foxsin tech: يناير 2016

الأحد، 31 يناير 2016

LG Patches The SNAP Vulnerability In G3 Devices

From previous days so many problems are coming with LG phones but users need not to worry at least we know that fix/patches for them are ready. They have already patched a bootloop problem which enables to loose contacts which are in the versions of LG G4.

One of the South Korean Company found out the patches for a security hole in the LG G3. Almost ten million G3 phones are vulnerable to the malicious attacks by which their chat histories could be easily stolen.

LG researchers told that this problem is with the Smart Notice app(an app that shows notifications and suggestions on LG G3 phones). Along with that, this app also shows contacts, birthdays, and reminders so that we can easily be in a contact with other people. This app doesn't contain any kind of techniques by which users can check that data is valid or not, and that's why anyone can easily manipulate the data that contain some malicious code that allows an attacker to gain access to any information(may be public & private), data, photos and chat histories too. After being informed of the vulnerability, LG released the latest update to Smart Notice app.

A "WebView"- based applications is used by Smart Notice app, The functionality of the "JavaScript" code is extended so that it enables the attacker to select from the biggest set of options. For this, we examined the client side application code, located in the following path: root/system/etc/mrg_default_forms/ConciergeBoard/.

We found two possible scenarios:
Use the Callback function (ConciergeBoard\card_forms\reconnect_noti):

Use the Birthday function (ConciergeBoard\card_forms\birthday_noti_contact):

The “@string” parameter displays the contact name without any validation, when a callback notification is set,

Further investigation revealed to us where the update process is found: (ConciergeBoard\default_view\container)

We have to find out that the “doAction” function is used as a JavaScript Interface which can easily communicate with “IurlActionHandler,” “setDbActionHandler,” “cardActionHandler” etc., obviously providing many sets of payload vectors to attackers.

We have to say "Thanks" to BugSec and Cynet researchers who have discovered such a malicious "severe security vulnerability" in LG phones. Researchers told the reason for it's severity that it lead to the authentic phishing attack and to fill the DOS on the device. While targeting this attack, an attacker run simple JavaScript code and it has a named too called 'SNAP'.

But, users need not worry the vulnerability is fixed now by the researchers. Now it's up to the owners of LG G3 to install the said update ASAP.

Watch "Snap" Vulnerability Video:

Softwares Essenciais 2016 Torrent

O pacote de programas Softwares Essenciais 2016 na verdade é o Programas Essenciais 2015 com novas atualizações dos programas que já estava porém com versões 2016
contém novas customização na interface e sem Bugs.

É uma verdadeira obra prima criada justamente para técnicos em informática que trabalha com manutenção, seu painel interativo vem com instruções e passo a passo para instalações de programas no qual até usuário leigo pode fazer a instalação sem preocupação.

Ano de Lançamento: 2016
Versão: 2016.20.01
Plataforma: Windows
Ídioma: Português
Extensão: ISO
Tamanho: 4.28 GB

Download TORRENT

Download TORRENT :

ou

Download MEGA

Download MEGA :

ou

Opção dividido em 5 Partes

Download BR2Shared Parte 1

Download BR2Shared Parte 1:

Download BR2Shared Parte 2

Download BR2Shared Parte 2:

Download BR2Shared Parte 3

Download BR2Shared Parte 3:

Download BR2Shared Parte 4

Download BR2Shared Parte 4:

Download BR2Shared Parte 5

Download BR2Shared Parte 5:

Para Burlar o Download limitado e o tempo de espera do MEGA baixe o programa Megadownloader, clique na imagem abaixo.

Programas e Sistemas Atualizados 2016

Mais de 20 links atualizados de programas e sistemas em 2016 com a grande maioria de link em TORRENT'S e pelo MEGA, aproveite todos o links atualizados. Cada link o upload foi feito em 2016 ou seja , não tem mais problema de link quebrado mesmo sendo uma postagem antiga justamente por estar em torrent os programas e sistemas...

Download Windows 8 Todas As Versões Torrent Português

Download Windows 8 Todas As Versões Torrent Português :

Download Office Professional Plus 2013 SP1 AIO PT-BR

Download Office Professional Plus 2013 SP1 AIO PT-BR :

Curso Manutenção PS3 E XBox 360 2015

Download Curso Manutenção PS3 E XBox 360 2015 :

Download Kaspersky Internet Security 2015 Ativador Torrent

Download Kaspersky Internet Security 2015 Ativador Torrent :

Download Photoshop CS6 PT-BR Crack E Serial

Download Photoshop CS6 PT-BR Crack E Serial :

Download Windows 7 AIO Novembro 2014 PT-BR Torrent

Download Windows 7 AIO Novembro 2014 PT-BR Torrent :

Download Windows 7 Todas As Versões 2015 PT-BR

Download Windows 7 Todas As Versões 2015 PT-BR :

Download Photoshop CC Serial Ativador Torrent

Download Photoshop CC Serial Ativador Torrent :

Download Windows 7 E Windows 8.1 PT-BR 2015 Torrent

Download Windows 7 E Windows 8.1 PT-BR 2015 Torrent :

Download Windows 8.1 Pro PT-BR + Ativador

Download Windows 8.1 Pro PT-BR + Ativador :

Download Windows XP SP3

Download Windows XP SP3 :

Download CorelDRAW X7 Serial Ativador Torrent PT-BR 32/64 Bits

Download CorelDRAW X7 Serial Ativador Torrent PT-BR 32/64 Bits :

Download Windows 8.1 Todas As Versões 2015 PT-BR

Download Windows 8.1 Todas As Versões 2015 PT-BR :

Download Kit LordSoftware 2015 Torrent

Download Kit LordSoftware 2015 Torrent :

Download Windows XP PT-BR 2014

Download Windows XP PT-BR 2014 :

Download Windows 8.1 Single Language X86/X64 - PT-BR

Download Windows 8.1 Single Language X86/X64 - PT-BR :

Download Windows 7 Pro X64/X86 - PT-BR Ativador

Download Windows 7 Pro X64/X86 - PT-BR Ativador :

Download Windows XP Professional SP3 Final 2014 Ativado

Download Windows XP Professional SP3 Final 2014 Ativado :

Download Seven Lite Extreme 2014 PT-BR

Download Seven Lite Extreme 2014 PT-BR :

Download Windows 7 Ultimate 32 E 64 Bits Chave E Ativador

Download Windows 7 Ultimate 32 E 64 Bits Chave E Ativador :

Download Windows 8.1 Pro PT-BR + Ativador

Download Windows 8.1 Pro PT-BR + Ativador :

Curso Manutenção PS3 E XBox 360

Download Curso Manutenção PS3 E XBox 360 :

Download Office Professional Plus 2013 SP1 AIO PT-BR

Download Office Professional Plus 2013 SP1 AIO PT-BR :

Download Office 2013 Pro PT-BR Torrent

Download Office 2013 Pro PT-BR Torrent :

Download Microsoft Office 2013 SP1 Ativador E Chave

Download Microsoft Office 2013 SP1 Ativador E Chave :

Download Office 2013 SP1 AIO PT-BR

Download Office 2013 SP1 AIO PT-BR :

The Smartphone Case with a Built-In Hand Crank

Smartphone case with Built-in Charger/Pop-up Crank

When phones tend to lose power they are not of much use and it could happen to anyone especially those that are smaller or older. However a phone case with a spare battery built-in could solve the problem. Usually power cases tend to be bulky and not so attractive but there are some new devices which have been slimmed down while helping to charge up the device.

Smartphones when they tend to be drained off would cause a bit of inconvenience to the user.The creation of a smartphone case with a built-in charger together with pop-up crank could keep the phone powered and in use. The design of the Ampware, putting the case in production is in the pipeline which tends to charge within a minute to keep the smartphone running for extra 40 minutes of talk time.

If an additional five full minutes to crank is done, the user could use the phone for an extra three hours. This is a first run through of hand wrench which has been shaped as a part of a telephone case. Besides this, it also has a USB port wherein one could use the case to charge other devices also and not just the phone to which it has been connected

Charge Phone - Spinning Handle

A smartphone case capable of charging the phone with built-in hand crank has been put up for sale. A wind up iPhone case which could charge a phone by spinning a handle towards the back could solve the problem of battery anxiety. According to the designers the Ampware CrankCase offers three hours of power on winding the handle for only five minutes.

The technology which tends to make the work is not revolutionary but has been incorporated in a solid though possibly life-saving smartphone case. Co-founder of Ampware, Mark Gabriel based in Baton Rouge, Louisiana had stated that he was inspired to develop the device after he had been separated from his family by Hurricane Katrina in 2005. He realised that without power, there was no way where one could stay in touch with friends and family.

With several of the people having the same problem during the incident like Karina as well as the recent happenings during Hurricane Sandy, he had to find a way in order to enable people to stay connected irrespective of access to a traditional power source. According to him `CrankCase tends to leverage the prevailing technology in a new way in generating power, keeping the mobile device charged without the need to depend on the traditional power outlets.

CrankCase – Magnetic Dynamo generator

CrankCase tends to use a magnetic dynamo generator in order to create the power required to charge the phone. It utilises a rare earth metal spinning within a magnetic field in order to generate electrical current in a coil of wire rolled around the magnet. Mr Gabriel had mentioned that spinning the handle on the back of the case for a minute could provide adequate battery life of 40 minutes of standby use for an iPhone and 20 minutes for an iPad mini.

The handle towards the back of the case could also be utilised as a means of support for propping up the phone while watching videos. Mr Gabriel has now launched a campaign on Indiegogo in order to fund the development of the case and the team intend to start shipping the device at a cost of $59.

To pre-order the Ampware case, an early bird donation of $29 is essential wherein the estimated delivery would be in October this year.

Google Will Flag UnEncrypted Websites As Insecure Soon

Google is a company that wants ever data to be travel over a secure channel to ensure that everything is safe from security aspects, and this could be the reason that in future your browser(Chrome) will flag unencrypted websites as insecure, displaying a red “x” over a padlock in the URL bar.

Google said that in future through browsers all data would be encrypted and all sites should be visited over HTTPS. HTTP is a top in a secure layer of HTTP web protocol.

Several companies and organizations have been pushing for more encrypted sites as part of a campaign to “Encrypt All The Things,” which consists of promoting more websites to abandon the traditional, less secure HTTP protocol and adopt HTTPS.

When you're accessing a website which is not secured then chrome displays white page icon, a green locked padlock when it is, as well as a padlock with a red “x” on it when there’s something wrong with the HTTPS page the user is trying to access and if the sites are insecure then it will draw more attention.

“The goal of this proposal is to display more clearly to users that HTTP provides no data security.”

This plan had already announced back in 2014 when one of the members of the Chrome Security Team sent out a proposal to mark all HTTP websites as “non-secure.”

“The goal of this proposal is to more clearly display to users that HTTP provides no data security,” Google’s Chris Palmer wrote.

On Tuesday, in San Francisco a presentation at the Usenix Enigma security conference was held in which an engineer at security firm CloudFlare showed difference between that how it showing today when the user enables the feature in Chrome's settings, and presumably how it might look like in the future if it's enabled by default.

Parisa Tabriz, who manages Google’s security engineering team, tweeted that Google’s intention is to “call out” HTTP for what it is: “UNSAFE.”

It would be anyone a hacker at a coffee shop or a repressive government, could steal your sensitive information including passwords, private messages, everything has to travel through a secure channel over HTTP the data exchanged between the site’s server and the user is in the clear, meaning anyone with the ability to snoop on the connection.

HTTPS ensures that the user is connecting to the right site it doesn't just protect user data. The reason behind to do it's important because the fake website is a favorite tactic of hackers and malicious actors that can easily grasp the users interest. HTTPS also protect the connection from the malicious third party.

Google’s intention is to “call out” HTTP for what it is: “UNSAFE.”
Tech and Privacy experts applauded Google's plan.

”Chrome pushing forward on marking plain HTTP as outright insecure is an incredibly strong and pro-user move,” Eric Mill, a technologist who's been working on web encryption, told Motherboard. ”Despite how common plain HTTP can still be today, it *is* outright insecure, and a real and present danger to users and to the open web.”

Google haven't an official announcement that when it will make the HTTP flag the default on Chrome, but according to rumors told that there will be an announcement "soon" and the goal is to make it default.

iOS App Development Patching Reveals A Security Hole

The way by which iOS developers patched their apps using a JSPatch (3rd party library), the research team of FireEye's mobile threat uncovered the problem with the same way.

Before pushing the bug affected devices into the Apple's App Store for review, a developer would put together a bugfix. And this approach keeps the App store safe and sound over the years but along with that it has annoyed many iOS developers, because it took lot of days or even more than a week for crucial a bugfix to reach users, it may be any either security related to one that crashes apps by making it unusable. Due to this, so many developers are there who can lose their business but thanks to Apple's complicated update procedure.

Some unknown developer has created JSPatch, which is a small JavaScript-to-Objective C engine which can be embed in the iOS apps. Once the engine loads inside their app, they'll also have to load a JavaScript file, but one hosted on a remote server, under their command.

If any developers want an urgent update for their iOS app, then they can easily do it by adding some JavaScript code to the hosted file on the server and fix the issue without going through the Apple's long-winded update routine.

Here's where things can go bad. What happen if the app's developer loads this library via an unencrypted channel, and an attacker using a simple MitM technique can intercept this library and alter its content to perform a malicious action?

It's not such a far-fetched scenario. In their tests, FireEye researchers were able to use JSPatch to deliver malicious instructions to a test application, such as loading sensitive local iOS APIs and using them to reach into data stores of personal information which the app wasn't initially to approved.

Threat model for JSPatch used by a third-party library provide

JSPatch engine transferred all the JavaScript code into Objective-C so that any iOS exploit can carry out. The most and the best part is that JSPatch attack vector works even if the device wasn't jailbroken.

By using JSPatch, malicious actors can carry out a different way of attacks. Developer's server send out a JS code which can easily alter the attacker, and they can also perform MitM attacks, or in more targeted attacks attacker wait for either on the local network or scanning to updates and modifying them before they reach to the user.

An attacker may be anyone might be the developer of app himself or other, the owner of a third-party library that embedded the JSPatch engine, which in turn is used to tens or hundreds of other apps.

In October 2015 also, something happened which is similar to that scenario, that time malicious SDK was in the Apple's 256 iOS apps that collect user details.

As for JSPatch's legality, Apple's review process says that apps that download third-party code will be automatically rejected.

Only JSPatch users can download JavaScript code through Apple's WebKit or JavascriptCore engines. But Apple also banned that app that uses malicious JavaScript code. To detect "anything" malicious, you have to review manually "everything." So, in the end, it will be up to the company to decide if it wants to revamp its app update process to make it speedier, or to allow a potential attack vector to creep inside most of its apps.

Threat model for JSPatch used by an app targeted by MitM

السبت، 30 يناير 2016

Windows 10 Pro 2016 32/64 Bits PT-BR Torrent

Atualizado em janeiro de 2016 o mais completo windows 10 Professional da atualidade.
Vem com o Rufos para você gravar no pen drivve mais o Power Iso para você gravar
em uma midia DVD5 (DUAL LAYER)...

Instalação
São 3 modos que pode escolher:

a) Queime a imagem(.iso) num dvd e de boot pelo dvd;
b) Utilize o Rufus para criar um pendrive bootavel já com a imagem.(rufus incluso);
c) Execute o setup no windows atual, caso queira manter os arquivos atuais.

Ativação
1- Instale como administrador o Ativador_Setup.exe
2- Após instalado, vai no menu do windows, todos aplicativos
3- Desça até a letra K e clique na pasta Kmspico
4- Clique com o botão direito do mouse sobre AutoPico
5- Na lista que abrir, clique em Mais e selecione Executar como administrador
6- Aguarde até que uma voz diga Program Complete ou aguarde alguns segundos;
7- Pronto! Windows 10 Pro Ativado.

Obs: Caso queira ver se já foi ativado, clique com o botão direito no “este computador” na sua area de trabalho selecione propriedades!

Acompanha Rufus, para criar um pendrive bootavel ja com o windows pronto pra ser instalado.

Segue um tutorial em vídeo aula nosso canal de Tutoriais no Youtube
Inscreva-se : RATON TUTO:

Tutorial como criar um Pen Drive com Windows Bootavel
Veja o vídeo explicado passo a passo :

>

Tamanho 5.02

Download Novo Windows 10 Pro Versão 2016 com Cortana

Download Windows 10 Pro Atualização de Aniversário PT-BR :

ou

Download TORRENT

Download TORRENT :

Windows 10 Pro 2016 32/64 Bits PT-BR

Tutorial como criar um Pen Drive com Windows Bootavel
Veja o vídeo explicado passo a passo :

>

Tamanho 5.02

Download Novo Windows 10 Pro Versão 2016 com Cortana

Download Windows 10 Pro Atualização de Aniversário PT-BR :

ou

Download TORRENT

Download TORRENT :

Maltego: An Open-Source intelligence And Forensics Software

Maltego: An Open-Source Intelligence And Forensics Software

Definition: Maltego developed by Paterva, which is a program built into Kali Linux. It is a software used for forensics and Open-Source Intelligence.

Features:

It is used for information gathering and data-mining.
It permits creating custom entities, which enable it to represent any information.
It can easily analyze real-world relationships between people, groups, websites, domains, networks, internet infrastructure, and affiliations with online services like(Twitter and Facebook).
It is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates.

What Does Maltego Do?

It can be used to determine the relationships and real world links between: People, Groups of people (social networks), Companies, Organizations, Websites.
It will save you time and will allow you to work more accurately and smarter.
The installation is very easy and quick - it uses Java.
It can run on OS like(Windows, Mac, and Linux).
It provides you with a graphical interface.
The graphical user interface (GUI) provides the transparency to see relationships easily - even if they are three or four degrees of separation away.
It is unique because it uses a powerful, flexible framework that makes customizing possible.

Maltego Practical Example

Here we use Maltego to find information about a person, after that, we'll use it for network information, and finally, blog and file information. Here we have used the Community Edition (free) of Maltego.

Fire up Maltego CE v2.0 and click on the Personal/Person icon.

Let’s get oriented. On the left side, we have our searchable options sorted by Infrastructure and Personal.

At the top in the middle, we have our different “views” including Mining, Centrality, and Edge-Weighted.

Maltego supports 4 types of layout algorithms:

: Block layout. It is the default layout and also used during mining.

: Hierarchical layout. Think of this a tree based layout â€“ like a file manager.

: Centrality layout. Nodes that are most central to the graph (e.g. most incoming links) appear in the middle with the other nodes scattered around it.

: Organic layout. Nodes are packed tight together in such a way that the distance between each node and all the other nodes are minimized.

Here is the Speed/Accuracy versus #Results tab. This should be fairly self-explanatory. If you slide the bar toward #Results the more results you get. Slide it to the other side, and you get fewer results which will increase the speed of your search but also sacrifice your accuracy.

On the far right is your Satellite View, and detailed transform output:

And finally, at the bottom is our Transform Log/Output:

Here is the video how you can run and install Maltego.

Watch Video:

Download

الجمعة، 29 يناير 2016

HSBC's Bank Again Hit By A Cyber Attack

HSBC's bank was hit by a cyber attack has gone down for the second time in less than a month.

A statement given to the BBC by HSBC said:

"HSBC internet banking came under a denial of service attack this morning, which affected personal banking websites in the UK."

"HSBC has successfully defended against the attack, and customer transactions were not affected. We are working hard to restore services, and normal service is now being resumed."

Customers currently trying to log onto HSBC's site are met with a message saying:

"We'd like to apologise to all our customers for Online Banking being unavailable. We know how inconvenient this is and we are doing everything we can to rectify the problem. Please try later."

According to the bank, it was a DDoS attack by which attacker floods a website with a large amount of traffic from many systems by which the site get crash, and it is same as the method used on the BBC website on New Year's Eve.

In three weeks it's the second time that HSBC site goes down. On January 4th, HSBC's internet banking service went down for the first time, which led to Britain's banking regulator, the Financial Conductor Authority, to scrutinize HSBC.

HSBC UK internet banking was attacked this morning. We successfully defended our systems. 1/2
— HSBC UK Business (@HSBCUKBusiness) January 29, 2016

At the time a spokesperson told Business Insider:

"The FCA is in contact with HSBC regarding a recent IT issue. We will be working closely with the bank as it resolves the problem and to ensure there are steps in place to help consumers who are affected."

Just after the customers started reporting that they were unable to access their accounts this attack happen. The bank told customers on Twitter to visit their local branch for urgent transactions, and it is working closely with law enforcement authorities to pursue the criminals responsible for the attack.

Shortly before 5 pm, John Hackett, HSBC’s UK chief operating officer, said the bank was continuing to experience attempted denial of service attacks and was closely monitoring the situation with the authorities.

“HSBC’s internet and mobile services have partially recovered, and we continue to work to restore a full service,” he said.

“We apologise for the disruption and inconvenience this may have caused.”

"Customers who are unable to access the service and need to make an urgent payment can visit our branch network or contact personal telephone banking. Please be aware that we are experiencing extremely high call volumes."

People have to fill self-assessment tax forms online on Sunday, with millions of self-employed people and limited companies due to settling their tax affairs with HM Revenue and Customs.

Internet and mobile banking recovering, but we continue to see DDOS attacks. Situation closely monitored, but normal service is returning.
— HSBC UK (@HSBC_UK) January 29, 2016

After 5 hrs HSBC tweeted that they fully recovered

HSBC internet and mobile banking are now fully recovered. Thanks for your patience and again we apologise for the disruption.
— HSBC UK (@HSBC_UK) January 29, 2016

America's Biggest Police Union 2.5 GB Database Leaked Online

America's Biggest Police Union 2.5 GB Database Leaked Online.

An unknown hacker online breached the US biggest police union,(Fraternal Order Of Police) and dumped 2.5 GB of data.

The data which released online as a torrent file from the Cthulhu website and that data contained personal information of the FOP's members, contracts between police forces and local authorities. But it doesn't include any financial information.

Cthulhu said that

"He received the data dump from a hacker who wanted to remain anonymous. He also stated that he got more than 18 TB of data but only chose to release 2.5 GB for now, due to the fact that some of it was labeled as classified or sensitive."

Chuck Canterbury, the FOP’s national president, given the interview to The Guardian and said,

"We have contacted the office of the assistant attorney general in charge of cyber crime, and officials from FBI field offices have already made contact with our staff,”

Yesterday, when FOP's website went down the breach has taken place. The page where the data dump was hosted has now been taken down, but it is still available via Web archive sites. Since there are people still hosting the file via BitTorrent, you can still download the initial 2.5 GB dump. Over 150 people are still sharing the torrent at this moment.

Cthulhu justified hosting the data dump on his server as his way of helping the police cleanse rotten roots.

"The information should not be used to attack the police; it should be used to help them address their problems and correct them. A society cannot be at peace when the citizens and the enforcers of the law are at war," Cthulhu said on his blog.

The data dumb contains a lot of content that can put US police forces in a bad light. Even if the hacker refused to reveal how and why he did what he did, he might be acting in revenge after the recent wave of police brutality cases and the subsequent media and public backlash.

Image from cthulhu.

Image from cthulhu

Some of the criticism in the FOP forum database is aimed at President Barack Obama and Supreme Court Justice Sonia Sotomayor.

The FOP is one of the US' biggest unions overall, not just sworn-in police forces, and has over 330,000 members.

We will be updating this post with more information if we manage to find anything interesting in the data dump.

According to the Motherboard,

P.J. Haley, who works on computer and network support for the FOP, told Motherboard that many of the documents “are commonly available through the internet,” and at least one of the documents provided isn't in its database at all. Other agreements between police departments and organisations including the FOP are available online.

FOP National President Chuck Canterbury said in a Facebook page,

Brothers and Sisters, an important message from National FOP President Canterbury:We have learned today that our data...
Posted by FOP Florida State Lodge on Thursday, January 28, 2016

UFONet A Tool To Test DDoS Attacks

UFONet - is a free software tool designed to test DDoS attacks against a target using 'Open Redirect' vectors on third party web applications like botnet.

Features:

Usage of UFONet for attacking targets without prior mutual consent is illegal.
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program.
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks
using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Packages:

UFONet-v0.6(.zip) (md5:f6be802f76e40b7dfd06075bfc616e39) - torrent
UFONet-v0.6(.tar.gz) (md5:40ca8242475a72dc99c139309fe9055c) - torrent

Previous:

UFONet-v0.5b(.tar.gz) (md5:775f13baefb9241142c377f8519506f7)

Installing:

UFONet runs on many platforms. It requires Python (2.x.y) and the following libraries:

python-pycurl - Python bindings to libcurl
python-geoip - Python bindings for the GeoIP IP-to-country resolver library

On Debian-based systems (ex: Ubuntu), run:

sudo apt-get install python-pycurl python-geoip

Source libs:

* Python | * PyCurl | * PyGeoIP

GUI/Web Interface:

You can manage UFONet using a Web interface. The tool has implemented a python web server
connected to the core, to provides you a more user friendly experience.

To launch it, use:

./ufonet --gui

This will open a tab on your default browser with all features of the tool and some 'extra' options.

Download

Learn Why Security Needs To Be Approached Differently In The Cloud Platform

Learn Why Security Needs To Be Approached Differently In The Cloud Platform.

The cloud introduces significant operational benefits into the equation -- it's highly dynamic and you can automate many tasks with configuration management tools to simplify IT operations.

However, taking a traditional security approach with hardware IPS or firewall appliances in a cloud environment can hamper or even prevent the agility and flexibility that make the cloud attractive. To deliver security that fits the cloud, you need to understand where Cloud Provider security responsibilities end and yours begin.

Also included in this newsletter, Gartner provides security professionals with best practices for the secure deployment of workloads in Amazon Web Services, many of which apply to securing workloads in any infrastructure-as-a-service provider.

Offer by Trend Micro

Free Download

الخميس، 28 يناير 2016

Microsoft launches wearable technology in Australia targeting Fitbit, Apple and Samsung

Microsoft’s Wearable Technology – Band 2

Microsoft has launched wearable technology in Australian stores with its sights on big names in fitness tracking as well as smartwatches. The world’s biggest giant company has launched Band 2 in Australian markets and the same is now available through IB Hi-Fi, Harvey Norman and Rebel Sports at a price of $379.99. Earlierit was made available only in its Sydney based flagship store as well on Microsoft site.

Through its Band 2, Microsoft has aimed at Apple, Samsung and Fitbit in the segment of fitness and smart-watch. Band 2 is said to be a mix-up of smartphone notification as well as fitness tracking features and the company states that having the ability to chat with these added features is making the Microsoft Band quite sticky in comparison to some generic activity trackers.

The giant company had revealed its plan in Sydney recently and would be rolling out its wearable technology in electronics and sports stores shortly. Adam Pollington, Band product manager of Microsoft informed that the device would target the big names in wearable technology with a mixture of fitness and smartwatch features. He commented that if one looks at the market, there are two clear segments, you have got the activity tracker market and have the smartwatch side with productivity and connectivity. The Microsoft Band is in a new sub-segment of smart bands.

Personal Trainer/Assistant on the Wrist

He further added that the Microsoft Band would enable users in controlling their health in a more personalized way and would serve as a personal trainer and assistant on the wrist of the users. The first Australian wearable technology release of Microsoft is said to be the consequence of a model which had been released in the States in late 2014, featuring 11 sensors comprising of GPS for tracking cycling, a heart-rate sensor to track exertion, a galvanic skin response sensor to measure stress, barometer for elevation together with a UV sensor to inform if one needs sunscreen, which according to Mr Pollington would be beneficial in Australia. Besides this the Microsoft Band 2 can also connect to Apple iPhone, Google Android and Windows Phones in delivering notifications to its rectangular touchscreen from incoming calls to tweets together with SMS. Microsoft Band 2 is available in three sizes of small, medium and large.

Wearable in Tracking Health is Promising

For wrist with circumferences of 143 mm and 168 mm, the small size is an appropriate choice, while those between 162mm and 188mm could choose a medium size. Wrists that tend to be larger than 180mm and up to 206mm could select the larger choice.

The new device’s standing as a fitness band first follows research where exercise-tracking technology is considerably popular than the smartwatch rival till date. Juniper Research in a latest report, has forecast wearable fitness technology to lead smartwatches for the following three years.

According to Future Health and Fitness Wearable report, author James Moar, states that it is only in 2019 that smartwatches would be pulling ahead with 130 million users to fitness technology’ 110 million. Mr Moar had commented that the use of wearable to track health is promising though such devices would not reach their full potential till they tend to become less dependent on mobile devices to relay their information.