الاثنين، 29 فبراير 2016

Shodan A Search Engine For Hackers



Shodan: A Search Engine For Hackers

It's true that we are increasingly connected day by day, this may be due to the Internet of Things (IoT).  Internet of Things (IoT) consists of a complex network of systems and physical devices that allow devices to communicate and exchange data. The applications could be anything among them some are like infrastructure management, domestic applications, transportation, healthcare, environmental monitoring etc.

Each and Every single device is interconnected to every other in future. Then the security will be the main issue. Along with the products development cycle, Security has become a bolt-on additions to products.


Result:

Anyone can easily access the network of interconnected & insecure devices publically from the internet. Shodan is a search engine like Google. Google index the web page content over ports 80(HTTP) or 443(HTTPS) and Shodan crawls the web searching for devices  and respond to the host of another ports like 25 (SMTP), 22 (SSH), 21 (FTP), 23 (Telnet), 443, 3389(RDP) etc. Once the responding host is discovered by the Shodan, it connects to the machine and the port banner is pulled down. 

A wide range of internet connected devices has been discovered by Shodan in 2009, that incudes traffic signalling equipment, domestic home appliances, webcams, firewalls, industrial control systems for nuclear power plants and electrical grids and even more than that. They all are connected to the internet without any security not even with authentication. 

Webcam included the images of marijuana plantations, garages, front gardens, cash register cameras, swimming pools, ski slopes, colleges and schools and many more. There is also a paid members features on Shodan search engine. 

Shodan provides the simple and powerful searching and it provides it with ease. If you have a basic account then it provides you only the limited number of results. So, if you want to access it more then you have to upgrade it. The premium features of Shodan includes plotting the host locations on maps, accessing the full search listings etc. It also gives you a feature to search using filters. It makes your search even more easier.


  • city: find devices in a particular city
  • country: find devices in a particular country
  • geo: you can pass it coordinates
  • hostname: find values that match the hostname
  • net: search based on an IP
  • os: search based on the operating system
  • port: find particular ports that are open
  • before/after: find results within a timeframe

Many of the devices that Shodan detects and indexes are not 100% safe from any unauthorised access. In this era or world nothing is static, who knowns when can any malicious exploits and vulnerabilities are being discovered and disclosed. The example is a well-known computer networking companies in the world – Juniper. Recently they disclose that some of their devices contained a hard-coded back-door password. By hard-coded back-door password, it allows anybody to supply the password against a valid user account. We can also search for Juniper firewalls by using Shodan. Around 1,800 vulnerable Juniper firewalls that are currently sitting targets right now on the internet.

If we consider the major threat to our safety and security then the attacks on networked industrial control systems will come first. It may include alist:

  • The signalling systems on transport networks
  • The traffic lights that allow us to drive safely
  • Regulate the treatment plants that deliver drinking water
  • Nuclear reactors that deliver our energy.

We have to take care of all the information related to security implications when we purchase any device. As same the proper risk management framework in case of businesses

Check here Shodan

New Phase of Crypto Wars Between FBI And Apple

New Phase of Crypto Wars Between FBI And Apple

New Phase of Crypto Wars Between FBI And Apple. 


Do you know what is known as Crypto wars? Okay I’ll tell you that In the 1990s the U.S. authorities tried to strictly stop any kind of effective encryption because that were calling the very defective as well as harmful to export the polished munitions and then finally they were misplaced. And after that this will become known as Crypto Wars for over 20 years. 


One more time again the war catching fire after the exposing of Snowden event in which the subject was that the technological companies again began spreading encryption by placing their common and popular consumer products. And you know what that time the war led by FBI Director James Comey who is an officer of Law Enforcement and they clamorously insisted that the U.S. technological companies created a backdoor only for disturbing them by encrypting process.

But as all of us know that this wouldn’t be possible because there were not only U.S. technical companies who know and could create the backdoor but also hackers can also do this work very effectively and this is widely and well known by everyone. That’s why the news was letting down and not spreading so much else it moving out faster. But the encryption for disturbing the officers still continues.

But the advocates of technical US companies alert towards the disturbing element that is encryption and they always alert for this and actively pointed out the insufficiency and impossibilities of the anti-encryption movement that was jumping on any sign of backsliding. And they have always focused on the process of defending the encryption, even the US authorities always tried to shift their focus to anything else. 

Whereas the public noticed all these fights between Apple & FBI and this could not be wrong if you want to say that the public also entered in the Post-Crypto Phase in this Crypto Wars.  

The Court Order:-

Apple is precluding the Court Orders because it would be required to found and provide a new way to hack an iPhone 5c that is belonging to San Bernardino killer Syed Rizwan Farook.

But there is a problem that the Apple could not break the encryption because they have no idea about how they scrambled the iPhone’s data. Whereas FBI has no tension about all this incident because there were no need to worry for FBI either the company tried to open phone with just a single right password or not. 

And the CEO of Apple, Tim Cook gave a disaffected response towards public regarding the court order, “The ‘key’ to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it.”

And it’s those protections that are now under siege.

And if you think this was a sudden move through the government’s side but it’s not true this is not a sudden move for a government. As Bloomberg News recently reported, President Obama’s National Security Council last fall shaped a secret “decision memo” in which they are requesting to government agencies to revealed the both technical and legal ways to skirt encryption instead of breaking it.

They were also said that analyze the whole conditions and find out the cost of each and every option. Whether there was a need of changing any kind of laws then think about that and do the right thing according to the situation that’s why figure out all things and gave them a report related to that event.

According to a Washington Post story in September, an administration of Obama sent a working group who spent some months and worked with that technical companies then after that they were coming up with a list of technological methods for breaking the encryption. 

And finally, they obscene with a particular one idea of professionals of computer security that was to force companies for sending the  malware to users phones for using automatic software updates.

Whereas regardlessly Comey’s continue to complaining that the enforcement law is continuously “going dark” due to encryption and the FBI has been continuously not only creating but also purchasing viruses, Trojan horses, and many other types of malware to help break the digital devices and finally, they got success to find the unbreakable encryption after many years.

In September, an FBI spokesperson Christopher Allen wrote in an email to The Intercept that “The FBI routinely identifies, evaluates, and tests potential exploits in the interest of cyber security.”

According to the public records it is shown that the FBI had been used the physically hacking into the computers since at least 2001 when they placed a keystroke-logger on Scarfo’s computer that is known as “Little Nicky” after an investigation related to the American Mafia.

And those days FBI were also used its own created a self-malware which is known as Computer and IP Address Verifier (CIPAV). Even government agents tricked to find a high school kid in Washington into downloading it and exposing his identity when he was making bomb threats in 2007. 

The technology policy program manager for the Mercatus Center at George Mason University, Andrea Castillo wrote in an email to The Intercept, “I think that for many within law enforcement, the priority is to access data, point blank. That could mean installing backdoors directly into encryption standards or finding some kind of workaround.”

She also added that “The first strategy failed in the court of public opinion, so it appears that they are now attempting more covert methods to get around encryption. Unfortunately, there are major security risks with both approaches.”

National Security Agency Director Adm. Mike Rogers said in January that “spending time arguing” is “a waste of time.” And also said that it would be a bigger issue for domestic local law enforcement after forcing the Yahoo News.

But it is also true and also show in the documents of Snowden that the NSA has passed many years for actively trying to hack Apple phones as well as devices and you know what this would be starting from date back to 2006 even that time it was not unveiled.

A Big Con?

The technology and civil liberties policy analyst for the Niskanen Center, Ryan Hagemann wrote in an email to The Intercept, “Over the past few months, I’ve been wondering why it is the FBI has been pushing so hard in the public forum to advocate for backdoors when almost everyone, from technologists to the tech industry to civil society to Congress, has been opposed to such an approach.”

And also added that  “I think what we’re seeing unfold here is part of a multi-pronged strategy by law enforcement, possibly with the tacit approval and support of the intelligence community.”

Hagemann said also about the way of trying to hack the digital devices,“I think we should be more fearful of the strategy the FBI is using in the courts to push their ill-advised and Constitutionally dubious agenda.”

Julian Sanchez who is a senior fellow at the Cato Institute, said that “The threat of a costly fight over legislation, even if unlikely to become law, may be largely geared toward getting Silicon Valley, or, at least, a critical mass of companies, to adopt a more cooperative posture.” That means “quietly finding ways to accommodate the government.”

According to Sanchez when finally the government accepts that the self-explanatory evident for this unbreakable encryption then there will be need of some kind of demanding with the “compromise” with the legislative process.

And also said that it will be imaginable “privacy groups celebrating a victory” when it happens, “while intel officials snicker into their sleeves at a ‘defeat’ due to the plan.

Wireshark New Version 2.0.2 Available With Resolved Major Security Issues

Wireshark New Version 2.0.2 Available With Resolved Major Security Issues

Wireshark New Version 2.0.2 Available With Resolved Major Security Issues


There is an official announcement from the Wireshark Company that here is another major version of Wireshark available now. The new version is known as Wireshark 2.0.2. 


As you all aware that the Wireshark is a great and most popular networking protocol analyzer which is used by security experts for a long time that is really important as well as useful for analyzing purposes, troubleshooting, educational purposes and also for development. 

You know what the new version also had a lot of many new security issues that were also introduced in the previous version of Wireshark.  And the defects were listed as: X.509AF, HTTP/2, LBMC, RSL, LLRP, ASN.1 BER, IEEE 802.11, HiQnet, GSM A-bis OML and so on were also had been introduced too.

But now the company officially introduced a new document of a new version that this version has featured with many security features because they have noticed almost 40 bugs and they had been working on it and now they become succeed to overcome all those problems with this new version. And now Wireshark have best results as well as good news for users also.

In this new version, Wireshark 2.0.2 have been also already updated many protocols such as – HTTP, HTTP/2, NS Trace, PPTP, IPv6, IPv4, SPICE, MAC LTEand also many more were updated apart from crashing of host protocols.  But overall there is also some more good news for users is that Wireshark 2.0.2 has also solved the problems related to some more security issues like – DLL hijacking vulnerability, SPICE dissector loop and DNP dissector loop. 

If you want then you can check the full list of all changes of software in the official website of Wireshark. And you can download this beneficial software from the official website of that company. 
At the last but not least the best thing is that this version is available for GNU/LINUX, Windows and also for MAC OS X.  You really have to check out this software at least one time go and visit the official website and then download it!

الأحد، 28 فبراير 2016

What Software Do Warehouses Use To Keep Track of Inventory


The inventory in your warehouse represents a lot of value, and it is essential to keep track of each and every component. Organizing data has always been a challenge, and new software tools are making it easier than ever to streamline costs and improve productive output.

The Old Ways 

Before computers became common place in the business world, complicated ledgers were kept by hand in log books. Very precise notes of inventory had to be maintained and inventory specialists relied on physical counts of parts. This method was error prone as a human being can only keep track of so much information at a time. While obsolete, upgrading with a personal computer and digital ledgers presents many of the same problems to small businesses.

The Spread Sheet

For small companies or startups, an inventory ledger can be approximated with a well-organized spreadsheet. Spreadsheet software is robust and can perform a number of automated calculations that reduce errors in counts, but as a business grows, this method must be abandoned as well. Spreadsheets do not store history or track process moves. The files must be constantly updated, and there is the risk that important data can be lost. Reports must be generated from scratch, and redundant information between different departments can overwhelm your company’s decision makers.

Dedicated Database

Eventually a large enough company needs to implement a database system to track inventory. With a barcode reader and digital locations, placing parts into a system and tracking their moves through a process is easy. Reports can be generated that help the warehouse staff streamline redundancies. It is even possible to create multiple locations for your components, and the information remains current.
Databases are great tools, but they are still limited in many ways. They require hardware to support the data, and information can only be accessed by those in the warehouse. Reports are much easier to create, but new information must be manually transferred back and forth between business units.

ERP Warehouse Solutions

Most companies now depend on enterprise resource planning software. These are the most advanced and powerful tools that companies have for managing their entire operations. Like the database, the information in your warehouse is easy to organize and keep current, but an ERP system integrates all of the data your company uses into one solution. Each department has easy access to information that impacts its operations.

With current information shared across business units, employees are free to make decisions and respond to changes in the market. It is important for sales staff to know what is available. Customer service reps should be able to see if a delivery has been made on time when responding to a complaint. Accounting departments need to be able to estimate the value of the inventory to balance accounts.

ERP solutions are also readily available to small companies through software service programs. Instead of purchasing and maintaining the computing hardware and software themselves, high speed internet access gives companies the options to contract with a solutions provider. Storing data on a network server operated by an outside company lowers the initial cost and provides quick access to these tools.

The better organized your inventory is, the greater the efficiency you have in your operations. Upgrading with an ERP solution gives your company the opportunity to streamline processes and increase its competitive edge. These tools are more readily available and essential than ever before.

Around 2.3 Million Android Malware Samples Detected In 2015

Around 2.3 Million Android Malware Samples Detected In 2015


Around 2.3 Million Android Malware Samples Detected in 2015


The German cyber-security firm G DATA said that "during 2015, a sample of the Android malware has appeared every 11 seconds, and in total 2,333,777 malware samples for the whole year, it was raised 50% as compared to the previous year 2014 when it was only 1,548,129 samples."


According to the G DATA's Q4 2015 Mobile Malware Report, revealed that during the last quarter of 2015, researchers also came across 758,133 new Android malware files, which was only the increase of 32% from previous quarter.

When they put the past year criminals they found that around 2.5 different malicious Android apps spread their malware families.

The reason behind the assault on Android devices may be the increased fame of Android and their market shares too, which continue to be high as it ever was. User uses their mobile phones, tablets for financial and banking operations too.

Since most crooks are motivated by financial gains, they tend to follow the money, and so, have expanded their malware arsenal to include more tools that target the Android ecosystem.

Malware grew in sophistication is not just your run-of-the-mill viruses. In past month, it was discovered by the security companies researchers that most of the target to the Android device is to steal and gain access to the financial information.

"The most dangerous Android malware are Mazar BOT, Acecard, Asacub and Xbot, which is categorized as a ransomware, information stealers, and even banking trojans."

Internet of Things(IoT) is also the reason for the increase in mobile malware said by G DATA researchers. Many of the sensitive information are held by the Internet-connected devices and are managed by the mobile apps.

Whatever the targeting flaws contain by these mobile apps, hackers get to the IoT devices by the help of these mobile apps. When the device's firmware can't be modified with a bootkit component, then the mobile app is used as a persistent infection point.

السبت، 27 فبراير 2016

Cyber Hackers Breached 700000 Accounts of US Tax Payers

Cyber Hackers Breached 700000 Accounts of US Tax Payers


Cyber Hackers Breached 700000 Accounts of US Tax Payers


On Friday the tax agency said that hackers got access to personal data of more than 700,000 taxpayer accounts, which was more than double of estimation. It took place in 2015 to the IRS.


The personal information contains the following:

  • Data that cyber thieves could use to impersonate a real taxpayer
  • Birth dates
  • Social Security numbers
  • A false file of federal tax return and collect a refund

Previously, IRS said that around 100,000 taxpayer accounts had been compromised, which in August raised around as many as 334,000. But on Friday's estimation goes up to 700,000. 

IRS also said that more than 500,000 other taxpayer accounts have been tried by the cyber hackers to gain their access. The actual statistics is much higher than the estimated value.

The Treasury Inspector General conducted a nine-month review for Tax Administration, which oversees the IRS. IRS also said that cyber hackers achieved their target and gained access to taxpayer accounts between the month of January 2014 to May 2015.


An audit report will be released by the TIGTA officials based on the findings.

John Koskinen(IRS Commissioner) said that 
"User's whose account showed a sign of suspicious access then for that the agency is planning to mail notifications and assistance. They also get IRS personal identification numbers along with free Equifax identity theft protection product also. Extra scrutiny for taxpayers has been placed by the IRS."

Koskinen said that "The IRS is committed to protecting taxpayers on multiple fronts against tax-related identity theft, and these mailings are part of that effort,"

Seven federal audits and the reports from 2007 to 2014 outlined too many computer dangers because of failures in IRS Database. The IRS inspector general warned in an October 2014 report said that "Computer security has been problematic for the IRS since 1997,"

Due to the hacking activities on R-Utah, Government Operations chairman of the House Committee on Oversight, IRS Rep. Jason Chaffetz and Government Operations accused IRS.

Chaffetz said that "The IRS doesn't have its house in order at any level,"

According to tax agency "For more than 450,000 Social Security number's, e-file personal identification numbers has been unauthorized by the hackers to gain access to it. IRS also said that till January almost 101,000 were succeeded in accessing an e-file ID number, the IRS said.

Image Source: PBS

Baidu Apps Are Spying Personal Data And Leaked Information

Baidu Apps Are Spying Personal Data


Baidu Apps Are Spying Personal Data And Leaked Information


According to a research security, researchers found that thousands of apps are using code from the Chinese net giant Baidu, and are able to collect and transmit the Personal data insecurely.


According to the security experts at the  University of Toronto, they believed that millions of Chinese people have been affected by this issue. Millions of Chinese People affected by the data leaks.

The information included in the data leaks contains:

  • Where the Person Are.
  • Sites Visited by them. 
  • Search Terms.
  • ID numbers of their device too which they own.  

Chinese net giant Baidu said that with the insecure computer code they had tackled the problems.
'Shoddy design'

The software development kit contains the code which can be used in order to create programs for Windows and apps for android phones. That code was also used by the Chinese net giant Baidu, to make web browsers for Android and Windows too. Many firms used the Chinese net giant Baidu web browsers.

The security experts at the University of Toronto, also said that "Hundreds of millions of times, the apps and browsers have been downloaded, which is made using the Baidu Kit."

The Lab has focussed on personal and private data use in China because it is a part of long-running research project. Last year the researchers at Toronto's Citizen The Lab found patches in the Alibaba browser, and now in the Baidu code (several security and privacy shortcomings).

Data like GPS coordinates and Search terms are also sent in a plain text. And unique device IDs can easily be broken. An Attacker can easily get access to a phone and Windows computer, because of the weak protection of apps.

Authors said in their reports that "If the personal data transmission without properly implemented encryption then it can expose a user's data to surveillance, The leakage of such user data is particularly problematic for individuals who use these applications and their devices to engage in politically sensitive communications,"

Ron Deibert(director of the Citizen Lab) told Reuters that "It's either shoddy design or it's surveillance by design,"

Is It Fixed or Not Fixed?

In November last year, Baidu had already patched some of the bugs in the code, said by Citizen Lab. But, still poor encryption scheme was still being used on sensitive data.

Baidu has made so many statements regarding this issue some of them was:

  • For commercial purposes, the data was collected.
  • Once, they said that they shared the data with partners.
  • They also said that the information was not handed over wholesale to the Chinese authorities.
  • They said that "they provide only the lawfully data requested by duly constituted law enforcement agencies."

Image Source: BBC

Firmwalker: A Simple Bash Script

Firmwalker: A Simple Bash Script


Firmwalker: A Simple Bash Script


Definition: A FirmWalker is a simple bash script. FirmWalker is used for searching the extracted or mounted firmware file system. 


The extracted firmware file system includes the things of interest such as: 
  • etc/shadow and etc/passwd
  • etc/ssl directory is listed out
  • SSL related files is being searched such as .pem, .crt, etc.
  • Configuration files search
  • Script files
  • .bin files search
  • find the keywords as admin, password, remote, etc.
  • Common web servers used on IoT devices are search.
  • Common binaries are search such as dropbear, ssh, tftp etc.

You can also reviewed and deleted the data if it is desired from file.

How can you Use it?

'./firmwalker {path to root file system}'
Example: './firmwalker linksys/fmk/rootfs'

Where the script file is created a file "firmwalker.txt" will also be created in same directory, unless a different filename has been specified. If you put the firmwalker.sh file inside the directory to be searched, then the script search it itself and the file chmod 0700 firmwalker.sh is being created.

الجمعة، 26 فبراير 2016

PAN-OS Critical Vulnerabilities Patched By The Palo Alto Networks

PAN-OS Critical Vulnerabilities Patched

PAN-OS Critical Vulnerabilities Patched By The Palo Alto Networks



The Palo Alto Networks have released PAN-OS updates. PAN-OS is the operating system for the enterprise security platform. 


PAN-OS possess many features like:

  • To address the system vulnerabilities.

Vulnerabilities can be categorized into "critical" and "high" severity.

On Wednesday Advisories which were published by the company contain an information about the GlobalProtect portal serious issue that is a critical buffer overflow. The consequences of this vulnerability is that:

  • It caused improper handling of a buffer in SSL VPN request Processor.
  • It can also exploit to cause a denial-of-service (DoS) condition.
  • It can also crash a device even for remote code execution.

Along with that the company (network and enterprise security) also informed users about the consequences of this vulnerability by which malicious actor can easily allow executing arbitrary OS commands by accessing the device management web interface

The company said in the advisory that “Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management

API incorrectly parses input to a specific API call, leading to the execution of arbitrary OS commands without authentication via the management interface,” There is also the another medium severe flaw issue to the GlobalProtect portal by which unauthenticated attacker can easily crash the portal by remote network access.

It has also published in an advisory by Palo Alto Networks in which they explained about the low severity issue along with their consequences. Low severity flaw allows a authenticated attacker who has administrator rights to execute the commands at the OS level with root privileges.

PAN-OS versions 5.0.17, 6.0.12, 6.1.9, 7.0.4 are the versions that have been affected by the critical and high severity vulnerabilities, but now it has been patched in the PAN-OS versions 5.0.18, 6.0.13, 6.1.10 and 7.0.5.

PAN-OS versions 5.0.17, 6.0.12, 6.1.9, 7.0.5 are the versions affected by the medium severity flaw impacts, but it has been resolved in PAN-OS 5.0.18, 6.0.13, 6.1.10, 7.0.5H2.

PAN-OS versions 5.0.17, 5.1.10, 6.0.12, 6.1.9, 7.0.5 are the versions affected by the low severity issue, and it's fixed in 5.0.18, 5.1.11, 6.0.13, 6.1.10 and 7.0.5H2.

On March 16, When the details of these weaknesses will be disclosed at a conference, prior to that almost many systems will patch by Palo Alto Networks customers.



Felix Wilhelm of German security firm ERNW Research was the one who reported about these vulnerabilities, all the details will be disclosed on March 14-18 in the city of Heidelberg in Germany, during the researcher’s presentation on attacking next-generation firewalls at the company’s TROOPER16 conference

Research: Usage of KeyBase Keylogger Has Been Explodes

Research: Usage of KeyBase Keylogger Has Been Explodes

Research: Usage of KeyBase Keylogger Has Been Explodes 


Palo Alto Networks researchers have found that when the builder of simple keylogger malware has been leaked online last summer, the usage of keylogger has gone or explodes.


KeyBase (a spyware family) that can affect the system by following way:
  • It can capture keystrokes.
  • Written in C# by using .NET Framework.
  • It can also steal data from the user's clipboard. 
  • At regular intervals, it can also take screenshots of the victim's desktop.

When Palo Alto researchers stumbled upon an unprotected server (control panel), at that time this malware was first seen where the screenshots were sending by the KeyBase. This malware was created in February 2015, but now it has been stopped developing by the KeyBase's author from the last summer, they promised that they were not developing it further and they also closed their website where they used to sell this KeyBase for $50 / €45, and they have abandoned the project.

According to the Palo Alto report "At that time around 295 unique KeyBase samples and more than 1,500 different KeyBase connections sending data back to control panels." After that, the builder's of malware has been leaked online on many hacking forums.


New KeyBase wave infected 933 Windows computers:
Eight months later it has been reported by the Palo Alto that hacking community continued to develop KeyBase, after seeing that over 44,200 KeyBase sessions coming from over 4,900 different KeyBase instances.

Along with that the main things that have been discovered by the Researchers were:
Even though the control panel was secured, but the folder that contains the images to sent for storage was not. It means that all the KeyBase panels available online can be found only by put together a simple script.

A simple method has been used by the Palo Alto staff by which they discovered the following:

  • 62 Web domains where the KeyBase control panel was installed.
  • 125,083 screenshots from 933 Windows computers.
  • 82 different control panels.

Out of all the infected computers, 216 were workstations in corporate environments, 75 were personal computers, and 134 were used for both. Among 933 computers 43 included the details from more than one user, it means that they were shared assets, may be used by multiple family members or work colleagues.

Attackers targeted the manufacturing industry:
According to the researchers, most of the KeyBase infected countries are China, South Korea, United Arab Emirates, and India. And they are also confident about managing the narrow down most of the attacks to a few campaigns.

Keybase Geographical view

Attackers targeted the manufacturing industry, but some stood out. The industries were the wholesale and retail industry, manufacturing sector, Transportation company.

Industry sectors  that were affected by KeyBase:
According to the researchers, the screenshots depicting the invoices, blueprints, email inboxes, financial documents, booking software and many more images.

Dummy hackers infected themselves as well:
During the keylogger's tests, the creator of malware's infect himself and his activities recorded through screenshots and then they sent it to Web control panel and the a new wave of KeyBase infections also managed to infect their computers.

As the code of KeyBase is available to anyone, so it is a well-known and easy-to-detect threat. By avoiding unsolicited or spam email(the most common method used by KeyBase to infects victims) also you can stay safe.

الخميس، 25 فبراير 2016

Anonymous Hackers Hacks French Defense Ministry Website To Protest Against Arms Trade

Image Source: militarytimes.com

Anonymous Hackers Hacks French Defense Ministry Website To Protest Against Arms Trade 


The Web Portals of France Ministry of Defense have been hacked by Anonymous hackers in order to protest against the foreign arms trade operations of the country and leaked the database of site. The French Government has been accused by the Anonymous hackers for selling weapons to a country like Saudi Arabia.


Anonymous hackers revealed the incident publically and said that they have targeted the CIMD (Centre d'Identification des Materiels de la Defense) portal, which is a smaller site of Ministry's. Then after the website went down and the users got a message saying that "Our web portal will be temporarily unavailable due to maintenance actions."

Image Source: securityaffairs.co

Database has been leaked and admin panel access has been gained.

Website database has been leaked by Anonymous hackers that contain very important information like (accounts of websites, sessions of PHP, FTP client usernames and army suppliers and partners too). Among them, the sensitive data is only the server usernames (including plain-text passwords) but not all.

Image Source: securityaffairs.co

Apart from this, these Anonymous hackers also revealed the screenshots of the site's admin panel. It was easy to target the French Defense Ministry Website because from past months or year many vulnerabilities have been gathered by the CMSs in droves.

The primary aim was to protest against the France's international arms trade.

Image Source: securityaffairs.co

The data which has been dumped were related to a lucrative arms trade sector and France's weapons industry. The dumb data was made accessible by the Anonymous members, to justify their attack you can easily get the dumb data from many press articles. 

An Amnesty International 2012 article contains some links of dumb data, which was left behind by the hackers that contain the world's second largest arms trader as France. 

"Weapons are selling by France to Saudia Arabia, and they also bought surveillance and spying tools from the firm of Italy (The Hacking Team).

Lazarus Group Was Responsible For The Sony Pictures Hack


Lazarus Group Was Responsible For The Sony Pictures Hack In 2014


In 2014, some anonymous hackers targeted and attacked the Sony Pictures Entertainment, and in order to analyze and disrupt the activities of that threat group, many security firms have teamed up.


On the activities of an actor that they have dubbed the Lazarus Group, a reports have been published by firms like Symantec, Kaspersky Lab, Novetta and AlienVault on Wednesday. According to those reports, more than 45 families of malware's have been analyzed, that helps to easily find a connection between several major attacks by the researchers of the firms.

From the past 2007, The Lazarus Group has conducted so many attacks whose purpose was to destroy the data and disrupt the system and along with that, they have also conducted so many cyber espionage operations.

After the analysis of samples of malware, it has been found that numerous attacks have been conducted by the Lazarus Group. Among them, there was one that shamed and crippled Sony in 2014. Along with that the other attacks including:

  • Attacks on Manufacturing and financial organizations primarily located in South Korea and the United States.
  • Attacks on Military.
  • Attacks on government and media too.
  • Dark Seoul and Operation Troy campaigns. 

In Malaysia, China, India, Taiwan, Brazil, Mexico, Turkey, Saudi Arabia, Iran and Vietnam and in many more countries Victims have been spotted.

Victims of Lazarus Group

According to some factors like similarities in the attackers, code shared between several malicious tools and the methods that has been used by them to wipe and evade detection by security tools, Researchers were able to connect the campaigns to Lazarus.

The links between Destover, the DarkSeoul malware and the wiper used in Sony attack all have been found by the Experts, but they are not able to find any evidence associated with the same malware developers.

According to the researchers, same password has been used by the attackers which is hardcoded inside the dropper in every campaign. And this provided the information to researchers needed for identifying operations of Lazarus.

North Korea has been pointed out by the U.S government behind the Sony attack, but they always denied against such kind of actions. Pyongyang has been blamed by the South Korea for the malicious campaigns that target the country.

According to the reports, it's not directly mentioned that North Korea was responsible, but there are some evidences that shows that probably it was North Korea who was responsible for the Sony attack. Evidences that were mentioned in reports were like that- The working hours in which the threat actors compiled the malicious tools was associated with the GMT+8 and GMT+9 time zones, which matches North Korea. Most of the Lazarus samples have been the PE resource with Korean language.

Jaime Blasco (chief scientist at AlienVault) said that, 
“This actor has the necessary skills and determination to perform cyberespionage operations with the purpose of stealing data or causing damage. Combining that with the use of disinformation and deception techniques, the attackers have been able to successfully launch several operations over the last few years,”

If you want to know more about Technical details then you can go through the reports published by the firm AlienVault, Kaspersky, Symantec and Novetta.

A Pilot Program by MasterCard is Moving Onto The Next Phase

Pay With Selfie by MasterCard


A Pilot Program by MasterCard is Moving Onto The Next Phase


Instead of paying through classic PIN MasterCard allows users to authenticate and authorize payments using biometrics. A Pilot program is also moving into next stage by MasterCard.


The People in Netherlands and the US can only use the MasterCard's pilot program since it was launched last year in June. By using four new distinct techniques users are allowed to pay for goods.

About Innovative Payments Pilot Program,

In order to enter the program, either users can use MasterCard-issued wristbands or install a special MasterCard app on smartphones.

With the help of these tools, users can authorize the payments by any  of the 4 techniques as following:
  • By measuring their cardiac rhythm (via the wristband).
  • By Placing a finger on their phone's camera (fingerprint recognition).
  • Taking a selfie (face recognition).
  • By speaking a code (voice recognition).

MasterCard announced at the Mobile World Congress held in Barcelona that "By this summer, the payments options and the pilot program will be expanded to more countries."

The countries list includes the following: (Spain, Italy, UK, Belgium, Finland, Denmark, France, Germany, Canada, Switzerland, and Norway).

Is Payment through Selfie-Approved Safe?

"The new biometrics-based payments service has been created in order to provide user data safe" said by MasterCard. According to the company "fingerprints, voice commands or no selfies are sent to the servers for storage. And it is transformed into ones and zeros by the mobile app,"

The code which is being sent to MasterCard's servers will be processed and analyzed for similarities to user's default biometrics. 

But some of the Security experts are not looking forward to verification systems of biometrics-based payment because if anyone changed the passwords and PINs then that can be compromised in a data breach, and it is very difficult to change the face and voice if the biometrics data has been lost.

Cardholders can authorize the transaction by holding up their phones as if taking a selfie and blinking if they purchase online from a merchant that needs identity verification; it ensure that a cardholder is an alive person, not just a photograph, instead entering a password or PIN.  

New Version of Bundestrojaner (Federal Trojan) Has Been Updated By The German Government

New Version of Bundestrojaner (Federal Trojan) Has Been Updated By The German Government

New Version of Bundestrojaner (Federal Trojan) Has Been Updated By The German Government


From the past months, the authorities have been working on the updated version of infamous Bundestrojaner (Federal Trojan) which can also be used against real-life targets and it is approved by the German government.


In german language meaning of Bundestrojaner is "Federal Trojan". The government created this malware and then used for their own citizens of their country.

The scandal of Bundestrojaner 2011

A German-based Chaos Computer Club (CCC) discovered that Bundestrojaner(Federal Trojan) in the year 2011, the time when this trojan was in middle of controversy.

By using the first version of this trojan police officers can easily opened  a backdoor on infected computers. A backdoor allows some actions like (record audio, video, taking screenshots and breaking a suspect's right to privacy ). Once when the backdoor is opened then it also enables to retrieve all the important information like user's password, access to digital data too apart from the copy of files from the system hard drive.

Tagesschau says in its report that "During the year 2008 on using the online surveillance programs several rules have been laid down by the German Constitutional Court like police can not engage in such activity without the consent of court"



But there are disadvantages of that trojan also Researcher said that "because of an insecure update mechanism, any third-party can remotely access the trojan and use it for their own purpose it may be either malicious or legal."

If their is any threat to people's lives and health or any threat to national security also, then this malware will not be allowed to use. In that situation officers can only read the emails, wiretap telephone calls but can not access copying files from the harddrive, any kind of video or audio calls and not even passwords stealing.

According to the media scandal which occurred a month before "Sabine Leutheusser-Schnarrenberger(German Justice Minister) said that this government insecure malware has been used by them in legal investigations also."

The new version Bundestrojaner v2 comes back again after five years

After 5 years, with the approval of German Ministry of Interior, the Criminal Police of Germany's Federal again started to work with a new version of Bundestrojaner from this week. This trojan new version entered in 2015 autumn and police investigators need to obtain the court order for using it.

In order to develop his own(German Federal Criminal Police) surveillance malware, they purchased "FinFisher(a surveillance software)" which was created by German-British Elamann/Gamma company.

Falk Garbsch(a CCC expert) told to Deutsche Welle that "A wider range of opportunities could be opened for the hackers because trojan can easily install software on targeted system,"

Image Source: RT

الأربعاء، 24 فبراير 2016

Jaq's Salt Water Charger Powers Up Phones

Jaq

 

MyFC Unveiled its Jaq – Fuel Cell Charger


A portable power bank which tends to use salt as well as water for recharging smartphones has been put up on show at the Mobile World Congress tech show in Barcelona.Swedish start-up MyFC unveiled its cool technology called Jaq at the CES on Jan 6. It is said that the device is small enough to be slipped into the back pocket and is fuel cell charger.

 It utilises saltwater and oxygen in converting chemical energy into electricity. The Jaq cell charger comprises of colourful rubber sleeve together with a credit card-sized `power card’ containing saltwater. It tends to work by causing detached chemical reaction between the saltwater – fuel and oxygen – oxidant wherein hydrogen molecules from the water tends to enter the fuel cell at the anode.

A chemical reaction shreds the hydrogen molecules of their electrons and the positively charged hydrogen ions are then capable of moving through the electrolyte where the negatively charged hydrogen electron delivers the current via the external circuit. Oxygen, in the meantime, enters the fuel cell at the cathode where the oxygen molecules mingle with the hydrogen electrons returning from the electrical circuit and the hydrogen ions that have been delivered through the electrolyte

Each Power Card Used Only Once


The outcome of the reaction tends to produce electricity and water which the device connects and utilises to charge the phone through a Micro-USB cable. It is said that one power card can generate 1,800 mAH amount of electricity which would be adequate in charging an iPhone 6S completely though each power card could be used only once.

The charger comprises of a credit card shaped `power card’ and a hollowed out port which is about the size of a smartphone. The card contained saltwater that tends to fuel electricity producing chemical reaction when one slips the card into the port.

To obtain electricity to the battery of the phone one needs to plug the phone into the port with a standard cable.The Jaq charger does not require plugging in, since it tends to utilise disposable cartridges in generating power. Chris Foxx of BBC had asked Bjorn Westerholm the company’s chief executive if it was better for the environment than using the normal battery based power banks.

World’s Smallest Charger


It is the world’s smallest charger of its type and the device has got its European unveiling offers up speedy phone charging without the need of plugging it in a socket. It is owing to Jaq powering itself with the help of its own PowerCard that is made of water and salt.

When this is stuck in the charger, some chemical magic hydrogen is created and the charge takes place. It tends to charge a phone just the same time a normal power outlet does. Though the chemical reaction and hydrogen may sound a bit dangerous, MyFC undertakes the responsibility that the chemical reaction seems to be completely safe and that it is also environmental friendly.

The MyFC Jaq seems to be compatible with all phones as well as tablets inclusive of iOS and would be made available in white, black and purple. Though the release date is not yet out, MyFC has put the Jaq up for pre-order wherein one can sign up to have PowerCards sent to them on a subscription basis.

John McAfee offers to Unlock Killer's iPhone for FBI

John McAfee

John McAfee to Break the Encryption on iPhone of Killer Syed Farook


John McAfee the creator of anti-virus software has stated that he would break the encryption on iPhone which tends to belong to San Bernardino killer Syed Farook. He made the offer in an article to FBI which was published by Business Insider. Apple had declined to abide with the court order asking it to unlock the device in-between opinion on whether the firm should be compelled in doing so.

Mr McAfee stated that he together with his team would undertake the task `with no charge’. The offer came up while Mr McAfee continued his campaign as a US presidential candidate for the Libertarian Party. He had claimed in his article that it would take them around three weeks. Graham Cluley, security expert had informed BBC that he was doubtful about Mr McAfee’s claim.

He stated that the iPhone is notoriously difficult to hack when compared to the other devices. Mr Cluley, for instance, had doubts on Mr McAfee’s idea that he could use `social engineering’ to work out the pass-code on the locked iPhone of Farook. It is a procedure wherein the hackers attempt to find out login identifications by deceiving people in disclosing them.

Back Door – iPhones Susceptible to Hacking


Mr Cluley said that `in a nutshell, dead men tell no tales. Good luck to Mr AcAfee trying to socially engineer a corpse in revealing its pass-code’ He added that the FBI is not interested anyway, they want to set a pattern that there should not be locks, they cannot break’. Mr McAfee, in his article had said that he was keen in unlocking the device since he did not want Apple to be forced in implementing a `back door’, a method wherein security services could access data on encrypted devices.

Tim Cook, chief executive of Apple had earlier commented in a statement that the firm did not want to co-operate. He discussed that introducing a back door would make all the iPhones susceptible to hacking by the criminals. Mr McAfee is of the belief that there would be a possibility of retrieving data from the phone by other means, but did not give much details regarding the same.

Tech Firms Support Apple


Those comprising of the Australian Children’s eSafety Commissioners, who had spoken to tech website ZDNet had stated that Apple would not essentially need to introduce a back door. However, the firm is only being asked to provide access to a single device. Other tech firms have supported Apple’s following a few days of debate on how it ought to respond to the request of FBI.

Sundar Pichai, Google boss had expressed his support for Mr Cook and recently chief executive of Twitter Jack Dorsey had added his approval through a tweet. Facebook had mentioned in a statement that it condemned terrorism and had solidarity with the victims of terror, though would tend to continue its policy of opposing requests of diminishing security.

It stated that they would continue to fight aggressively against the necessities for companies in weakening the security of their systems and these demands would develop chilling pattern as well as obstruct the efforts of the company in securing their products.

The Smartphone That You Can Bend

smartphone

ReFlex – Bendable Smartphone – Get Direction/Read/Play Games


Recently, researchers from the Human Media Lab at Queen’s University in Canada have revealed a lightweight model atthe Tangible Embedded and Embodied Interaction conference in The Netherlands. It is called ReFlex which is built to bend as well as vibrate providing users with an improved sense of third dimension on their phones while they tend to get directions, read or play games. The phone’s basic hardware comprises of a 720p display which has been developed by LG together with a small phone processor running Android 4.4 `KitKat’.

Users could bend it like a stem or tend to stretch it like a rubber band. Having a bendable phone, users could rapidly thumb through books; feel for highlighted passages or for dog eared pages. Moreover, the flexible phone could also help drivers in keeping their eyes on the road enabling the possibility of `feel’ turn-by-turn directions. With games like Angry Birds, players could also bend their screens stretching out a slingshot with vibrations which could make the phone seem like recoiling rubber band.

However, the most amazing feature of the latest bendy model is that it is basically shatterproof. The secret behind the phone which is quite durable and lightweight is that the screen is plastic and not made of glass.

Android Device Stronger to Bend to 40 Degrees


The trade-off could be a deal-breaker in smartphone industry which has been dominated by glass screens. The phone tends to use off-the-shelf parts meaning a leap to market would not be a big jump. Professor Roel Vertegaal leading the team behind the phone comments that it is technology twelve years in the making. He further added that the phone is mass produceable as it is today.

Vertegaal whose academic research had been sponsored by the Canadian government and Canadian touch tech company, Immersion Corporation will not be building a consumer phone. He states that he will leave it to the Samsung’s and the LG’s of the world. According to his estimates it would take around three to five years in bringing the tech to the market.

The LG OLED display in the phone seems to be the same tech in bendable TVs and for $100, these LG smartphone screens could cost $25 more than a typical glass screen though would make the latest Android device much stronger to bend up to 40 degrees. The phone tends to be more flexible towards the centre with semi-rigid ends, where the 1,280 x 720-pixel display has a bit inferior resolution than an iPhone 6 at 1,334 x 750 pixels.

Flexible OLED Display


ReFlex seems to utilise a Flexible OLED display from LG alike to some of the rollable screens shown recently at CES this year which enables the user to bend it as desired. It is the first flexible phone with the combination of bend input with standard multi-touch abilities which means that one could use touch interaction such as a typical smartphone and also interact with definite apps on bending the phone.

Vertegaal has mentioned that when this smartphone is bent down towards the right, pages tend to flip through the fingers from right to left just like a book. With more extreme bends it would speed up the page flips and users can feel the sensation of the page moving through their fingertips through a detailed vibration of the phone. This would enable eyes-free navigation for the user, thus making it easy to keep track of where they are in a document.

Top PC Monitoring Software 2016


software
PC monitoring has become a necessity, especially in the organizations where there are a large number of employees with digital privileges. There’s no possible way for you as an employer to keep an eye on each and every individual, and this is exactly what employees take advantage of. They waste their time at work doing mundane activities like watching random videos, chatting with people, checking their social networking profiles, etc. This of course affects the overall performance of the company, which just isn’t acceptable in a competitive market. This is where PC monitoring software can really come in handy as it lets you keep tabs on how employees are using their computer and internet privileges at work. If you’re an employee who’s looking to get rid of the headache related to employees wasting time at work, we’ve got just the software lined up for you. Take a look and pick the one that best suits your needs.

Mobistealth

Mobistealth comes with a slew of awesome features that really puts you in control of your employees’ digital activities. It records every single keystroke typed by the employees during work hours, allowing you to know exactly what they are up to on their computer. Furthermore, there is a screenshot feature that takes pictures on regular basis. That’s not all though as Mobistealth also offers Skype logs. It’s no secret that Skype is a go-to platform for workplace chats, so having an eye on it certainly helps. Apart from the aforementioned features, this tool also comes with Facebook, Yahoo and Gmail chat logging, enabling you to see what’s being conversed. It even empowers you to keep tabs on the emails exchanged via Yahoo, Gmail, and Hotmail accounts. All of Mobistealth’s features are pretty important and if you’re on the hunt of a powerful monitoring software, then this one comes highly recommended.

Spyrix Personal Monitor

Spyrix Personal Monitor is another brilliant monitoring software. It is not as feature-rich as Mobistealth, primarily because its developers have put more of an effort on key logging. It can give you information regarding the passwords, created files, started applications, system logon, system log off, and so much more. Other than that, it provides you with the option of monitoring browsing activity, which is also a great help. With the help of this feature, you can see what sites your employees are visiting, and if you see too many random URLs there, then it is a pretty good sign that they have their priorities all wrong.

All in One Keylogger

As the name suggests, this tool also focuses more on key logging. The best part about this software is that it’s not very complicated. It is designed with the convenience of not so tech savvy people in mind. Even if you don’t possess knowledge about monitoring tools, you will still be able to operate All In One Keylogger without a hitch. All features of this software are presented upfront so that the users can see what’s on offer and then avail them without a problem. Some important features in this tool include key logging, web browser logging, multi-language support, website blocking, and so much more. If you are not good with technology but are really interested in deploying an employee monitoring solution in your workplace, then you should give All in One Keylogger a shot.

الثلاثاء، 23 فبراير 2016

Hacktivist Group Anonymous Leaks Cincinnati Police Department Data

Hacktivist Group Anonymous Leaks Cincinnati Police Department Data

Hacktivist Group Anonymous Leaks Cincinnati Police Department Data


The details for 52 officers and employees of the Police Department of Cincinnati has been leaked by the Hacktivist group of Anonymous hacker following the shooting of a black man who was believed to be unarmed.


Because of the unnecessary death of Paul Gatson, they blamed the Police department who was shot and killed on Feb 17, 2016. When the officers were trying to arrest him at that time, he was shot numerous times by police officers. Before that, he was stumbling out of pickup truck and also crashed a telephone pole.

Because of Paul Gatson's death it sparked the data leak of 52 officers and employees of police department. Police officers also showed the two videos of this incident to justified their own action, but all are in vain and the things have escalated after the New York Daily News pointing out the similar case a day earlier, where the suspect (Christopher Laugle, a white)pointed out a fake guns at one of the officers called in to investigate an assault, but they peacefully arrested him.

Anonymous member said in video that 
"How does one man point a fake pistol at a cop and live while another man doesn't, but is killed execution style?" 
In order to spread the message of its operation #OpAnonVerdict.

Police officers said that "they are not aware that the gun was fake, when the Christopher Laugle(a suspect) pointed it towards one of the officers. And he was arrested peacefully and released on the $2,000 bail also."

The Anonymous hacker (Anon Verdict group) released the leaked data by them publicly on the following:

  • First on PasteBin.
  • Via Quick Leak service also.

But the leaked data doesn't contain any "private" data or information. It contains the information like (social media profile links, email addresses, the names of their family members, phone numbers, officers' names and home addresses). Eliot Isaac(chief of police) was the first name on the data dump with complete with his phone number and addresses of his known family members. Now the fear is that "the leaked data information can be used for retribution."

Steve Saunders(Cincinnati.com, police Lt) said that "Actually the group didn't hack any of the servers it was all the data which can also be searched via internet searches."

Masked man in the youtube video clip said that 

"We have been sitting idle from far too long and letting the gang known as the Thin Blue Line murder citizens of US. Well, we have a message to not only the Cincinnati Police Department but to every law enforcement officer. When you murder a human being when you have other choices of containing your suspect available, we will make your officers' information public record."

Anonymous states they will continue to release further data, 

"We will data dump as many officers as we see fit for each situation. We will not only release the officers' information who murdered the citizen but we will release those that have stood by in the department that did not speak up. Thin Blue Line, your game is over. You lost."

Watch Video: