More than 1,400 different malware families were identified globally by Check Point during a survey carried out in February 2016 and 39 per cent of malware attacks globally was found to be caused by the Conficker, Sality, and Dorkbot. The Bhutan Computer Incidence Response Team(BtCIRT) also found out that Conficker and Dorkbot are the most common Malwares affecting Systems in Bhutan. Conficker Conficker is a computer worm that can infect your computer and spreads to other computers across a network , through file sharing or removable drives. This infection allows an attacker to access users’ personal information such as...
SNMP Vulnerability
Simple network Management Protocol(SNMP) runs UDP port 161 and 162 and is a widely deployed protocol used to monitor and Manage network Devices: to obtain information on and even configure various network devices remotely. It runs on any network device from hubs to routers and network printers to servers. SNMP clients also run in many workstations and Personal Computers. SNMP is also used in most of the network management packages for information gathering. Thought type and amount of data that can be accessed via SNMP depends upon the device on which it runs, it generally provides details of the...
Ransomware
Ransomware is a type of malware that blocks access to computer system either by locking the systems screen or by encrypting files and folders usually demanding a ransom to unlock. For most of the new variants of ransomware, prevention has become the only guard since data recovery after attack is almost impossible.Though no huge harm has been done in Bhutan till date by Ransomware, personnel drives and PCs have been found infected and the trends elsewhere could soon be in. Statistics from Microsoft depicting Ransomware trends from December 2015 to May 2016 is as below: Source: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx#what Most of...
DoS/DDoS Attacks
DoS/DDoS Attacks Denial of Service (DoS) is an attempt to make resources like web site/ services/ App/network etc. unavailable to its legitimate user by exhausting the resource to provide service, with too many request (or related manipulations). DoS is performed by single user or using single device, which makes it difficult for attacker with increasing strength of Servers. DDoS(Distributed Denial of Service) works on the same fundamental as DoS but combines strength of multiple compromised machines to attack single victim, thus completely crashing down or gaining complete control of the system resulting to hosted services being unavailable to legitimate...
SQL INJECTION
SQL INJECTION SQL vulnerability ranks at top of the list in our government constituency. It has, therefore, become quite paramount for the team to come up with an article to help ourselves protect our priceless application from getting victimized in the Internet space. SQL(Structured Query Language) Injection is a technique where malicious code is injected into an SQL statement from web page input that can alter SQL statement compromising the security of a web application. This happens when user inputs are not validated. Mitigation of this vulnerability is much more complex than just applying the Security patch, since it...