Friday, 20 December 2013

Introduction to Netcat


Netcat-Logo-black-500x250px.gif



Introduction : So I was messing around on the internet and came across a tool called Netcat.  I've been messing with it for a couple of days and it's some pretty cool stuff. It's really good for reverse tcp attacks as well. Anyways, let's talk about this tool.

It's called Netcat! Also known as, "The tcp/ip swiss army knife" from many sources
DOWNLOAD LINK :NETCAT

You can enter this tool in two way by typing
Code:
nc

or
Code:
netcat
Anyways here's a description of this cool little tool.


Monday, 2 December 2013

Google Nexus phone vulnerable to SMS-based DOS attack

Google Nexus phones vulnerable to SMS-based DOS attack
Google’s Nexus Smartphones are vulnerable to SMS-based DOS attack, where an attacker can force it to restart, freeze, or lose network connection by sending a large number of special SMS messages to them.

The vulnerability, discovered by Bogdan Alecu, a system administrator at Dutch IT services company Levi9, and affects all Android 4.x firmware versions on Google Galaxy Nexus, Nexus 4 and Nexus 5.
The problem is with how the phones handle a special type of text message, known as a flash SMS. By sending around 30 Flash SMS (Flash SMS is a type of message that normally is not stored by the system and does not trigger any audio alerts) messages to Nexus phone an attacker can cause the phone to malfunction.

He presented the vulnerability on Friday at the DefCamp security conference in Bucharest, Romania. In an email exchange with me, he said 'I was testing different message types and for the class 0 messages I noticed that the popup being displayed also adds an extra layer which makes the background darker." 

"Then my first thought was: what happens if I send more such messages? Will it make the entire background go black? If so, wouldn't this cause a memory leak? The answer is "Yes" for both of the questions. So, basically, by sending around 30 Class 0 messages, it will make the Google device behave strangely'."
According to the researcher, several possible outcomes can result from the overloading:

Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP vulnerability
A Symantec researcher has discovered a new Linux worm, targeting machine-to-machine devices, and exploits a PHP vulnerability (CVE-2012-1823) to propagate that has been patched as far back as May 2012.
Linux worm, which has been dubbed Linux.Darlloz, poses a threat to devices such as home routers and set-top boxes, Security Cameras, and even industrial control systems. It is based on proof-of-concept code released in late October and it helps spread malware by exploiting a vulnerability in php-cgi.

"Upon execution, the worm generates IP addresses randomly, accesses a specific path on the machine with well-known ID and passwords, and sends HTTP POST requests, which exploit the vulnerability. If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target." the Symantec researchers explained.

The malware does not appear to perform any malicious activity other than silently spreading itself and wiping a load of system files.

10 reasons why PCs crash U must Know


10 reasons why PCs crash U must Know

Fatal error: the system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."

You have just been struck by the Blue Screen of Death. Anyone who uses Mcft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?

1 Hardware conflict


The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.

For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.

If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:

* Start-Settings-Control Panel-System-Device Manager.

Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.

Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.

Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is www.driverguide.com. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).

When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.

To be fair to Mcft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.

2 Bad Ram


Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.

But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.

One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.

Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.

EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.

3 BIOS settings

Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.

Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.

A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.

Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).

Saturday, 30 November 2013

How to restore DLL files on your computer


DLL or Dynamic Link Library files are very important part of programs and applications. So important are these files that the programs and applications will not run without them. Quite frequently it so happens that the Windows users encounter problems because of these DLL files. Although quite annoying, DLL repair is quite easy as long as you know how to do it.
Some of the most frequently occurring DLL file errors are run.dll, shell32.dll, system32.dllwmp.dll, kernell32.dll, rundll32.dll, xvid.dll, iframe.dll, kernel.dll and many more. These DLL files are mostly removed unintentionally. This generally happens while uninstalling a program; it may also so happen that there might be an occurrence of error because of any virus infecting the computer system. One need not worry when such a thing occurs as there are many ways in which this error can be repaired.

The problems and solutions

how to use your keyboard as a mouse




Hey Friends Today we will see how to Use A keyboard as Mouse, Yes you read it right, also i am not joking.
Its a very cool trick which everyone will love to try for sure and it is very simple as well.
in a situation where your mouse is spoilt, not available or maybe you want to simply impress your friends, you can use your keyboard as a mouse.it is a very simple method and you can access your keyboard like a mouse.
To do this just press
Alt+Left shift key+num lock

How to navigate everything with your keyboard?



The keyboard is one of the most important components of your desktop or laptop. Even if your mouse is not working, you can still operate the computer and accomplish all the tasks through the keyboard shortcuts. Also, the keyboard shortcuts help in improving your productivity as more amount of work can be done in less time. So if you are familiar with the keyboard functions, it will be very easy to perform the work even without the mouse or when it’s not working.

Let us explore more about the keyboard functions.
How to open a desktop program?
To open or run any program on the desktop, you can perform the following steps.
Step 1 – Press the Tab key to control the desktop icons
Step 2 – The Tab key will help you to select the desktop icons, anything from the taskbar and Start button
Step 3 – Once you are on the desktop, you can also use the arrow keys to move from one icon to another.
Step4 – Press Enter key when the icon is highlighted to Run the selected program.
Step 5- Sometimes the Tab key has to be pressed several times to navigate through desktop programs

How to root and install custom ROMs in android phones?

android-root-620x465
The trend of installing custom ROM’s and apps has brought a big revolution with many users trying to root their mobile devices to accomplish it. Rooting is a very sensitive task which should be done properly or else the device may lose its initial configuration and may result in malfunction of your gadgets. If you are fond of custom apps and ROM’s and what to integrate the same in your Android devices, you will have to first root your devices and then install the custom ROM’s.

Here is the step by step process to root and install the custom ROM’s in your Android phones.
Rooting your Android phones
Though every device has its own rooting process, but here we will discuss the general procedure to root the handsets which will work for all types of models.
Step 1 – In order to get started with rooting, dial *#*#2846579#*#* and you will be directed to the internal application which is used by the manufacturer. Here you can find out the different hardware’s installed on your device and can access the internal statistics as well.
Step 2 – Now look for Background Settings and then go to Log Settings
Step 3 – From the Log Settings menu, search Log Switch and enable it
Step 4 – Go to Settings and enable the USB debugging option as well
Step 5 –Install SuperClickOne app on your device and connect it to your desktop
Step 6 – Now extract the files from the zipped folder and run the exe file
Step 7 – On the top right corner, you will get find the option Root. Follow the steps and complete the rooting process
Step 8 – Restart your phone to confirm the changes

How to Remove Windows 7 Genuine notification



Not able to remove genuine Windows 7 successfully from your computer or laptop? Well then your problem is solved. The following few steps are quite easy and they will help you to very conveniently remove genuine Windows 7 from your PC. Many versions of Windows 8 are already in the market then why stay stuck with Windows 7. Even if you want to load some older version of Windows in your PC then also the following steps will help you out to successfully remove Windows 7 from your PC. The steps are very clear and precise.

The steps for removing Windows 7 Genuine from your PC are as follows:
  • Step 1: The first step is to pressing the Windows Key present on the left hand side of the keyboard. You can also simply click on the start button. Either way the start menu will appear once you do one of the above mentioned two things.
  • Step 2: Once the start option shows up go to the run option. Click on the run option. When you click on the run option, the run window will appear.
  • Step 3: Once the run window appears after clicking on the run option, you have to type “cmd” in it.CMD is the command to open the command prompt window. After typing cmd in the run window press enter and the command prompt window will open.

TIME Magazine Twitter account hacked by Syrian Electronic Army

TIME magazine Twitter account hacked by Syrian Electronic Army Just now, The hacktivist group Syrian Electronic Army (SEA) briefly took over the Twitter account of the TIME Magazine.
The Hacker group tweeted from the TIME's official account, "Syrian Electronic Army Was Here via @Official_SEA16..Next time write a better word about the Syrian president #SEA" with their logo, as shown above.

TIME Magazine is currently hosting polls for Who Should Be TIME’s Person of the Year? and on their website the Syrian President Bashar al-Assad is described as, "Syria’s ruler presided over a bloody year, shrugging off international concerns over the use of chemical weapons as the death toll of his country’s civil war eclipsed 100,000."

Warning: "A new message from Skype Voicemail Service" spam leads to Zeus Malware

Skype spam leads to Zeus Malware
Skype has been targeted by cyber criminals again this week. Users are receiving a new Spam Email with subject “You received a new message from the Skype voice mail service.”, that actually leads to Zeus Malware.
Zeus is a Trojan horse that attempts to steal confidential information from the compromised computer. It specifically targets system information, online credentials, and banking details, but can be customized through the toolkit to gather any sort of information.

CVE-2013-5065: Microsoft Windows XP and Server 2003 Privilege escalation Zero-Day exploit discovered

Researchers at FireEye have discovered a new privilege escalation vulnerability in Windows XP and Windows Server 2003.

CVE-2013-5065, Local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit (CVE-2013-3346) that appears to target a patched vulnerability.
Microsoft has issued an advisory and warned that discovered bug in Windows XP's NDPROXY.SYS driver could allow hackers to run code in the system's kernel from a standard user account.

The exploit could allow a standard user account to execute code in the kernel, which may allow an attacker to gain privileges that would enable him to do various activities, including deleting or viewing data, installing programs, or creating accounts with administrative privileges.

Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw

Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw
Ruby on Rails contains a flaw in its design that may allow attackers to more easily access applications. Websites that rely on Ruby on Rails’s default cookie storage mechanism CookieStore are at risk.

The vulnerability was actually reported two months ago, but still thousands of website are running a vulnerable version of Ruby on Rails that allows a malicious attacker to gain unauthorized access again and again without password, if someone manages to steal users' cookies via via cross site scripting or session sidejacking or with physical access. 
More than 10,000 websites are vulnerable to Ruby on Rails's cookie storage mechanism flaw, but this vulnerability requires your user's session cookies to be compromised in the first place.

Security researcher G.S. McNamara provided the details of the vulnerability in a blog post , he analyzed nearly 90,000 sites running specialized scripts and discovered 1,897 sites based on old versions of Ruby on Rails (version 2.0 to version 4.0) that stores users’ cookie data in plain text.

Danish Bitcoin exchange BIPS hacked and 1,295 Bitcoins worth $1 Million Stolen

The breaking news is that, another Bitcoin exchange company gets hacked i.e. BIPS (bips.me), one of the largest European Danish Bitcoin payment processors.

On Friday evening, a bunch of cyber criminals just broke into BIPs -Bitcoin payment processor servers and wiped out around 1,295 Bitcoin from people’s wallets, currently worth $1 Million. More than 22,000 consumer wallets have been compromised and BIPS will be contacting the affected users.
Initially on 15th November, Hackers launched Distributed Denial of Service (DDoS) attack on BIPS, originate from Russia and neighboring countries and then hackers attacked again on 17th November. This time somehow they got access to several online Bitcoin wallets, which allowed them to steal the 1,295 BTC.

The Silk Road Founder financially linked to Bitcoin Creator Satoshi Nakamoto

The Silk Road Founder financially linked to Bitcoin Creator Satoshi Nakamoto
Two most important moments in the history of Bitcoin are : Its creation by Satoshi Nakamoto, and the burst of The Silk Road's Founder Ross William Ulbricht. The silk Road’s black market was a Bitcoin economy.

According to a report published by two Israeli computer scientists, Ross William Ulbricht, aka Dread Pirate Roberts, may be financially linked to Satoshi Nakamoto.
Even if the Bitcoin buyers and sellers remained anonymous, but the transactions themselves are public, So the scientists were able to trace the interactions.

The Scientists, Ron and Shamir were exploring the connection between the operator of Silk Road who was recently arrested by the FBI for running the Internet blackmarket Silk Road and the entity that invented the bitcoin.

The bitcoin network was established in 2008 and it has been popularly believed that the first accounts in the early days of the bitcoin were of Satoshi Nakamoto, accumulated some 77,600 BTC as a result of 'mining' Bitcoins. The person who can generate 77,600 from mining in the first week of Bitcoin birth should be definitely its creator.

Sunday, 17 November 2013

DDoS attack from Browser-based Botnets that lasted for 150 hours

Browser-based botnets are the T-1000s of the DDoS world. Just like the iconic villain of the old Judgment Day movie, they too are designed for adaptive infiltration. This is what makes them so dangerous. Where other more primitive bots would try to brute-force your defenses, these bots can simply mimic their way through the front gate.

By the time you notice that something`s wrong, your perimeter has already been breached, your servers were brought down, and there is little left to do but to hang up and move on.


So how do you flush out a T-1000? How do you tell a browser-based bot from a real person using a real browser? Some common bot filtering methods, which usually rely on sets of Progressive Challenges, are absolutely useless against bots that can retain cookies and execute JavaScripts.

The alternative to indiscriminately flashing CAPTCHA’s for anyone with a browser is nothing less than a self-inflicted disaster - especially when the attacks can go on for weeks at a time.
To demonstrate how these attacks can be stopped, here's a case study of an actual DDoS event involving such browsers; an attack which employed a swarm of human-like bots which would – under most circumstances - result in a complete and total disaster.

Browser-based Botnet: Attack Methodology
The attack was executed by an unidentified botnet, which employed browser-based bots that were able to retain cookies and execute JavaScript. Early in the attack they were identified as PhantomJS headless-browsers.
PhantomJS is a development tool that uses a bare-bone (or "headless") browser, providing its users with full browsing capabilities but no user interface, no buttons, no address bar, etc. PhantomJS’s can be used for automation and load monitoring.
The attack lasted for over 150 hours, during which we recorded malicious visits from over 180,000 attacking IPs worldwide. In terms of volumes, the attack peaked at 6,000 hits/second for an average of +690,000,000 hits a day. The number of attacking IPs, as well as their geographical variety, led us to believe that this might have been a coordinated effort, involving more than one botnet at a time.
More than one Botnet?
Throughout the duration of the attack we dealt with 861 different user-agent variants as the attackers constantly modified the header structure to try and evade our defenses. Most commonly, the attackers were using different variants of Chrome, Opera and FireFox user-agents.

Facebook Open URL Redirection vulnerability

Hacking Facebook - Facebook Open URL Redirection vulnerability Security Researcher Dan Melamed discovered an Open URL redirection vulnerability in Facebook that allowed him to have a facebook.com link redirect to any website without restrictions.

An open URL Redirection flaw is generally used to convince a user to click on a trusted link which is specially crafted to take them to an arbitrary website, the target website could be used to serve a malware or for a phishing attack.
An Open URL Redirection url flaw in Facebook platform and third party applications also exposes the user's access token at risk if that link is entered as the final destination in an Oauth dialog.

The Facebook Open URL Redirection vulnerability exists at landing.php page with "url" parameter, i.e.
http://facebook.com/campaign/landing.php?url=http://yahoo.com
This URL will always redirects user to the Facebook's homepage, but it is sufficient to manipulate the "url" parameter assigning a random string:
http://facebook.com/campaign/landing.php?url=asdf
In reality the above URL generated a unique "h" variable and passed the url parameter to Facebook's Linkshim (l.php):
http://www.facebook.com/l.php?u=asdf&h=mAQHgtP_E
Once noted the redirection process, Dan Melamed explored the way to exploit the mechanism to bypass the restrictions on redirection and loaded an arbitrary link.

Japanese word processor 'Ichitaro' zero-day attack discovered in the wild .

Japanese most popular word processing software 'Ichitaro' and Multiple Products are vulnerable to a zero day Remote Code Execution Flaw Vulnerability, allowing the execution of arbitrary code to compromise a user's system.

According to assigned CVE-2013-5990malicious attacker is able to gain system access and execute arbitrary code with the privileges of a local user.
The vulnerability is caused due to an unspecified error when handling certain document files. "We confirm the existence of vulnerabilities in some of our products." company blog says.

In a blog post, Antivirus Firm Symantec confirmed that in September 2013, they have discovered attacks in the wild attempting to exploit this vulnerability during, detected as Trojan.Mdropper, which is a variant of Backdoor.Vidgrab.

Researchers mentioned that Backdoor.Vidgrab variant was used as a payload for a watering hole attack exploiting the Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893), which was patched in October 2013.

Hacker 'Pinkie Pie' successfully compromised Chrome on Nexus 4 and Samsung Galaxy S4

A Mysterious Hacker who goes by the "Pinkie Pie" handle is rewarded with $50,000 USD for hacking into the Google Chrome browser for Nexus 4 and Samsung Galaxy S4.
At Information Security Conference PacSec 2013 in Tokyo, during the HP's Pwn2Own contest, a zero-day exploit showcased by "Pinkie Pie", that took advantage of two vulnerabilities:
  • An integer overflow that affects Chrome.
  • Chrome vulnerability that resulted in a full sandbox escape.
For successful exploitation, you have to get your victim to visit a malicious website e.g. clicking a link in an email, or an SMS or on another web page. He demonstrated this zero-day attack with remote code execution vulnerability on the affected devices.

Thursday, 14 November 2013

HOW TO REMOVE GMAIL ACCOUNT FROM ANDROID



Thinking about removing your Gmail account from your Android Phone? Some Android Phone does not have the internal memory to efficiently carry the workload of a Gmail Account. Well then the solution is quite easy. All you have to do is remove the Gmail account from your Android phone. There are many reasons for wanting to have your Gmail account removed from your Android Phone. Maybe the syncing and the additional account details are not working out for you. Whatever is your reason if you follow the following simple steps you will be able to successfully remove your Gmail account from your Android phone.

Adding a Gmail account to your Android system is very easy. All you have to do is download the app, install it and then login into your account and sync your phone to the account. That is very easy. But a lot of people claim that removing a Gmail account from an Android system is much more difficult and typical than installing and syncing it. The following steps will help you to remove your Gmail account from your Android phone:

ENCRYPT AND PASSWORD PROTECT YOUR USB DRIVE WITHOUT ANY SOFTWARE





Hi Friends todday i will tell you how to ENCRYPT AND PASSWORD PROTECT YOUR USB DRIVE WITHOUT ANY SOFTWARE
Bitlocker is Not much known technology By Windows Which helps you to Password protect and Encrypt Your Content in Usb Drives.

Just Follow the below simple Steps :

Step 1 : Insert Pendrive which you want to password Protect.
Step 2: Open explorer and Right click on your Removable drive and Select “Turn On Bitlocker”

Step 3: After you click on Turn On bitlocker, Wizard will be open, Check “Use a password to Unlock the Drive”

Step 4 : Now type In the Password you want and Click Next.
Step 5: Now you will be asked “How Do You want to back up Recovery Keys “ Choose From the options

Step 6 : You then have to choose whether your drive is already in use or if it is new. Then click next.

Step 7 : Choose how much Of Your Drive to Encrypt, Entire drive or Just Used Disk Space.

HOW TO REMOVE PASSWORD FROM PDF



Password protected PDFs can be really inconvenient sometimes. Especially when you are thinking about sharing a PDF with other people you have to make sure that you remove the password. Now adding a password to a PDF file is very easy and can be done by almost everyone. The option is highly visible and the password setting procedure extremely easy. But on the other hand the process of removing a password from a PDF file is quite typical. A lot of people have claimed that they have successfully added a password to their PDF file but were unable to remove it with the same level of ease and convenience. For all those people out there who are unable to get rid of password protection of a PDF file, go through the following steps, they are easy and clear, and they will definitely help you to remove s password from a PDF file.

The steps for removing password from PDF files are as follows:
  • Step 1: The first step in order to remove password from a PDF file is to go to the “Batch PDF Documents Security” option. Once you find this option and select it you have to click on the “next button”.
  • Step 2: After clicking on the “next button” of the “Batch PDF Documents Security” option, a new window appears. Here you have to click on the “Add” button. The Add button will help you to add that particular encrypted PDF that you want to remove the password from. It is very convenient.
  • Step 3: The third step after addition of the encrypted PDF file to click on “Try Passwords” button. The try passwords button will begin to delete the PDF password. The Password pool will automatically try passwords under the surveillance of password security. This way the PDF password will very easily be removed.
  • Step 4: The fourth and the last step is to click on the “next button”. A Check Box for “Security level” will appear and you have to click on NONE.

How to remove malware from PC or laptop



The PC or the Laptop might be running slow and the peripheral devices are malfunctioning. If strange windows are popping up left right and center, it means that the computer is infected with virus or the malware. The spyware as it is called creates obstructions in performing normal functions and would go a long way in making the computer paralyzed. There are some advices which one can follow so that the PC is not infected by malicious programs.

As the first step, purchase an anti virus suite so that it is able to ward off the intruders from infecting the computer however it doesn’t guarantee safety from the malware. The security software should be regularly updated from the internet so that all the definitions of the virus are contained in the databases. It is important to note that no antivirus program can filter out all the malware which are being created in the virtual world.
It is important to enter the safe mode to eliminate the culprit but prior to that one should disconnect the PC from the internet and switch off the Wi-Fi mode. To boot into safe mode, shut down the PC and restart the computer. As soon as you see the information on the screen, keep on pressing the F8 button. One could find numerous options on the screen, wherein it is possible to select the advanced boot alternative. Choose the safe option with the networking mode and press the enter button.

Samsung Galaxy S4 and iPhone 5 zero-day exploits revealed at Pwn2Own 2013 Contest


At Information Security Conference PacSec 2013 in Tokyo, Apple’s Safari browser for the iPhone 5 and the Samsung Galaxy S4 have been exploited by two teams of Japanese and Chinese white hat hackers.
In HP's Pwn2Own 2013 contest, Japanese squad Team MBSD, of Mitsui Bussan Secure Directions won won $40,000 reward for zero day exploit for hacking Samsung Galaxy S4. The vulnerabilities allow the attacker to wholly compromise the device in several ways, such as using a drive-by download to install malware on the phone.

MacRumors forum hacked; more than 860,000 accounts compromised


Popular Mac news and information site MacRumors user forums have been breached by hackers on Monday this week.
More than 860,000 usernames, emails and hashed passwords were potentially compromised. Users are advised to users that they change their passwords on the forums, as well as any other sites or services where the same password has been used.

Bitcash.cz Bitcoin Exchange hacked; Money from 4000 Bitcoin wallets Stolen


Another Bitcoin Exchange hacked! Bitcash. CZ based out of the Czech Republic has been hacked and Money from 4000 Bitcoin wallets have been Stolen, value of over 2 million Czech Koruna i.e. Approx $100,000.

Bitcash.cz is currently down with a maintenance message that on the evening of November 11, their server was compromised by unknown Hackers and bitcoins from its clients were stolen.
Hackers appear to have sent emails from Bitcash.cz email accounts pretending to be members of staff. The emails claim the company had to use a US recovery company to get back the bitcoins that have been stolen and recipients are then apparently asked to send 2 BTC to a wallet address in order for their bitcoins to be returned.

"We are trying to resolve the situation, but we want to warn our users about fraudulent emails and scams [claiming to be from Bitcash]" site said on their Facebook page.

Federal Judge ruled at Child pornography case, 'Your Peer-to-Peer file sharing data is not a private matter '





Today computer telecommunications have become one of the most prevalent techniques used by pedophiles to share illegal photographic images of minors and to lure children into illicit sexual relationships. The Internet has dramatically increased the access of the preferential sex offenders to the population they seek to victimize and provides them greater access to a community of people who validate their sexual preferences.

The Fourth Amendment is the most implicated and litigated portion of the Constitution. Courts are increasingly confronting the problems associated with adapting Fourth Amendment principles to modern technology.
If you think that your peer-to-peer file sharing can be kept under wraps, then please think again. A federal judge 'Christina Reiss' in Vermont has ruled that there should be no expectation of privacy for data shared across peer-to-peer file-sharing services.

In a Child pornography case, three defendants argued that information gained from a P2P network had been illegally obtained by police without a search warrant.

Security updates for available for Adobe Flash Player and ColdFusion vulnerabilities

Security updates for available for Adobe Patches Flash and ColdFusion vulnerabilities Adobe released critical security patches for its ColdFusion web application server and Adobe Flash Player for Mac, Windows and Linux. Adobe AIR and the AIR SDK and Compiler are also being updated.

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system, dubbed as CVE-2013-5329, CVE-2013-5330.
The following software versions are affected and should be updated as soon as possible:

Singapore police arrested six men for allegedly hacking Prime Minister and President websites

A Singaporean hacker calling himself the "The Messiah" was arrested in Kuala Lumpur last Monday for hacking into a Singaporean government website over two weeks ago - from a Kuala Lumpur apartment.

James Raj (35) charged with hacking of Ang Mo Kio town council website and posting a symbol associated with international hacker group Anonymous.

He was charged under the Computer Misuse and Cybersecurity Act. If found guilty, he could be jailed for up to three years and fined S$10,000.
Police said Raj was also linked to a series of hacking incidents, including penetrating the website of a charity group related to the ruling People’s Action Party.

Sunday, 3 November 2013

CREATING FUNNY VIRUSES USING NOTEPAD








These are cool notepad pranks witten in Microsoft Visual Basic, not some scary deadly virus, grin

 create any of these files and try them out on your pc and see what i'm saying, or send it to your friends via e-mail. Doing this is fun, hehehe, Re-starting your computer cancels the effect unless you add the start-up code which I wont post here.

1. Convey your friend a lil' message and shut down his / her computer:
Type :

@echo off
msg * I don't like you
shutdown -c "Error! You are too silly!" -s


Save it as "Anything.BAT" in All Files and send it.


2. Toggle your friend's Caps Lock button simultaneously:
Type :

Set wshShell =wscript.CreateObject("WScript.Shell&quot")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop


Save it as "Anything.VBS" and send it.


Tuesday, 15 October 2013

Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store


FISC Court renews the Permission to collect Telephony Metadata again


The Foreign Intelligence Surveillance Court has once again has renewed the permission to the U.S. government for a controversial program to collect the telephony metadata from American phone companies.

The News that the NSA collects bulk phone call metadata including phone numbers, call times and duration from Verizon and other backbone providers initially leaked out in June by Edward Snowden.

It’s pointed out that FISA court orders are usually issued to track a specific person. It’s rare to see the government collecting information on every single person.

The government filed an application with the FISC seeking renewal of the authority to collect telephony metadata in bulk, which expired on Friday. The Office of the Director of National Intelligence has published a press release and the Court has renewed that authority.

Top 3 Focus Areas that can help you in Data Loss Prevention

One of the most intimidating issues that gives nightmares to IT teams across organizations is data breaches or data loss. Typically, data loss happens when security is compromised and corporate sensitive data is accessed. It might fall under any of these categories:
  • Unauthorized, intentional or unintentional exfiltration of confidential information
  • Data spill or data leak
This can happen due to external security attacks like malware, hacking or sometimes even from an internal source such as a disgruntled employee. This calls for a data loss prevention (DLP) system in place that would help you contain and avoid the loss of data.

Vulnerability in WhatsApp allows decrypting user messages

A serious vulnerability in WhatsApp allows anyone who is able to eavesdrop on WhatsApp connection to decrypt users' messages.

Whatsapp, the mobile application for instant messaging platform has become one of the main communication tools of the present day and its popularity makes it attractive for security researchers and hackers.

This time it is debated in the protection of the messages exchanged through the application, thanks to a vulnerability in the crypto implementation they can be intercepted by an attacker.

Thijs Alkemade is a computer science student at Utrecht University in The Netherlands who works on the open source Adium instant messaging project, during its research activity he disclosed a serious issue in the encryption used to secure WhatsApp messages.

Friday, 11 October 2013

Metasploit website Hacked just by sending a spoofed DNS change request via Fax to Domain Registrar

A group of Pro-Palestine hackers 'KDMS Team' today has been able to hijack the Metasploit website simply by sending a fax and hijacked their DNS records.

Rapid7 is a leading Security Company and Creator of world's best penetration testing software called 'Metasploit'. The company confirmed via Twitter that Metasploit.com was hacked via a spoofed DNS change request sent via fax to its registrar, Register.com.
The group came to prominence earlier this week when it managed to hijack the websites of popular messaging service WhatsApp and anti-virus company AVG among others.

Tuesday, 8 October 2013

Microsoft paid over $28,000 Rewards to Six Researchers for its first ever Bug Bounty Program

Microsoft today announced that they had paid more than $28,000 in rewards to Security Researchers for its first Bug Bounty program, that went on for a month during the preview release of Internet Explorer 11 (IE11).

The program was designed to run during Internet Explorer 11’s browser beta test on June 26 and went on till July 26. They said it would pay researchers up to $11,000 for each Internet Explorer 11 vulnerability they found.
In July, the company announced that the first such bounty award was given to a current employee of Google, Ivan Fratric. Today Microsoft has released the names of all the people who the company said found vulnerabilities that qualified for a bounty and paid out $28k a total of six researchers for reporting 15 different bugs.

Apple's own Encryption Mechanism allows hacker to create an Undetectable Mac OS X Malware

In the past, there was a general belief that Macs is much more secure than Windows PCs, but now Mac malware is a serious threat to the security of users’ computers and information.

One of the reasons behind the increase in Mac related Malware attacks is the fact that Apple products are popular with many prominent businessmen and influential politicians.
Daniel Pistelli, Reverse Engineer and lead developer of Cerbero Profiler, former developer of IDA Pro comes up with another interesting research, and explained The Hacker News, the basic details behind the technique he used to create an undetectable malware for Mac OS X.

Apple implements internally an encryption mechanism to protect some of their own executable like "Dock.app" or "Finder.app". This encryption can be applied to malware as well. If one does, anti-malware solutions can no longer detect the malware because of the encryption, but OS X has no problem loading such malware.

Paunch, the author of Blackhole Exploit kit arrested in Russia


According to a Security Analyst 'Maarten Boone' working at Fox-IT company, the Developer of notorious Blackhole Exploit Kit developer 'Paunch' and his partners were arrested in Russia recently.

Blackhole Exploit Kit which is responsible for the majority of web attacks today, is a crimeware that makes it simple for just about anyone to build a botnet.
This Malware kit was developed by a hacker who uses the nickname “Paunch” and his Team, has gained wide adoption and is currently one of the most common exploit frameworks used for Web-based malware delivery.

Microsoft Patch Tuesday - 8 Security Updates, 4 critical vulnerabilities, including Internet Explorer zero-day

October is turning out to be a busy month for patches. This month also marks the 10-year anniversary of the Patch Tuesday program, which Microsoft started in October of 2003.

Scheduled for tomorrow, Microsoft has announced that they will release eight security updates including four critical, addressing vulnerabilities in Microsoft Windows, Internet Explorer (IE), Microsoft Office and its other products.

Bulletin 1 is almost certainly to a zero-day vulnerability CVE-2013-3893 that has been actively exploited by hackers in targeted attacks. Though Microsoft issued a temporary "Fix it" in September for the vulnerability,

Bulletins 2, 3 and 4 address vulnerabilities in a wide range of Microsoft products, including Windows XP, 7 and 8, and Windows Server 2003, 2008 and 2012.


Saturday, 5 October 2013

Seized $3.5 Million worth Bitcoins from Silk Road will be deposited in the U.S. Treasury


Ross Ulbricht, the recently arrested mastermind behind Silk Road, appeared in court yesterday where his lawyer begged for more time before the detention hearing.

As the Protective Order states, The United States is further authorized to seize any and all Bitcoins contained in wallet files residing on silk road servers and can transfer the full account balance in each silk road wallet to a public Bitcoin address controlled by the United States.
Right now the FBI must be feeling pretty good too, because a federally controlled Bitcoin account , renamed as "Silkroad Seized Coins" now contains over $3.5 million worth of the digital currency, seized from Silk Road over 26,000 Bitcoins.

Facebook Graph Search becomes more powerful than ever, Review your Privacy Settings again

Facebook Graph Search is more powerful than ever, has been updated to allow people to search in greater depth on Facebook. 

Facebook expanded its Graph Search to include posts and status updates, which means everything you’ve been posting is way easier to find than ever before.
"Now you will be able to search for status updates, photo captions, check-ins and comments to find things shared with you,” says Facebook.

Crazy notepad trick to continuously Popout cd тґαy


Open Notepad and Type :
Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count -1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count -1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop


Save it as “cdtray.VBS” and send it.


Friday, 4 October 2013

Simple WEP Cracking

1 Introduction


This tutorial will show you how to crack a depreciated, but still used, wireless encryption algorithm called Wired Equivalent Privacy (WEP). WEP was introduced in 1997 and was designed to provide the user with a secure connection comparable to that of traditional wired networks. But sometime in 2001 weaknesses where beginning to show and in 2004 WEP was declared depreciated due to the fact that it was unable to meet its security goals.

2 Implementation


This tutorial is written for users of Linux, you may be able to follow along using Microsoft Windows, make sure to check the aircrack-ng website. (http://www.aircrack-ng)


This tutorial is written with the then current version of aircrack, 1.0. Download and compile the aircrack tools or use you download manager, search aircrack-ng, it should be easy to do. Once that is done check it is working by typing “aircrack-ng” you should have a output that looks something like this:

GOKU@Nyu:~$ aircrack-ng

Aircrack-ng 1.0 rc3 – (C) 2006, 2007, 2008, 2009 Thomas d’Otreppe
Original work: Christophe Devine
http://www.aircrack-ng.org
etc ..

There will be four scripts from aircrack-ng that you will be using:

airmon-ng <start|stop|check> <interface> [channel or frequency]
Script used for switching the wireless network card to monitor mode

airodump-ng <options> <interface>[,<interface>,...]
Script used for WLAN monitoring and capturing network packets

aireplay-ng <options> <replay interface>
Script used to generate additional traffic on the wireless network

aircrack-ng [options <.cap /.ivs file(s)>
Script used to recover the WEP key, or launch a dictionary attack on WPA-PSK using the captured data.

You will need to know some basic Linux networking commands.

iwconfig [-v] [-a] [-s] [interface]
This is a standard Linux command it will display the status of the currently active interfaces. If a single interface is given it will display only that interfaces status.

-v Be more verbose for some error conditions
-a Displays all interfaces which are currently available, even if down
-s Displays a short list (like netstat -i)