Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Latest Captcha’s used by Google and Facebook are vulnerable!

 

 

Have you ever seen that “Image Captchas” while using internet? Tech Giants Facebook and Gmail are also using that captcha and according to the security researchers of Columbia University, this captcha is vulnerable. Angelos D. Keromytis, Suphannee Sivakorn and Iasonas Polakis are three security researchers, who found major vulnerabilities in captcha used by Facebook and Google. During research, an attack has been performed by the security researchers which was allowing them to bypass the security system. All these vulnerabilities had been found by the security researchers, when they were clicking on “ReCaptcha” button.

 

What they did?

A system had been prepared by the security researchers to break down this captcha system. Before testing captcha system, researchers checked this system for getting accurate results. They were performing attacks on other captcha systems and after that they were making changes into attack strategies as per need of this latest captcha system. Finally they found some major security issues, which allows hackers to perform attacks of large scale.

 

Google's ReCaptcha System

To check Google’s Recaptcha system, researchers launched an offline test against it after understanding the recaptcha functions used by it. The success percentage of researchers in this test was 45 percent. During this offline test, more than 2000 thousands captchas were break down by the researchers. When they perform a live test, the success rate of test was more because images can repeat itself at that time. Google is using low quality images in there captcha system, therefore the success rate was less.

 

Facebook's ReCaptcha System

During the testing of Facbook’s ReCaptcha system, researchers break down more than 200 image captchas. The success percentage of this test was more than 80 percent. Facebook is using high quality images in their captcha system which are easy to identify. Therefore success rate was more in this case as compared to Google.

 

Also read: Hacker Performed DDoS Attack on Security Researcher’s Website! See What Happened Next!

 

Researchers reported about these vulnerabilities to Google and Facebook. Google rewarded security researchers and now they are doing work to fix these flaws, On the other hand, Facebook is busy to be sure about these vulnerabilities.

Murlidharaiswal Frendz are namastay

Jun 3, 2016

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.