This dump aggregates 252 previous breaches, including known credential lists such as Anti Public and Exploit.in, decrypted passwords of known breaches like LinkedIn as well as smaller breach…

Vault 8: WikiLeaks Releases Source Code For Hive - CIA's Malware Control System

Almost two months after releasing details of 23 different secret CIA hacking tool projects under Vault 7 series, Wikileaks today announced a new Vault 8 series that will reveal source codes and information about the backend infrastructure developed by the CIA hackers. Not just announcement, but the whistleblower organisation has also published its first batch of Vault 8 leak, releasing source code and development logs of Project Hive—a significant backend component the agency used to remotely control its malware covertly.
In April this year, WikiLeaks disclosed a brief information about Project Hive, revealing that the project is an advanced command-and-control server (malware control system) that communicates with malware to send commands to execute specific tasks on the targets and receive exfiltrated information from the target machines. Hive is a multi-user all-in-one system that can be used by multiple CIA operators to remotely control multiple malware implants used in different …