- MHA website hacked, temporarily blocked by authorities
The website of Ministry of Home Affairs is down and reports suggest that the portal could have been hacked. But, the MHA officials are not sure about it. The NIC, which maintains the website, is investigating the matter. Last month, suspected Pakistan-affiliated operatives had hacked the official website of the elite National Security Guard (NSG) and defaced it with a profanity-laden message against the Prime Minister and anti-India content. Last month, suspected Pakistan-affiliated operatives had hacked the official website of the elite National Security Guard (NSG) and defaced it with a profanity-laden message against the Prime Minister and anti-India content.
Cyber Security Tips: Regular audit of systems and networks should be carried out. Use Web Application Firewall and install security applications
- New Ticketbleed Vulnerability found in F5’s BIG-IP Networks
Filippo Valsorda, a researcher from Cloudflare, recently discovered a bug in F5’s BIG-IP Networks dubbed as Ticketbleed, keeping in mind its similarity with another such bug, Heartbleed. Ticketbleed is a vulnerability in the BIG-IP SSL networks that allows for SSL sessions to be leaked which are as large as 31 bytes. This happens due to the inherent SSL ticket system being designed in a way that stores certain pieces of information from previous SSL sessions. Such information, however, contains certain encrypted data that is sensitive. Ticketbleed, as such, allows attackers to access this information very conveniently. Essentially, the attackers can get their hands on SSL session IDs and 31 bytes of uninitialized memory.
Cyber Security Tips: Upgrade the version. Disable the Session Ticket option on the affected Client SSL profile
- Gmail Found Delivering Spoofed Messages Without Warning
According to researcher Renato Marinho, from a Brazilian security firm named Morphus Labs, Gmail does not filter or warn users about sketchy messages from another spoofed @gmail.com address. Marinho also writes that while an email appears to have come from another valid Gmail account, but it actually comes from a server which is not Gmail related. In order for all this to happen, the email of spammer’s server must first connect to Gmail saying it wants to deliver a message from his domain, even if it’s not a legitimate one. Instead, the address is switched to a fake Gmail address to fool Google.
Cyber Security Tips: Always check the email headers of the suspicious mail you receive on your emails.