Social Icons

Tuesday, December 09, 2014

DeathRing: Non-removable Pre-installed Malware@Androids

The smart-phones penetration in our country and for that matter any country has been seeing explosion like never before...from cheap mobiles with luring specs to high end smart-phones by Apple,Samsung,Sony etc.The growing and already a subject matter of concern in IT ie SECURITY is majoring as a serious threat in the mobile world too...like the Microsoft b70 case few years back(click here for details)....As evidenced by the latest pre-loaded malware identified called DeathRing that’s  a Chinese Trojan that is pre-installed on a number of smart-phones most popular in Asian and African countries.
as evidenced by the latest pre-loaded malware Lookout identified called DeathRing.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)
as evidenced by the latest pre-loaded malware Lookout identified called DeathRing.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)
as evidenced by the latest pre-loaded malware Lookout identified called DeathRing.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)

Friday, December 05, 2014

Operation Cleaver : IRAN a greater Cyber Threat then US/China????

1.    There has been a series of decisive and significant reveals in past few weeks in the field of Cyber Security. REGIN, APT28, Wirelurker and now comes another important report by the name of Operation Cleaver. The report is available here.Some time about a year back in September 2013,the ping pong blame of cyber attacks between Iran-US were made public vide US carrying out proven credentials of IRAN being part of attack in their Navy room. A screen shot of a report then is seen below :
 2.    Now, a US cyber security firm Cylance says it has evidence to prove that the same team has infiltrated not just the Navy, but also various top companies across the globe within the past two years. This report sheds light on the efforts of a coordinated and determined group working to undermine the security of at least 50 companies across 15 industries in 16 countries.


3.  Iran till date has never been considered quite as much of a serious cyber threat to the US as China and Russia have been in recent years. This could prove to be a mistake vide proofs given in this report.The report indicates that state sponsored cyber groups in Iran can be just as severe or even way ahead in terms of offered danger to few countries. Few key points of interest are mentioned below :
Victims include companies in the oil and gas sector, the energy industry, airports and the transportation sector, government and defence, and the telecommunications and technology industries.

-   Report believes all the revelations are just the tip of the ice berg and damage extends much ahead of contours identified.

-   About 10 of the victims are based in the US and include a major airline, an energy company, a medical university, and an automobile manufacturer.

-   Many of the other firms targeted by the group are based in Middle Eastern countries like Kuwait, the United Arab Emirates, Saudi Arabia, and Qatar. Cylance also found a significant number of victims in Canada, Germany, England, France, India, Israel, Pakistan, and Turkey.

-  Unlike their Russian and Chinese counterparts, which tend to grab IP and financial data where they can, the Iranian group has mostly avoided stealing such data.

-  The group is scoping networks and conducting reconnaissance as if in preparation for a major assault at some point in the future.

-   Technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort.

Wednesday, December 03, 2014

Harden your LinkedIn Settings : A Necessity Now

Most of us are part of various Social Engineering Sites and keep updating ourselves via status updates, pictures and tweeting small life updates. Related Privacy and Security issues in respect of these social engineering sites available is already a serious concern among users. Additionally for these all social engineering sites/applications whether accessible on a desktop or a mobile, we all are not so serious responding and interacting but that’s the difference when we see viz-a-viz LinkedIn. When it is LinkedIn…we are mostly serious…no jokes, no clips, no tagging, no personal comments, no WOWs…it’s all professional. And when most of us take it seriously, we also feed serious inputs on it. But do we take necessary precautions too?...I have mostly seen a negated curve amongst my friend circle….hardly anyone has spared time to configure LinkedIn Privacy and Security settings. In this post I bring you out basic and necessary configuration steps involved to harden your LinkedIn interface to the world.

Monday, December 01, 2014

Configuring and using OPENVPN in UBUNTU@14.04 LTS

1.  VPN as discussed recently in my post here is on-way becoming a routine necessity for each one of us.In this post I bring you a screen shot and command terminal step by step procedure to configure and use OPENVPN,an open source application vide which a Ubuntu user can tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port and additionally configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands of dynamic connections from incoming VPN clients.OpenVPN is the best and most recommended open-source VPN software world-wide. It is the most secure VPN option. You need to download the open-source OpenVPN Client and our configuration and certificate bundle from the links on site shown below (use TCP if you cannot connect to UDP due to network restriction).

Steps involved : 

- Open a sudo terminal

- Install openvpn by typing

sudo apt-get install openvpn

Goto http://www.vpnbook.com/freevpn and Download one of the VPNBook OpenVPN certificate bundles as seen available in the screenshot below :

After downloading either of the above certificates as seen....do extract the contents in one folder and these should look like as seen below :

If there is any issue with the installation part,install the openvpn client by synaptics as shown below :



Once done ...go to the sudo terminal and type the following :

openvpn --config vpnbook-euro1-tcp443.ovpn



As you see the message INITIALIZATION SEQUENCE COMPLETED...u r on with the VPN..

Sunday, November 30, 2014

APT 28 :Cyber Espionage and the Russian Government?

Russia may be behind a long-standing, careful campaign designed to steal sensitive data relating to governments, militaries and security firms worldwide.This presentation based on a report made public by FireEye (report here)brings an over view of their opinion.....uploaded here just for general info to understand how its all happening in the dynamic and vibrant world of CYBER ..!!!!






Thursday, November 27, 2014

VPN: Graduating to NECESSITY!!!!

1.   Years back in India some where in 1990's...computer was still a rich men's possession...so was the case with plain mobiles graduating further to smart phones..but over the years today both are part of routine possession of every one...PCs/Laptops/Tablets today have entered almost all domains of most of the minutes we spend with our eyes open...whether it is office...studies... entertainment.. personal life... everything...The growing dependence has made new problems too...prime being PRIVACY.The privacy issue has recently taken a more serious note with so many Cyber Espionage operations coming in open...wiki leaks happening...Snowden out in open with his story ...government backed cyber traffic monitoring projects incl few as mentioned below :

    PRISM
    ECHELON
    Carnivore
    DISHFIRE
    STONEGHOST
    Tempora
    Frenchelon
    Stellar Wind
    Fairview
    MYSTIC
    Bullrun
    Upstream

    
2.   The above list is actually endless with specific aims of collecting information in form of call records,location mapping,building profiles....all happening in the name of building Intelligence for the safeguard of respective individual nations.There is no way one naive citizen without a tech background of any country can safeguard himself from all above operations and projects.In recent times.....VPN has been increasingly showcased across various forums and even by the likes of Snowden and Julian Assange who have used it in their routine transactions of email...Skype and messaging someone..

VPN is a network that is constructed by using public wires — usually the Internet — to connect to a private network, such as a company's internal network.  There are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.
3.  Now with the growing paranoia and due concern of Cyber Security and Privacy in general public too,the option of VPN has started gaining due focus....with free VPN Services in abundance...like openvpn, freevpn, vpnbook,Shrew Soft, Comodo Unite and the free/basic version of Hamachi etc...the lure is only becoming more tempting. Most people are coming out of the typical mindset of VPN being only a corporate protocol for business travellers and people who work remotely.VPN is thus gradually moving from an option today to a necessity.The good thing is that even the paid VPN services are not so costly to make an impact on pocket.With a VPN configured in ur PC/Laptop...u r rest assured safe from prying eyes of free wifi zones at Coffee shops or places like at airport.

Does VPN imply 100% Safety for the user?

4.   Like all security solutions, even the securest of VPNs can be compromised surprisingly since if the user is keen enough/careless to download malicious files, which is why the onus lies finally with the user habits of surfing safely.A VPN only makes sure that the traffic from user end is encrypted from third party eyes...it does not defy the need for Anti-virus software’s which are primarily responsible for detecting Virus/Malwares etc

Tuesday, November 25, 2014

REGIN : Groundbreaking MALWARE Threat

An advanced piece of malware, known as ‘Regin’, has been used in systematic spying campaigns against a range of international targets including government agencies and businesses since at least 2008 vide IT security firms Symantec and Kaspersky Lab reports both released on 24th Nov 2014.This ppt brings you an overview of the threat in brief.The piece of malware is unique in the sense that it's structure displays a degree of technical competence rarely seen.Stuxnet looks a decent past....with this complexity

Being PGDIS : Post Graduate Diploma in Information Security@IGNOU

1.   In my endeavour to gain skill sets in Cyber Security,I have been stuffing my profile in past few years with professional Qualifications in the IT security field...though I personally feel simply loading with qualifications is not an authority to you being an expert but what matters more in this field is hands on practical training and knowledge...but still some gut feeling from inside makes me always enroll for some good course in addition to continuous hands on attempts with pracs.So in past as I qualified CCCSP@CDAC,CEH@EC-Council, and few qualifications from ASCL,Alison,Rackspace etc I got myself enrolled for a longer version course(One year)...PGDIS@IGNOU...and passed out last week with 81.13 percentage marks.Here I bring you out basic features of this course...

- Stands for Post Graduate Diploma in Information Security

- This programme emphasizes specifically on the User’s Security Awareness and needs as follows:

    - Securing one’s own desktop.
    - Securing one’s own data.
    - Securing one’s connectivity.
    - Secure browsing. (E-mail, Internet application)
    - Secure Internet transaction.
    - W3C Compliance.
    - Employee perspective of ISO 27000
    - Securing Web servers/ services.
    - Cyber Forensics.
    - Securing in the mobile world
    - Govt. rules in IT Security

- Subjects covered in this course vide two semesters are as seen below :

Click to Enlarge

- Course fee is Rs 9000/- per semester

AMAZING PROMPT STAFF

3.  I would like to bring out another good thing about this course...the staff involved is surprisingly amazing and prompt.I always had this view about IGNOU being a sarkari university with slow staff,slow procedures,slow communications and so on...but the kind of dedicated staff that is available for this course deserves accolades and loads of appreciation...the study center staff with Mr Santosh,Mr Niranjan @ Delhi Center , Dr Anup Girdhar as the conducting instructor and guide for course/project and Ms Urshla Kant,coordinating staff from the Faculty of SOVET......all working together to bring out this relatively good course that involves...contact programmes,theory and practicals....I found it much contentful then CEH,CISSP etc.Wish them al d best....

Monday, November 24, 2014

WireLurker : First Serious Trouble for APPLE

This post brings out a brief over view of WireLurker,the first of a kind of malware family that has made the Apple to rot...never in the history of unquestionable iOS/Mac devices has such a thing been seen or heard...with such a severe beating...the ppt is based on a report made recently public by Palo Alto Networks®...

Sunday, November 23, 2014

Setting up Metasploit on a BackTrack5 R3 VM with SSH connectivity@Putty

1.    Setting this up is a simple thing till the time you know how to do it...here I bring you a step by step thing of how you putty to a Backtrack5 v3 machine installed in a Virtual Box from a Ubuntu host OS....

2.    First thing is configuring a additional network card on the BTR3 machine.Select the virtual machine and click on Settings,then move to Network settings and then in the Network adapter, there will be a pre-installed NAT adapter for internet usage of the host machine.Under Adapter 2 select Host only Adapter.

Adapter 1 Default Configuration
 Adapter 2 to be Configured
Before you get ready to ssh...u need to ensure that ssh service is running in Backtrack...which by default is not...run the terminal commands as seen below in the screen shots...


ifconfig as seen at terminal of the Backtrack R3 machine
 Putty to IP of the Backtrack Machine
Putty successfully asks for login as seen below :

 Login with Backtrack credentials :
Here  above we get the msfconsole...ready to accept the commands....

Saturday, November 22, 2014

Lufthansa A380 – The Dawn of a New Era

Source : http://a380.lufthansa.com
Lufthansa A380 – The Dawn of a New Era

1.    Bigger is always Better...here I am speaking about the Form factor and not trying to twiddle a baggage of daily life problems...Bigger the problems..the Better it is...na na...na...few things in life I would mention like Happiness Index.....Quality of Life...Content of materialistic lives incl our homes...our cars...our salaries ...or may be smiles in a family...the movie hall screen size.....big sports stadiums...big shopping malls...huge towers...so I may have been able to bring out few things that we have always wanted bigger and bigger in our lives thinking....and when we travel by air ..don't we desire a huge aircraft that we have mostly seen in movies or may be heard of restricted to the big wigs in this world....but for a common man...where does he realize this dream being the common men he always is and remains for the most of his life…..the answer I came to know vide reading about this campaign on Lufthansa A380.
Source : http://hdw.eweb4.com
2.   The Lufthansa A380 is the largest and heaviest passenger aircraft in the world. The 73 meters long, 24 meters high frame form factor that this hulk possesses is enough to shock anyone who is used to the routine aircrafts sizes plying across the globe and has a takeoff weight of up to 560 tons. This hulk allows a seating for 526 passengers, and its four Rolls-Royce engines each generate 31800 kilograms of thrust roughly tantamounting of what 3500 cars could bring out…that’s huh!!!!!
 
3.   And the size is not the only thing that one notices about this…the additional features include offering 40 per cent more capacity, the lowest seat mile costs in its class, being the quietest and most spacious in the sky and with 18.5 inch standard seat width in economy, it is a luxury for any passenger in economy space without trying to mould  and squeeze inside narrow seats he is typically used to. Additionally A380’s two decks offer 50 per cent more floor surface than any other aircraft. Few other features of interest include the following :

- Advanced lighting systems and new standards of in-flight entertainment to improve over all comfort factor for the passenger.

- Cabin air is recycled every three minutes to keep the atmosphere fresh.

- Natural light is provided by 220 cabin windows and with Four high-level air outlets  as opposed to the industry standard of two ,the passenger is bound for an elated happy experience.

- Lufthansa A380 is further conjugated with its optimal cabin height and these key advantages provide more personal storage, better head room, and wider stairs for maneuvering inside.

- A380 is the first commercial airliner to have a central wing box made of carbon fibre reinforced plastic besides having contoured wing cross section which typically are partitioned span-wise into sections leading to an improved and better desired aerodynamic efficiency.

- The two inboard engines are equipped with thrust reversers helping the brakes when the runway is slippery…so an increased safety attribute. 

Source : http://a380.lufthansa.com
Source : http://a380.lufthansa.com

Source : http://a380.lufthansa.com

Source : http://a380.lufthansa.com
This Germany based aircraft carrier has recently started operating the hulk A380 to India, with the first flight arriving at New Delhi's Indira Gandhi International Airport from Frankfurt on 08 Nov 2014. Alaass…the wait to experience this premium and luxury travel at a economical price has finally started for thousands of passengers due to experience the ultimate experience in near future now on….al d best to LUFTHANSA….

Sunday, November 16, 2014

DarkHotel APT : Story of Unusual Hospitality

A new social Cyber threat is currently being exploited by criminals vide using hotel Wi-Fi networks to hack the devices of business executives with the hope of gaining access to a company's sensitive information.The so-called "Dark Hotel" attack tricks hotel Wi-Fi users into downloading malicious software that appears to be a legitimate software update which actually is embedded with customised malware and trojan droppers.....This ppt gives a brief over view of the report ex Kaspersky Labs




Thanks Kaspersky : Access full report at https://securelist.com/files/2014/11/darkhotel_kl_07.11.pdf

Sunday, November 09, 2014

A Healthy Child Makes a Happy Home

This post is written as part of a campaign by Chyawanprash vide DABUR INDIA link at https://www.liveveda.com/daburchyawanprash/

1.    For any set of parents and couple across globe ,there is no greater gift than a child.The Parent’s soul lives in a child. The smile of a child is proportional to the happiness index of any family. A smiling child is the smiling quotient of every family. If a child is sick ,the entire house is effected... the routine gets effected...the focus and the energy of any family are bound to get diverted in a undesired direction leading to a reduced over all happiness.The reason behind a sick child may be attributed to metro life style,working parents,unhygienic living conditions,basic hygiene in life and so many related aspects in similar dimension.Today's metro life style needs a regular reminder to all parents about specific attention towards their children but most of us need that reminder, sometimes the stress of everyday life can cause us to forget temporarily about the importance of the time and attention our children need. Those early first years of nurturing and teaching are so critical to the rest of their lives and we can never turn back the hands of time.We have been given no greater gift or responsibility than our children.Children are more likely to be affected by hazards in the home because their bodies are still growing. Children play and crawl on the floor and often put things in their mouths.When compared to adults, relative to their body weight, children eat more food, drink more water, and breathe more air. For this reason, children often have greater contact with sources that may be harmful to their health.Here below is pic of my mom and daughter....with the sentry of our lives...that’s Chyawanprash.

2.   Help your child develop healthy habits early in life that will bring lifelong benefits. As you gain practical tips on helping your kids eat nutritious meals and enjoy a physically active lifestyle, be sure to apply these same behaviors to your own life. The best way to lead your child to a healthy lifestyle is to set a positive example yourself. Adding two spoons of  Dabur  Chyawanprash to your families diet can improve the immunity of your family and especially your child’s immunity . It has anti-oxidant properties (contains amla) and helps strengthen your body’s internal defence mechanism – the immune system – thereby protecting you from day to day infections such as cough, cold etc. The natural product it contains help improving natural defence system of our body.Now question rises why Dabur Chyawanprash is one of the prime reasons behind,i m putting them up here below :

- Dabur is the first branded Chyawanprash in the India.

- It is the highest selling Chyawanprash .

- Scientifically proven to provide 3 times immunity* that helps fight virus, flu and infections.

- Dabur Chyawanprash has been consistently voted as the power brand of the country and is a trusted remedy for cough and cold for a majority of Indian household

- Available in 2 new exciting flavours mango and mixed fruit flavor

- Contains natural Ayurvedic ingredients, which are being consumed safely for ages.

- Dabur using its 125 years of Ayurveda expertise, has now also developed Dabur Chyawan Junior- a unique drink for growing children. It has 35 herbs like  Amla, Ashwagandha and Guduchi (most of them used for decades in Dabur Chyawanprash to help build immunity). It also has Calcium, Iron, and Milk Protein as in other popular health drinks to give nutrition and promote body growth. And its truly delicious with a great chocolaty taste.

- Children are our most valuable resource.The soul is healed by being with children.

3.    THANKS Dabur Chyawanprash

Thursday, November 06, 2014

Testing UBUNTU for SHELLSHOCK vulnerability

Shellshock,the now famous vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system. If your system has not updated bash in since Tue Sep 30 2014: 1:32PM EST , you're most definitely vulnerable and have been since first boot. This security vulnerability affects versions 1.14 (released in 1994) to the most recent version 4.3.Its always good to at least close known bugs and holes since zero vulnerabilities always exist....here i bring out few ready made cut/paste terminal commands to test your UBUNTU...This simply involves running of a script shellshock_test.sh.Source code at https://github.com/wreiske/shellshocker/blob/master/shellshock_test.sh

Screen shot shown below as run from my system :  

Terminal cmd : curl https://shellshocker.net/shellshock_test.sh | bash

(Click to ENLARGE)

Sunday, November 02, 2014

My blog hits : 2,00,000 plus :-)

Exactly about a year back my blog got the 1,00,000th hit and today it is 2,00,000 plus. So a decent traffic by a technical standard since technical blogs do not have the glam and mass factor associated....I got into blogging without knowing any thing about traffic and readers and then maintaining a blog when you are working also is at times difficult.This actually means the time you could have spent with your family is being spent on blogging.But then as we say "Purpose is the reason you journey and Passion is the fire that lights your way."...and so has been applicable to me.Simply the passion to study and share IT and experiment with tools and researches has been the force for my energies being put in here.I bring out the stats here of the 2 Lakh hits from Google Analytics.

Blog Page showing visitor count 
Rise over years
 Country wise state of visitors
 Browser state of users
 Operating Systems of users

Lingaa : Rajini Fans await with bated Breath

The only time myself ,a self obsessed IT security enthusiast, go off the track from my blog is when some thing is on way about Rajinikanth...and this time as the teaser for his next movie LINGAA got released I had to go off again...a treat for all Rajini Fans...he is back with grand bang then ever since Shivaji happened.The 35 second long teaser has already wowed the viewers with its gripping background score, amazing action sequences and of course, the presence of superstar Rajinikanth. "Lingaa" releases on his birthday 12 December.....huh!!!!with full seetiyaan and tamasha I await the release with bated breath....here is the teaser....

Friday, October 17, 2014

Make your wired normal speaker WIRELESS

I am writing this post for all guys who are bugged with the fact that they need to attach a cable with their mobile to speakers or laptop to speakers for playing music and audio files...and few users who dread investing an amount exclusively for getting blue-tooth wireless speakers...so here I am sharing a small device that can make wired speakers at your home/office to wireless in the most simple manner.The device is LOGITECH BLUETOOTH ADAPTER.The figure below is enough to explain the  circuit and set-up required....pretty simple to install and very comfortable to listen without any disturbance....cost Rs 1700/-...available at online sites for even less....so get set ready to connect your laptops...androids...and play wirelessly...





Sunday, October 05, 2014

Officially Keylogged : Welcome to Microsoft Windows 10 Preview

1.   Though an avid loyalist of Linux for last about a decade,I always keep a tag of what’s happening in the world of Windows......and recently when Windows 10 preview was launched I started reading various reviews pan web....and I came across this startling and surprisingly criminal revelation regarding inbuilt key logging in the OS available for download.See the screen shot below straight from the Microsoft and you read it for your self highlighted...  

(Click to Enlarge)

2.     This is actually too much in the name of Data Collection wave by various companies as a genuine and legal move putting across mostly naive users at complete risk since anyone is hardly interested in reading the Terms & Conditions of any application.A google search on this gives surprising concerns as bought out by various reviewers across as seen below :

(Click to Enlarge)
3.   Few interesting statements below from Terms and Conditions :

"Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage."


"We may collect information about your device and applications and use it for purposes such as determining or improving compatibility" and "use voice input features like speech-to-text, we may collect voice information and use it for purposes such as improving speech processing."
The killer statement says, "If you open a file, we may collect information about the file, the application used to open the file, and how long it takes any use [of] it for purposes such as improving performance, or [if you] enter text, we may collect typed characters, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features."

4.     Thanks Microsoft :-)

Friday, October 03, 2014

Invalid settings detected Virtualbox Host only Adapter solved

1.   This post will help guys stuck with adding a Host only Adapter in Virtual Box.The screen shots are self explanatory in a step wise manner.First screen shot shows the problem as  seen on the screen....rest on how to resolve.

(Invalid settings detected)

(Go to preferences as shown above)




(No more errors)

 

Thursday, September 11, 2014

VEGA SCANNER : Powerful Open Source Web Application Vulnerability Scanner

1.   Vega is one free and open source scanner and testing platform to test the security of web applications by Subgraph, an open source security software company. Vega can help find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. 

Main Features:

    Automated Crawler and Vulnerability Scanner
    Consistent UI
    Website Crawler
    Intercepting Proxy
    SSL MITM
    Content Analysis
    Customizable alerts
    Database and Shared Data Model

2.   So to launch Vega in Kali Linux...go to Web Applications then to Web Vulnerability Scanners and select Vega

 Vega will flash an introduction banner and display a GUI

Vega has Scanner and Proxy tabs as u play with the interface as seen below. To use Vega as a Scanner,click on the Scanner tab , click on Scan on the top-left corner and select to start new scan
 You will see an input field asking for the target. The screen shot tested below is targeting www.thesecurityblogger.com. Choose target and click on Next:











3.   It takes time to scan but gives pretty exhaustive results and presents a summary too.
Powered By Blogger