Over the past few years, we might have come across many warning messages online. The most common one would be "This site is hacked" or “Your account is hacked”. Some of the others are “The system is at risk”, “The file you downloaded is harmful” etc. Whenever we come across such messages, we panic and try to recover our data immediately. But at times, we tend to ignore these messages. Unfortunately, during these times, the intruders get total access to all of our confidential data. The intruders use this stolen data to make money in unscrupulous ways.
*** This blog will provide you with everything necessary to keep your premises secure using Mendix ***
What is hacking?
Hacking is a dubious art and the hackers are intelligent enough to exploit our vulnerability. Hacking is the act of compromising digital devices and networks through unauthorized access to any account or computer system. Most probably the loophole is created by the lack of an effective code. Once the exploit is done CNC(Command and Control) is one of the mechanisms to communicate with the end-user over the Worldwide network. The most important thing to be considered is that the hackers could be experienced coders themselves. Hence the only option to overcome this challenge is to have profound coding knowledge to avoid vulnerabilities in all situations, and the code must be highly powerful and efficient.
How to prevent these malware binding attacks?
Let’s see how we can secure our premises using Mendix.
Recently, I started developing a Mendix application for our client. In most cases, the client requires the document to be uploaded by the end-user. I read a document about malware binding some time ago. I instinctively had a question - Does Mendix prevent that kind of attacks carried out by the end-user inadvertently. I started to ponder the possibilities and I figured out a mechanism to prevent these types of attacks.
Example: Steganography (Binding malicious code inside the image).
The most important element of data or information is Integrity. Integrity means that data or information in your system is maintained so that it is not modified by unauthorized parties. Integrity is the assurance that the information is trustworthy and accurate. Here we are going to focus on the integrity of the data which is uploaded by the end user.
When will this attack happen?
Let’s see how we can secure our premises using Mendix.
Recently, I started developing a Mendix application for our client. In most cases, the client requires the document to be uploaded by the end-user. I read a document about malware binding some time ago. I instinctively had a question - Does Mendix prevent that kind of attacks carried out by the end-user inadvertently. I started to ponder the possibilities and I figured out a mechanism to prevent these types of attacks.
share their profile picture or document which is required to proceed further in a process. The end user uploads the file, but they may not be aware that the file is already infected. Our windows machine (Defender) removes the infected file most of the times. If it does not, the data which is being uploaded will affect the entire network and it may lead to a breach. To prevent this attack, we are going to use Third Party API (Virus total) to identify the malware, virus.,etc..
After Integrating the API, upload the file and check whether the file is infected or not. If the file is infected by malware, our Mendix Application gets the response from the service and it will remove the file and show a warning message to the users. Without this mechanism, our Mendix application will allow the file which is infected and it may lead to a breach, which would expose the entire network to the intruder.
Note:
This Virus total API endpoint is freely accessible to all registered users. Based on huge request. We should prefer premium subscription.
Public API vs Premium API
The Public API is limited to 500 requests per day and a rate of 4 requests per minute.
The Public API must not be used in commercial products or services.
The Public API must not be used in business workflows that do not contribute new files.
Premium API
The Premium API does not have request rate or daily allowance limitations, limits are governed by your licensed service step.
The Premium API returns more threat context and exposes advanced threat hunting and malware discovery endpoints and functionality.
The Premium API is governed by an SLA that guarantees readiness of data.
