LOS ANGELES, CA / ACCESSWIRE / October 17, 2020 / Cybersecurity has earned a notorious and establishing position in society when it comes to the security and privacy of data. Technology is expanding everyday, and more news striking on the latest strings of hacks against corporations like Twitter, Robinhood, Capital One are increasing due to lack of security provided by these organizations.
However, chances of vulnerabilities being exploited in the wild have been prioritized and lowered thanks to individuals like Alessandro / Alexander "Euro", a 16 year old Security Researcher, Malware Analyst & Cryptocurrency Enthusiast who advocates for the rights of privacy and security.
In a short interview with Alessandro, he explains how such attacks occur against big organizations pointing out multiple vectors of attack and little time in exploiting them, he states that: "Every minute a loophole is discovered which means every minute that passes by is a chance an intruder will use it to his advantage, the more times you look away it's better chances of success in not being discovered."
He also explains how the blockchain network can be used to financially lower fraud as of course the utilization of the blockchain network is to prioritize legitimate payments and uniquely identify the source with anonymizing the sender but giving a greater shield of protection with enforcement of standard encryption, looking deep in this a loop hole can also be seen as called "Double Spending", which is an issue with the cryptocurrency network that allows an attacker to modify the unconfirmed transaction upon registration on the network.
Alessandro continues to explain that an attacker can easily reverse the transaction upon socially manipulating the vendor into giving the attacker valuable information. Ransomware is a much bigger issue in the technology world with over millions of infections world wide, Alessandro worked with other researchers in identifying and breaking down different ransomware / malware strains, claiming that billions of dollars per year are lost in ransomware attacks and that government facilities like law enforcement should standardize more efficient security protocols in securing their tools as the possibility of leakage is high as attackers discover new ways in infiltrating data.
Big corporations like Twitter, Spotify, AT&T, and Hackerone have paid Alessandro as a reward for providing huge loopholes in their systems, Alessandro continues to supply vulnerabilities to institutions and corporations to prevent data breaches & theft of user data.
In a small demonstration he showed us how he was able to gain control of a CVE- 2019-0708 (BlueKeep) vulnerable system in matter of minutes by sending a payload which would ping back a string telling him the process was success and allowing him to control the system as if he was there, he also explained to us how servers are vulnerable as well by demonstrating an attack vector that was reported to a private company and had since been processed for fixing, showing us how it was easy to send a dummy payload in reflecting a test or how it would be easy to transmit a command which would retrieve a file, execute it and sequence pieces of code which would build up to the infection of the system with automated software.
Alessandro advises to keep software up to date, check verification and authenticity of downloaded software and always use a different password when signing up for different services as one breach could result in more than just the hack of one account, 2FA / Google Authentication should be factorized in preventing data loss from "Sim Swapping" attacks which conclude with the take over of your cellular number with a call to your provider impersonating you.
As a conclusion statement, he states: "Don't be fooled, if it's good to be true there is always a catch behind it", stating that fraud can be convincing but to not fall for it same as with a file of some sort to prevent data loss and having to pay fines in damages.
Email: [email protected]
SOURCE: Ascend Agency