These are quick first looks and trend and threats


Read More >>
Written by the security and AV professionals from team K7, meant for the general audience
Read More >>
These are usually articles that go into internals of a virus or deal with security issues
Read More >>
Senior managers speak on areas of interest to them, inside and outside the industry
Read More >>

Archive for the ‘Personally speaking’ Category

Serve in India? Store in India! Please…

Friday, April 22nd, 2016

The Union Home Minister Rajnath Singh recently requested the likes of Google, Facebook and WhatsApp to base their servers in India for security reasons.

WhatsApp has launched end-to-end encryption which makes snooping on WhatsApp traffic via, say, a Man-in-the-Middle very difficult, thus maintaining high levels of privacy. However, the events in parts of the country over the past few days are a reminder of the power of social media in disinformation campaigns.

Such social media services are regularly abused by terrorist groups to communicate amongst themselves as well as to spread propaganda. Therefore security agencies require access to communication content as per the provisions of the Information Technology Act. Since encrypted traffic makes it difficult to monitor the activities of suspects, it is important that content on the servers is made available when lawfully requested.

Such requests would be acquiesced to more readily if social media services for Indian citizens were hosted on servers within India’s jurisdiction, instead of typically in the US as is the case currently. The high-profile battle between the FBI and Apple in the US demonstrates the difficulties Indian security agencies could face in obtaining data from outside of India’s jurisdiction.

As I had mentioned a couple of years ago, the public’s opposition to the government imposing on their privacy is based on their prevailing threat perception. Given India’s history, geography and an unenviable record of victimhood, one would suggest that the threat perception in India is rather high.

Let us see if and how the social media giants bend to the government’s will.

Image courtesy of gadgets.ndtv.com.

Samir Mody
Senior Manager, K7TCL

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed

Five-Dimensional Protection in Cyber Space and Time…

Friday, April 1st, 2016

Our State-of- the-Art anti-cyber-threat facility has moved!!

As of today, we are conducting operations from our very own K7 Threat Control Lab Space Station.

Yes, our determined focus on taking our world-wide customer protection status to the next generation led to our decision to invest in infrastructure which would enable us to LITERALLY view the global threat landscape, thereby providing enhanced visual intelligence data.

We have now expanded our horizons to defend networks and devices across solar systems, and to research alienware. Interestingly some inter-galactic entities have expressed a firm desire to deploy endpoint protection on their advanced networked workstations. This is almost certainly as a result of an incident a couple of decades ago when a DOS-like scripty cross-architecture “virus” was transmitted wirelessly to the spaceships of a clan from a neighbouring galaxy, allegedly bringing them down.

We have been told that it was a tough day for their incident response and IT teams, and cost a bazillion hard-earned $PE$Os in damage.

K7 Development, focussed on innovation, is currently in the design phase for the K7IGS (K7 Inter-Galactic Security) product, which is scheduled to launch around the 1st of April 2017.

K7TCL SS infrastructure comes with funky technical features such as:

The docking station, with a physical fibre-optic pipe from Earth, provides an unmatchable 3×108 Mbps, thus allowing threat response in a flash.

The scale of the Internet of Things and the Cloud on Earth is less than microscopic when compared to Inter-Galactic Connectivity in Space and Time. Nevertheless K7TCL is ready for this exciting security challenge whether on Earth or beyond.

Image credits:

Kaarthik RM, K7 Threat Control Lab
Jason Brown from flickr.com
theknightshift.com
boomsbeat.com

Samir Mody
Senior Manager, K7TCL

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed

@ChennaiFloods: K7 Systems Were Impacted

Wednesday, January 27th, 2016

We had blogged a few weeks ago about the role that social media played during the recent floods in our home city of Chennai. In that blog we had stated the following:

“Historic rainfall in huge measure broke a century-old record for the highest rain in this region, and the subsequent clogging up of Chennai’s water bodies contributed to the flood situation. Chennai’s infrastructure took a massive hit with transport (road, rail and air), electricity and communication systems (mobile, landline and internet) going down…”

We ought to add that between the 1st and the 8th of December 2015 Chennai was declared a national disaster zone, and that K7 Computing’s own infrastructure was affected during this period due to the absence of power and network connectivity. Our systems were handicapped to the extent that our AV-Test results for the beginning of December 2015 were adversely impacted; both the reported Real-World test misses, one of which was only a partial miss given that HIPS behavioural protection triggered an alert, occurred during the aforementioned time window.

We are, of course, in the process of enhancing redundant systems at alternative geographical locations in order to maintain robust protection.

Samir Mody
Senior Manager, K7TCL

If you wish to subscribe to our blog, please add the URL provided below to your blog reader:

http://blog.k7computing.com/feed

Cyber Security: A Core Facet of National Defence Policy

Wednesday, December 16th, 2015

Cyber security, vis-a-vis national security, is high on the agenda of many nations. In fact Prime Minister Narendra Modi emphasises the need for robust cyber defences on a regular basis, both within India and abroad.

The keynote address titled “Securing Our Future” at the recently-concluded AVAR 2015 Security Conference held in Da Nang, Vietnam, by Mikko Hypponen made mention of the fact that cyber attacks are very much a part of a nation’s offensive strategy (typically espionage-related).

Even though most malware are written for financial gain, there is still a significant proportion which is created with a different motive in mind, involving both state and non-state actors. We ought to be expecting an increasing global cyber threat from terrorist organisations over and above the use of social media to communicate with their cadres and potential new recruits, and to attempt to deliver propaganda to the world at large.

Within the scope of the Internet of Things (IoT) our homes are being exposed to the outside world to a far greater extent than ever before. IoT, which involves various internet-enabled embedded utility devices (e.g. a smart fridge) that typically contain various security weaknesses, provides a whole new dimension of opportunity to hostile elements who can conduct attacks from thousands of miles away.

The AVAR 2015 conference, at which K7 Computing presented on ransomware, was well attended by several members of the Vietnamese defence and civil government bodies, as well as local journalists, signifying the emphasis that Vietnam places on the cyber security domain. In addition, the conference was formally supported by the Vietnamese Authority of Information Security.

K7 Computing hosted the AVAR conference a couple of years ago and will do so once again, the details of which will be revealed at a later date and time. Watch this space.

Image courtesy of betanews.com.

Samir Mody
Senior Manager, K7TCL

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed

Assemble to Witness the Fight Against Ransomware at AVAR 2015!

Friday, November 6th, 2015

Samir Mody and Gregory Panakkal, our lead innovators in matters of proactive security, will be showcasing a generic anti-ransomware model at the 2015 AVAR Conference at Danang, Vietnam. Their talk is to be held on Dec 4th at  10:00AM.

The duo had recently demonstrated the concept at the VB International Conference held earlier this year in Prague, Czech Republic. They will follow it up with “Fighting Back Against and Defeating Destructive Ransomware”. The overall objective of this proof-of-concept is to demonstrate a solution to generically detect a multitude of ransomware patterns, including samples later contributed by attendees at the VB 2015 conference.

The presentation at AVAR 2015 hopes to exhibit post-R&D enhancements to the prototype based on the audience feedback from the launch at the VB 2015 conference.

So, be there at the city of Danang, Vietnam on 4th Dec 2015 for the AVAR 2015 Conference, and witness the fight against ransomware.

Archana Sangili, Content Writer

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed/

K7 Threat Control Lab has a Dedicated Vulnerability Research Team

Thursday, October 29th, 2015

“There are only two kinds of companies in the world: those that know they’ve been hacked, and those that have been hacked and don’t yet know it.”

The above is a modern IT security adage. Gone are the days when the bad guys simply wrote viruses for fun and fame. Modern threat actors do some really nasty things for profit; from stealing money and intellectual property to identity theft and denial of service attacks, not to mention state-sponsored espionage (typically referred to as APT or “Advanced Persistent Threat”), etc.

Modern malware delivery mechanisms, silent and deadly, rely heavily on the exploitation of vulnerabilities in various OS software, e.g. Internet Explorer, and popular applications, e.g. Microsoft Word, Firefox and Chrome, Adobe Reader or Flash, Java, etc. In order to maintain an adequate security posture it is critical to remain on top of such issues, advising on the application of security updates to fix vulnerabilities, and to fully understand the scope of exploits and potential vulnerabilities. According to a recent survey most companies believe that their network will be hacked in 2015. The data breach map shows the map of organizations affected by data breaches since 2006.

At K7 our motto is to protect people and corporate information systems from the bad guys. K7’s products and our K7 Threat Control Lab have always endeavoured to protect users from exploitation, but we would like to take our vulnerability response a few notches higher, an enhancement of the K7 armour. We recently set up a dedicated Vulnerability Research team to tackle the complex problems posed by modern threat actors.

The objective of this team is to protect K7 customers with respect to the security triangle; the pre, current and post security environment. These are elaborated upon briefly thus:

  • The pre: Protect customer information systems by conducting comprehensive security assessments – both for servers and applications. Tighten the security posture by performing security hardening.
  • The current: Perform research on known 0-day exploits, hunt for new vulnerabilities and conduct in-depth research on Advanced Persistent Threats.
  • The post: Conduct computer security forensics after a breach has been detected. Determine the What, Where, When, How and Who of the security investigation.

We would, of course, need to constantly evolve our capabilities in combating new threats. Expect more topics, content and blogs from this new team.

Image credit: http://krebsonsecurity.com

Samir Mody, Senior Manager, K7TCL
Senthil Velan, Manager,Vulnerability Research

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed/

K7 Computing’s Security Alpha Geeks Introduce Generic Anti-Ransomware Prototype at VB Conference 2015

Friday, October 9th, 2015

So last week, Samir Mody and Gregory Panakkal, security experts from K7 Computing, showcased a generic anti-ransomware framework at this year’s Virus Bulletin International Conference. It garnered quite an excited bunch of fellow security enthusiasts at Prague, Czech Republic, where the conference was held, to listen to the duo talk about this prototype.

This presentation addressed majorly on file encrypting ransomware variants. A demo followed to display the capability of this generic anti-ransomware prototype in defending ransomware through samples obtained from valid sources.

K7 Computing is extremely proud of the team behind the idea to develop a simple solution to thwart complex ransomware menace. This generic framework is on the process of being incorporated into our products, and we are super excited. We also would take this opportunity to thank our readers, for sending ransomware samples requested by them to test our prototype.

For curious souls who want extensive information on this, please find the complete slides here.

Archana Sangili, Content Writer

If you wish to subscribe to our blog, please add the URL provided below to your blog reader:
http://blog.k7computing.com/feed/

Running the Ransomware Gauntlet at Virus Bulletin 2015

Thursday, September 17th, 2015

This blog is to inform the general public that two researchers representing K7 Threat Control Lab will be presenting and explaining their generic anti-ransomware solution at the Virus Bulletin international security conference. This blog also aims to solicit from fellow conference delegates a few of the latest ransomware samples to test the effectiveness of a new generic anti-ransomware prototype to be demoed for the very first time at the conference.


Are you attending the Virus Bulletin international security conference later this month? If so, my colleague, Gregory Panakkal, and I are due to present ways and means of fighting back against destructive modern ransomware on Friday, the 2nd of October, right after the lunch interval. We have a heuristic anti-ransomware Proof-of-Concept prototype which we will be demonstrating to delegates, explaining its modus operandi.

Have you got a brand new sample of ransomware you would like to throw at our anti-ransomware PoC demo? We are inviting conference delegates to help test the efficacy of the PoC vis-à-vis unknown variants of ransomware in real time, i.e. in our live demo. However, given the demo environment, the following pre-conditions exist for the samples:

  1. Must run in a VM
  2. Must encrypt target files without an active internet connection

If you have a suitable sample please use the VB 2015 demo public key to encrypt it.

Then send the encrypted sample to k7vb2015demo@gmail.com any time before 13:00 (local time in Prague) on Friday, the 2nd of October 2015.

We hope to see as many of you as possible at the conference and at our presentation, and of course we are hoping to receive a couple of samples to test live as well.

Samir Mody

Senior Manager, K7TCL

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed

Milestones Matter!

Thursday, September 10th, 2015

K7 Computing Private Limited celebrated its 23rd anniversary on August 27, 2015, with great enthusiasm. It was a day marked with fun, recognition, to acknowledge K7’s incredible journey over the years. When you work for a company with a positive environment that encourages individuality, spirit of ownership and creativity, a milestone reached by the company is akin to achieving a personal milestone. This sense of belonging was reflected in each and every employee, and that made the event great fun.

The agenda was set; our work family was formed into teams; Orange, Green, Blue, and Red. The preparations began in full swing a couple of days prior to the big day. Each team took up the challenge to creatively bring in some mojo into their workspace. We found out what happens when engineering meets design, and what can happen when marketing takes on engineering. The events were officially kicked off. The response was tremendously positive; we experienced a space odyssey; got spooked in a scary house; travelled back to the past, experienced the present, and glimpsed the future; and dedicated the “PSLV Concept” to the man who made it possible, the late Dr. APJ Abdul Kalam.

Then, we experienced a moment of pride when our Founder and CEO, Mr Kesavardhanan, appreciated all the employees for their unyielding support with his speech straight from the heart, and presented awards for the outstanding contributions of the employees. As the event drew to a close, we couldn’t help but look forward to yet another year filled with purpose, achievement, and of course lots of fun.

Archana Sangili, Content Writer

If you wish to subscribe to our blog, please add the URL provided below to your blog reader:

http://blog.k7computing.com/feed/

Social Networking Abuse – Potent Threat

Thursday, August 20th, 2015

This blog intends to highlight some of the dangers faced by the general public associated with an ever expanding use of social networking sites, all set to grow at an even greater rate post the launch of government initiatives such as the Digital India campaign.

Social networking sites such as Twitter and Facebook provide an efficient interface for communication with multiple people in a user-friendly manner. People are connected to their friends, family and followers in real-time, on-the-go using mobile devices. The ugly side to this increasing use of social networking sites is the potential for controlled, targeted abuse within a very short space of time. Recently the Hindu newspaper reported the abuse of Twitter in the recruitment programme of banned organisations.

Users of social networking sites do not appear to think twice about sharing large amounts of their private Personally Identifiable Information (PII) online. This freely available PII, which includes date of birth, phone number, address, and so on allows malevolent actors to hone their attacks’ penetrative function. In addition, given the speed of transmission, it is possible for attackers to reach a large number of victims very quickly, potentially triggering a mass panic scenario, or spreading malware, or increasing recruitment for banned organisations, etc.

There is at least one documented case of the use of social networks to trigger mass panic in India through the use of doctored images and targeted, threatening messages. In August 2012 thousands of Indians from some North-Eastern states of the nation were made to feel threatened to the extent that they decided to flee in large numbers to their home states from other parts of the country; a grave situation indeed.

The above real-world example provides a stark reminder about the havoc that can be caused when malicious content goes viral, either intentionally or otherwise. Legislation related to IT in many countries provides for monitoring of online content, inclusive of social networking sites, especially given that national security could well be at stake. In the documented case mentioned above, the attack vectors were neutered and some semblance of normality restored only after the offending sites were temporarily blocked and bulk SMS/MMS were banned for a short time as per the provisions in law.

Some images (adapted to suit the article) are courtesy of several sites.

Samir Mody
Senior Manager, K7TCL

If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed