Sunday, 19 November 2017

You can also read the deleted message of WhatsApp

1:-First go to the Google Play Store and search the Primo app. Now install it on your smartphone and click on the sign button to create your account.

2:-After this process, you have to enter your mobile number. After this you will get a verification code of 6 digits and the app will verify your mobile number.

3:-Now you have to enter your name, user name and password and some other information will also be given.

4:-After signing in, you will receive mail to verify your email ID. After the mail id verification is complete, you will be redirected to the app.

5:-After signing in to the app, go to your profile and tap on the Primo US Phone Number option.

6:-After the entire process, you will be asked to buy the package. Select Free Tile from it.

7:-After this you will be given a US number which you can use on your WhatsApp page.

8:-Now create a new account on WhatsApp from this new number and click on the 'Call Me' option for account verification. You will be given a new code through call. Enter the code and verify your account.

9:-Now you can create a new account with any new name and profile picture.

10:-After this whole process, you can message anyone you want and your number will not be visible to them.

Saturday, 4 November 2017

How To Hack Whatsapp With Your Girlfriend or Friend

It's not so easy to hack whatsapps apache, but still we are presenting it to you in 3 simple ways: (Please do not misuse this trick.) Pre-approval of access to their chat with your girlfriend or friend Take)

Method 1. Get the database file (Note that this is the easiest way to get whatsapp app, but in this way you will only get chat records or messages from the last 7 days of the Whatsapp app)

Actually whats the Whatsapp app automatically creates a database file on your phone, but suppose someone has deleted their WhatsApp app to hide from you, what would you do?

1. The simplest way is to get his phone first and then quickly go to File Manager.

2. Now go to the Database >> from the What's Apps folder.

3. Here you will find a database history of the last 7 days which will be stored as "msgstore-date.db.crypt8". There will be 7 similar files available with different dates. Select all these and send it to your phone via Bluetooth or xender.

4.Now, you have a database of your girlfriend or friend and this chat is available for the last 7 days.

5.Now the game starts. This database is in an encrypted format so you can not easily read it on your phone. You will need something to decrypt it, with which it can be read.

6. To do this, visit the Recovery website. Click on "select SQLite File" here and select the database file you want to read.

7. Accept the terms now received and click to proceed.

8. Just now all the chat will be open in this software and you can easily read it.

Method 2: What's Spy ?

This is a great but tree tool. So thousands of whatsapp spy software is available 
, but we'll use "mspy". For this, you can go to to view the demo of how it works.

Through Mspy you can find whatsapp messages, group messages, internet history, fasubcus, twitter, google, instagram etc, not only can you distinguish photos, videos and GPS locations. In other words, with the help of this, anyone can phone you completely.

How Mspy Works?

first of all, you need to call Victim, which is what you want to hack, and you will have to download the phone and quickly download and install the mspy app in his phone. This process will only take some time. After the installation is complete, all the data of the Victim will be stored in your mspy account.

Now you just have to log in with your mspy account and monitor all its activities. Its Whatsapp chat, social media activities, that is, you can keep an eye on just one place.

Now let's move to 3 ways: It's a bit harder to tell than the above. You will need to route Android phones for this.

1. Each phone has a Wi-Fi MAC address, so you somehow have to get the Wi-Fi Mac address of Victim. You will get this address in the phone's settings.

Go to Settings for Android> About> States> Wi-Fi MAC Address

Go to Settings for iOS> Journal> About> Wi-Fi Address

2. Now when you get the Victim's MAC address, replace it with your phone's MAC address for a while.

3.If you need a busybox app in Android. It is available on Google Play Store.

4. Now after changing your phone's MAC address, you will need to re-install the Whatsapp app (uninstall whatsapp app before you change the mac address)

5. Register this WhatsApp app with your girlfriends or friend's mobile number. A confirmation message will come to his phone, which you have to get in any way. Now type this confirmation message and go ahead.

6 Now your friends or girlfriends' Whatsapp app number is also running on your phone and you can see all their WhatsApp app messages.

Read Also:-

Sunday, 29 October 2017

How to track Lost Smartphone

To tackle this problem, we are going to tell you a way through which you can track your phone. You need to install GPS tracker by Follow me app. This can be tracked if your phone is missing or lost.

How To Use Ape ?

1. First of all download the GPS tracker by Follow me app by visiting Google Play Store. Many such apps will be present in the Play Store. You need to download and install the Blue icon app.

2. Open the app. Tap the settings from the page which will be open here.

3. Now you have to create an account for which the link on the page will have to be clicked.

4. Now a new page will be open. In it you have to enter a username and password. After this, select 1 minute in the track interwale. Then tap on the Save button below.

5. Then the GPS sign will be topped in your phone. After that exit from the app and go to Google Chrome and open the GPS tracker by Follow me link.

6. Here you will need to login to your account. After this there will be a page open which has to tap on Continue to my map.

7. After this there will be a map open where the location of your lost phone will be opened. From here you can track your phone.

Also Read:-
How to check your mobile is Hacked

Thursday, 19 October 2017

How to check your mobile is Hacked

Many people are in doubt but they can not find that no one is tracking them. Here we are going to tell you about some such codes, so you can find out if you are not doing any track or your call is forwarded somewhere.

Let's learn about these codes :

Code: ## 4636 ## With
the help of this code, all information such as phone battery, Wi-Fi connection test, model number, RAM can be ascertained.

Code: * # 21 #
You suspect that if you have not diverted your message or call, then this code can be traced to this code.

Code: * # 62 # With
this code it can be ascertained that your phone was not re-directed to any other number.

Code: ## 002 # With
the help of this code you can deactivate all call forwarding calls.

With the help of these four codes, you can find out that there was no tampering with your phone. If so, you can stop leaking your personal information. This is the way to protect yourself from such incidents that keep your phone with yourself and be aware of its safety.

Read Also:- 

Tuesday, 17 October 2017

How to protect your Mobile from Virus

The phone gets a virus when downloading any third-party app. To overcome this problem, we are going to tell you about a secret setting of the smartphone which will eliminate the possibility of virus attack in the phone. Let's tell you that this trick will work on Android Marshmallow and Nogget version only.

Learn how to :

-For this you must first go to the phone's settings.
-After that click on Google. Here you will get the security option. Keep in mind that in many phones -Google's option is out in the setting, so many options are given in these accounts.
-After tapping on security, enable the two options given below by tapping Google Play Protect.
-After this, whenever you install an app, Google will automatically scan it. If it contains a virus,   Google will give you a popup. Also, the app will stop installing it.

Learn How Does Google Play Protect Work ?

Google checks the privacy and security of each app on its Play Store. For this, it creates peer groups for every category. In such a case, if an app asks for a permit from any user, then it is flagged by Google. Google experts felt that changes in category-based peer groups could not be made. Which does not know how many types of apps are in the same category. That's why Google launched Play Protect. It's a thorough investigation of how many types of apps are in the same category.

You Know :-
Step 1: Update your version of Android.
Step 2: Prevent app installs from unknown sources.
Step 3: Restrict downloads with a password.
Step 4: Read and understand permissions.
Step 5: Install antivirus software.

Wednesday, 4 October 2017

How to Crack any Password from any of these tricks can easily

Do you know how hackers crack your password? Today we are going to tell you about these techniques.

1. SQL Injection is one of these ways. For this, hackers have to steal the server's hard disk. The password which is in text only does not need to be decoded.

2. It is easy to hack passwords even through MITM. Under this hackers hijack the communication between the machine and the server. In this case, those who share shares between the plain text machine and the server, easily hack the hackers.

3. Sometimes you have links to some downloads, or some emails that contain malware called Trojans. They steal your personal data and deliver to hackers.

4. Hackers can also steal your personal information through phishing . Under this, hackers send you fakes. Which lead you to a fake website directly. Here also your personal data is stolen.

5. In this way hackers find your password from your birthday or other personal information.

Notes:-In such a situation, it is very important that you keep the password of all your ID strong. No one can hack your password. In the password, you can make a mix of numbers, special characters and names.

Thursday, 21 September 2017

After blocking whatsapp, keep it on every movement of Girlfriends

If anyone who has blocked you on WhatsApp, now you can see his last scene in a very easy way. All this has been possible through an app called WhatsDog.
Read How to check SMS Phishing
All this can be done through a few steps, so let us tell you how you will be able to see the other's last scene despite being a block.

1- First of all, you download the app named WhatsDog. 
2- Now to start, tap on the main screen. 
3- You now have to enter the mobile number of the person whose last scene you want to see. 
4- Now click on the option "By Contact" given to you. 
5- This will set your contact list yourself. 
6- After the contact is set, you tap on the content of the Continuum. 
7- After that you will get all the details of the contact via WhatsDog, which has blocked you on WhatsApp. 
8- Now whenever the person comes online on whatsapp, you will get a notification.

Please let us know that this app will be able to provide information about only one contact at a time.

Tuesday, 19 September 2017

You can access your computer from anywhere

You can control your computer completely from any place. Here  i will tell you how you can get access to your computer easily sitting away.

Apple and Microsoft Tools:-

Both Apple and Microsoft have their own remote desktop tools. But it depends on you what you need. However, this option should not be your first choice. Let us know that Apple has a large-scale sales of a remote desktop program at a price of $ 79.99. But it's really for IT professionals and network managers. On the other hand, if you want to connect one Mac to another Mac, then screen sharing can be a better option for you. You will not need to spend anything for this.

For this you have to go to the system preference. After this, click Sharing and tick the screen sharing button. Now, go back to system preference, go to iCloud section and tick on Back to My Mac. After setting this up, you can access your original Mac from another MacOS machine that is signed in your old iCloud account. Now open Finder and go to the share section of the sidebar. Now find your home computer in this section, click it and select the share screen.

Screen sharing works great for Mac devices. This makes the process of accessing your Apple computer from any other operating system to a bit complicated. When you move to MacOS from Windows and other devices using this method, then you will need some advanced networks for this. Instead, you can use third party remote desktop tools.

Microsoft makes its own remote desktop device for both Windows and MacOS. But let us tell you that you can only connect it to a Windows Professional, Ultimate or a machine that runs on the Enterprise version of Windows. However, if you have installed any of these versions of Windows, you can use the remote desktop assistant program to configure access. But you can use third-party option instead.

Third-party tools: Google Chrome

1.Download the Chrome Remote Desktop app.
2.On your computer, open Chrome.
3.In the address bar at the top, type chrome://apps, and press Enter.
4.Click Chrome Remote Desktop Chrome Remote Desktop App.
5.Under "My Computers," click Get started.
6.Click Enable remote connections.
7.Enter a PIN and re-type the PIN. Click OK.
8.Click Yes to install the Chrome Remote Desktop service.
9.Confirm the Google Account and enter the PIN again to continue.
10.The computer you allowed should show up under "My Computers."

Also Read:- 

Friday, 15 September 2017

How to check password is secure or not ?

Through this website, users will know that their password has never been hacked or not. For this, users will have to go to this link. After that, they have to enter their password in the space given below. If you have good news - no password  found!.

If your message comes up then your password is absolutely safe. Right there, oh no! If the Pwned Message comes in Red Color then you need to change your password.

Users can protect their passwords through these tips :

1. Do not use easy password like birth date, your name, 12345 etc.

2. When using Password, always use Captill Litter, Small Letter, Special Character and Numbers.

3.Never share your password with anyone.

4.Do not use the same password for each of your IDs.

Read Also :-

View Hidden WIFI Passwords in Android devices

How to connect Pubilc WIFI free 

How the files in the Phone can be hid and personal data through Calculator 

How to find e-mail sender's location

You can create a YouTube channel from your phone

How to check SMS Phishing

Monday, 11 September 2017

View Hidden WIFI Passwords in Android devices

In such a case, if you use any public Wi-Fi anywhere whose password is saved once upon your smartphone. But if you can not see it, then today we will tell you how to know the password of the Wi-Fi network.

Before starting, let me know that this process works only on Android devices. In addition, you can not get the admin access to Wi-Fi access without having access to this because this information is stored in the system's system folder.

Step 1 - First you need to install WiFi password viewer (root) from Google Play Store.

Step 2- Once the app is installed, allow all the things the app is asking for you. This will allow the app to read that save file, where your Wi-Fi passwords are stored.

Step 3- After giving permission on your behalf, the app will release a list of all the network password that you have already connected.

Step 4- If you want to share it with your friends, then tap an entry in the list, where you can copy the password to the clipboard or share it via any app. Also, you can also create a QR code.

Read Also :-
How to connect Pubilc WIFI free

How the files in the Phone can be hid and personal data through Calculator

How to find e-mail sender's location

You can create a YouTube channel from your phone

How to check SMS Phishing

Sunday, 10 September 2017

How the files in the Phone can be hid and personal data through Calculator

Step 1. For this, users can use Smart Hyde Calculator app . You can download this app from Google Play Store.

Step 2. When you open this app, you have to set a password in it. After setting the password, confirm it.

Step 3. After this you will also be asked for an additional password which you can skip.

Step 4. You have to use it (=) for OK.

Step 5. When you set the password, you will have several options including Hyde files and unheard files.

Step 6. After this you have to click on the Hyd files and select the files which you want to hide. Your files will be hid.

So, how do you look like a calculator can hide your information by hiding all your files.

Also Read:- 

How to find e-mail sender's location

You can create a YouTube channel from your phone

How to check SMS Phishing

Hackers Can Now Decrypt Satellite Phone Calls

Saturday, 9 September 2017

How to connect Pubilc WIFI free

If you Want to use Free Wifi , So follow below Steps :-

Step 1- The first app is WeFi Pro, this app will be available to you at Google Play Store. It can be downloaded for free. Its specialty is that you will not need to search for Wi-Fi in the phone. This app will automatically detect the public Wi-Fi connectivity to the phone.

Step 2- The second app is Instabridge. It is also available free on the Google Play Store. Through this app you can connect the phone to the public Wi-Fi. The specialty of this app is that it connects your phone to the fastest network. Not only this, if it does not find any network, it switches to the mobile network.

Step 3- Apart from this, if you use Facebook, you can find Wi-Fi from here too. You need to login to Facebook for this. After this, click on the menu options on the right hand side. Here you will get the option of app. Click on See All in it. Here you will find the option of wi-fi. Tap on it.

Read Also :-

You can create a YouTube channel from your phone

How to find e-mail sender's location

Wednesday, 6 September 2017

You can create a YouTube channel from your phone

To make Android Mobile or PC, YouTube Video Channel you must first have a Gmail account.

- To create a Gmail account in Android phones, first go to the phone's settings and choose Account   and Sync there.
- The option of the ad account will appear, click it. Click Create Account here.
- Pin it with and your Gmail account will be created.

Video upload method:-
 You can upload videos from Android phones as soon as a Gmail account is created. For this you have to open the YouTube app in the phone.

- There are many options here that you will have to click on the account button. Although the account will not be written on any button, the same symbol of the profile picture that is created is the same account button.

- Clicking on it will show you the option of Mai video. Here you will get the option of upload video.

- Click on it. With this you will be able to get videos available in the front gallery gallery, which you can upload.

- You will also get the option of recording the video above, if you wish, then you can record the video and upload it to YouTube.

- You can also write title and description of the uploading video.

Read Also:-

Monday, 4 September 2017

How to find e-mail sender's location

First way: search the e-mail ID

Copy the mail ID you are receiving from. Now visit the pipl or spokeo website. After this, paste the e-mail ID here and paste it. Here you will find other details of the mail id along with the location.

Second way: Facebook

Under this, please copy the e-mail ID and search in Facebook. If such a person had created a Facebook account with this ID, then you will get his information.

Tuesday, 22 August 2017

Wireshark Free Training

Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.

You can download Wireshark for Windows or macOS from its official website. If you’re using Linux or another UNIX-like system, you’ll probably find Wireshark in its package repositories. For example, if you’re using Ubuntu, you’ll find Wireshark in the Ubuntu Software Center.

Wireshark Free Training Click Here

Monday, 21 August 2017


 The discovery net the researchers $100,000 last week from Facebook, which awards money as part of its annual Internet Defense Prize partnership with USENIX Association.

Threatpost has published that artical , The researchers—Grant Ho, University of California, Berkeley; Aashish Sharma, Lawrence Berkeley National Laboratory; Mobin Javed, University of California, Berkeley; Vern Paxson, University of California, Berkeley and International Computer Science Institute; and David Wagner, University of California, Berkeley—presented a paper, “Detecting Credential Spearphishing Attacks in Enterprise Settings,” (.PDF) last week at the 26th USENIX Security Symposium, in Vancouver, British Columbia

The technique, Directed Anomaly Scoring (DAS), operates in a non-parametric fashion, cherrypicking what Ho and company call the most suspicious events from an unlabeled dataset. The technique ranks events by how dubious they appear.

“Once all events have been ranked, DAS simply selects the N most suspicious (highest-ranked) events, where N is the security team’s alert budget,” the researchers write in the paper.

The researchers claim a standard detection method would take nine times as many alerts as theirs to detect the same number of attacks, and that in an experiment they carried out, it detected all but two attacks and even fingered out two previously unknown phishing attack vectors.

The researchers took an anonymized dataset containing 370 million emails from UC Berkeley’s Lawrence Berkeley National Laboratory (LBNL) to test the scoring algorithm. The facility, a Department of Energy (DOE) Office of Science lab managed by University of California, didn’t receive any malicious attachments during the four-year experiment but did receive a number of credential spearphishing attempts.

Credential spearphishing attacks are far less expensive and easier to pull off than attachment-driven exploits. The attacks usually rely on a tricking a user into clicking through a deceptive email to an attacker’s site and entering credentials.

“The authors acknowledge and account for the cost of false positives in their detection methodology. This is significant because it factors into the overhead cost and response time for incident response teams,” Leontiadis said Thursday.

Facebook, for four years running, has awarded the Internet Defense Prize to researchers for defensive work that prevents vulnerabilities and mitigates attacks.

Sunday, 20 August 2017

Top Five Hacking News ||Exploit Toolkit for $80 Per Day||Hijacked Extensions||Chinese DDoS Platforms||20-08-2017

1.The Latest Exploit Toolkit for $80 Per Day.

For just $80 per day, $500 per week or $1,400 monthly, cybercrime entrepreneurs can subscribe to Disdain. That's the name of a new exploit kit that's appeared on at least one underground Russian cybercrime forum, and which is being advertised by a "threat actor" who uses the handle "Cehceny," according to Israeli cybersecurity firm IntSights Cyber Intelligence. And more inforamtion Ref.

2.WannaCry 'Hero' Pleads Not Guilty, Allowed Back Online.

The British security researcher credited with stopping the WannaCry ransomware outbreak pleaded not guilty Monday to charges that he developed and sold a type of malicious software that steals online banking credentials and more inforattion Ref.

3.The malware can be downloaded accidentally through Google Play apps.

A new type of malware that threatens to send your private pictures, messages and internet browsing history to your friends has been discovered and more inforamtion  Click Here.

4. Hijacked Extensions: 4.7 Million Chrome Users at Risk.

More than 4.7 million users were apparently exposed to potentially malicious ads and credential theft after cybercriminals managed to hijack the developer accounts of several popular Chrome extensions.
and read more.

5.Common Source Code Used by Multiple Chinese DDoS Platforms.

An increase in Chinese websites offering online distributed denial of service (DDoS) capabilities was observed after a localized version of the source code of online booters was put up for sale, Talos reveals and more information Ref.

Wednesday, 19 July 2017

The largest Dark Web marketplaces "AlphaBay Market" is down.

One of the largest Dark Web black markets is down. We have analyzed many times the popular black market where it was possible to buy any kind of illegal goods, including drugs, malicious code and fake documents.

AlphaBay is considered the largest marketplace on the dark web, competing against the likes of Abraxas, Dream, and Hansa. Operators at the marketplace have continued improving the site by adding new features, including Monero.

On the Internet is circulating the news that administrators of the black market have pulled a classic exit scam to steal users’ Bitcoin.

As per confirmation with "securityaffairs" ,Analyzing the total withdrawal it is possible to verify that admins have transferred 1,479.03904709 Bitcoin (roughly $3.8 Million), which led to suspicion from some users that the site’s admins may have pulled an exit scam to steal user funds. Of course, at the time I was writing this is only a hypothesis, The AlphaBay Market already went down in the past, last year the black market was not accessible for about four days. Also, the blockchain transactions of about $3.8 Million are not enough for AlphaBay moderators to go offline.

The AphaBay marketplace made the headlines early last year when unknowns hacked the website and stole over 200,000 private unencrypted messages from several users.

In March 2015, the largest dark web market at the time, ‘Evolution,’ suddenly disappeared overnight in similar circumstances, operators stole millions of dollars worth of Bitcoins from its customers.

Thursday, 13 July 2017

Dell Launched Endpoint Security Technologies

Dell has announced new security technologies that provide threat detection and prevention for traditional endpoints as well as cloud client computing.

Dell Data Protection Endpoint Security Suite Enterprise provides businesses with endpoint security that integrates authentication, encryption and advanced threat protection into one single management plane, according to Hansen.

According to Dell's research, it's been a rough year for companies. A whopping 87 percent of organizations have suffered a security breach of some sort in the past 12 months. More than 75 million records have been pilfered from business networks as a result of an estimated 568 breaches. Seventy percent of security breaches can be traced to human causes.

Recovering from a data breach can also prove very costly. A single lost laptop can end up costing a business $49,000, a figure that includes the cost of dealing with breaches. Just one lost or stolen record can end up costing a business $201, up from $188 in just one year

Three versions of Dell Endpoint Security Suite Enterprise are currently available: one for systems with an Internet connection, one for devices that connect to an on-premises server for updates, and one for systems that are completely isolated.

If you want to more information about "Dell end point security" so visit Dell official website.

Monday, 10 July 2017

Hackers Can Now Decrypt Satellite Phone Calls

A group of security researchers detailed a real-time inversion attack against the GMR-2 stream cipher used in satellite phone communication, claiming it is much more efficient than previously devised attacks.

The research focused on the GMR-2 algorithm that is commonly used by modern-day satellite phones, including Inmarsat, to encrypt voice calls in an attempt to prevent eavesdropping.

The attack method helped researchers effectively reduce the search space for the 64-bit encryption key, which in turn made it easier to hunt for the decryption key, resulting in the encrypted data to be cracked within a fraction of a second.

The technique contains three phases, namely table generation; dynamic table looks-up, filtration and combination; and verification. The attack can be used to “retrieve the complete 8-byte encryption-key from only 1 frame (15 bytes) of keystream on average.” It also significantly reduces the exhaustive search space, and requires only 6KB of extra storage space.

The security researchers reveal that, in 10,000 experiments, the newly devised technique was able to uniquely determine 97.2% of the encryption-keys by the 15 bytes of keystream. The remaining 2.8% of the keys needed an extra keystream byte to retrieve.

Sunday, 9 July 2017

Facebook and WhatsApp HACK Via Spydealer

Dubbed SpyDealer as like "Marcher" ,The Trojan is capable of gathering the information from user phone(Android) such as phone number , message , contact details and even call history.

Malware researchers at Palo Alto Networks have spotted a new  Android Trojan, dubbed SpyDealer that can exfiltrate data from more than 40 applications, including WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent Weibo, Android Native Browser, Firefox Browser, Oupeng Brower, QQ Mail, NetEase Mail, Taobao, and Baidu Net Disk.
"The mobile malware only works Android versions from 2.2 up to 4.4 releases , that are the versions supported by the rooting tool."
Once installed, the malware doesn’t show an application icon, but registers “two broadcast receivers to listen for events related to the device booting up and network connection status.” At the first launch, the malware retrieves configuration information (from a local asset that can be remotely updated) such as the IP address of a remote command and control (C&C) server, the actions it can take on mobile networks, and the actions allowed under a Wi-Fi network.

If you see  Marcher is more power power full  Malware but it is target of the mobile banking APP .
Marcher" is malware targeting the Android platform. It is designed to steal mobile banking app credentials from customers of many different financial company.

Securify researchers explained about the malware: “Marcher is one of the few Android banking Trojans to use the AndroidProcesses library, which enables the application to obtain the name of the Android package that is currently running in the foreground.

Marcher has been around since late 2013, but it initially attempted to trick users into handing over their payment card details using Google Play phishing pages. In March 2014, the malware started targeting banks in Germany and, by the summer of 2016, there had already been more than 60 targeted organizations in the U.S., U.K., Australia, France, Poland, Turkey, Spain and other countries.
The malware has been disguised as various popular apps, including Netflix, WhatsApp and Super Mario Run.

Tuesday, 27 June 2017

Warning : Petya Ransomware Hits Banks, Telecom, Businesses & Power Companies.

NotPetya Ransomware just like WannaCry , Petya is a nasty piece of ransomware and works very differently from any other ransomware malware. Unlike other traditional ransomware, Petya does not encrypt files on a targeted system one by one.

Instead, Petya reboots victims computers and encrypts the hard drive's master file table (MFT) and renders the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk.

The attack already hit Ukraine central bank and Russian oil giant Rosneft. Government computers, airports, and large communication companies in Ukraine appear to have been affected as well. US biopharmaceutical giant Merck also confirmed that its network has been compromised as part of the global attack.

"Kaspersky Lab's analysts are investigating the new wave of ransomware attacks targeting organizations across the world. Our preliminary findings suggest that it is not a variant of Petya ransomware as originally reported, but a new ransomware that has not been seen before," the company said in a research note Tuesday afternoon. "That's why we have named it NotPetya."

According to Recorded Future’s Liska, other payloads might also be used in the attack: “There are also reports that the payload includes a variant of Loki Bot in addition to the ransomware. Loki Bot is a banking trojan, it steals usernames and passwords as well as other personal data from the victim machine and sends it to a command and control host.  Which means this attack not only could make the victim's machine inoperable, it could steal valuable information that an attacker can take advantage of during the confusion.’”

Sunday, 25 June 2017

Microsoft Said that: Windows 10 has disabled third-party Anti-Virus

Windows 10 does disable some third-party security software, Microsoft’s application compatibility teams found that roughly 95 per cent of Windows 10 PCs had an antivirus application installed that was already compatible with Windows 10 Creators Update,” said Rob Lefferts, director of security in the Windows and Devices group

But what about the 5 percent that weren’t compatible in Microsoft’s eyes? Lefferts says:"For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed. To do this, we first temporarily disabled some parts of the AV software when the update began. We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating".

Kaspersky is worried that Microsoft is trying the same trick, but – based on Lefferts' post – Redmond is ready to fight such claims "it has designed its own security software to only kick in when "an AV subscription expires, and the AV application decides to stop providing protection to the customer."

Thursday, 22 June 2017

OpenVPN Patches Remotely Exploitable Vulnerabilities

OpenVPN this week patched several vulnerabilities impacting various branches, including flaws that could be exploited remotely.

Four of the bugs were found by researcher Guido Vranken through fuzzing, after recent audits found a single severe bug in OpenVPN. While analyzing OpenVPN 2.4.2, the researcher found and reported four security issues that were addressed in the OpenVPN 2.4.3 and OpenVPN 2.3.17 releases this more

Wednesday, 21 June 2017

Mostly Smartphone Apps share Your Data With Third-Party Services

Most of Smartphone app share your personal data with third-party comapnies like google Analytics, the facebook graph API or etc  , this is data privacy issue.

When people install a new  Android or iOS app, it asks the user's permission before accessing personal information. afthar that these app are collect the information from your phone as like contact number,message and etc.

and it can share your data with anyone the app's developer wants to -- letting third-party companies track where you are, how fast you are moving and what you are doing.
To get a picture of what data are being collected and transmitted from people's smartphones, the researchers from IMDEA Networks Institute in Spain developed a free Android app of their own, called the Lumen Privacy Monitor.

Because Lumen is about transparency, a phone user can see the information installed apps collect in real time and with whom they share these data.
"We try to show the details of apps' hidden behaviour in an easy-to-understand way. It's about research, too, so we ask users if they'll allow us to collect some data about what Lumen observes their apps are doing - but that doesn't include any personal or privacy-sensitive data," the researchers said in a statement released by the institute.

"We discovered 598 internet sites likely to be tracking users for advertising purposes, including social media services like Facebook, large internet companies like Google and Yahoo, and online marketing companies under the umbrella of internet service providers like Verizon Wireless," the study said.

Mobile App Protection

Your mobile applications can present material organizational risk, including intellectual property theft, operational disruption, software piracy, and data loss. Below are some examples.

1.Mobile apps may be modified with malware and placed on the public app marketplace.
2.Mobile apps proprietary business logic can be inspected and/or copied.
3.Mobile apps security and license checks may be circumvented.
4.Debugging mobile apps may allow access to sensitive data such as personally identifiable or regulated information.
5.Reverse engineering mobile apps can readily expose potential vulnerabilities and unlock otherwise secure access to high-value services.

Tuesday, 20 June 2017

Securityweek:Cisco Releases Open Source Malware Signature Generator

Cisco’s Talos intelligence and research group announced on Monday the availability of a new open source framework designed for automatically generating antivirus signatures from malware.
read more

Monday, 19 June 2017

Advertising Program:Facebook chases TV’s US$70b stash with its own video series

Facbook will statrt TV advertising market in its sights,the creation of video series that will begin to appear on the world’s largest social network later this year.

Facebook is closing deals for its first batch of shows, including two that the Hollywood Reporter unveiled earlier this week — reality competition series Last State Standing and a second season of comedy Loosely Exactly Nicole, which first appeared on MTV. The shows will be available via a new video tab on Facebook that hasn’t been released.

Facebook isn’t trying to compete with the highest end of that market — paid services Netflix, HBO and Showtime. It has its sights set on cable networks and advertising-supported online services with young viewers.
“Funding video is a way for Facebook to figure out its greater advertising program,” said Matthew Segal, chief executive officer of ATTN, a digital media company that publishes video to Facebook. “It’s clear they want to be a bigger player in the space; they want to eclipse TV.”

Facebook’s interest in funding video tantalises Hollywood, where producers drool at the thought of another deep-pocketed patron alongside fellow tech giants Inc, Apple Inc and Alphabet Inc. Other new players, like Verizon Communications Inc, have had a harder time, often committing less money to less ambitious shows.

With two billion people checking their news feed every month, Facebook reaches more people than any TV network. “Not only do nearly 100 per cent of people under 35 have an account, but they are spending over 1,000 minutes a month on Facebook,” said ATTN’s Segal.

Facebook is also developing a second tab that will be devoted to the more high-end programming, the people said. Facebook prefers not to put details of the video product in writing and will only discuss it by phone, according to people who have dealt with the company. Facebook has also rankled some potential partners by insisting on selling advertising itself and inserting ads into the middle of live broadcasts, the people said.

Facebook has a small staff handling original programming, not enough to manage a robust operation. Facebook would rather share money from advertising sales than pay for content in the long term.
“The sustainable model is some sort of revenue sharing,” Fidji Simo, Facebook’s head of video product, said in an interview. “The goal is really to get a lot of different partners to come to Facebook share their content and find success. It’s very hard to find that over the long-term by funding.”

Sunday, 18 June 2017

Canada: Hackers Targeted Country's 2015 Election, May Try Again in 2019

Canada’s electronic agency says hackers tried to influence the 2015 election that brought Justin Trudeau to power and may try again in 2019.

In a report, the Communications Security Establishment (CSE) said hacktivists and cybercriminals had leaked sensitive government documents, and attempted to smear candidates and spread disinformation and propaganda ahead of the 2015 vote. read more

Wednesday, 14 June 2017

FBI Warns of North Korea's 'Hidden Cobra' Attacks

The Hidden Cobra group(North Korean government hackers) has been busy targeting victims for the last eight years. they are use Malicious tool as like DDos botent , keyloggers, RATs(remote access tool) and wiper malware.
The group tends to target old runing machine  and unsupported versions of microshoft windows. It has also exploited Adobe Flash Player vulnerabilities and Microsoft Silverlight to get a toehold in environments. Organizations are advised to update to the newest version and patch level; if Flash and Silverlight are no longer needed, then push them to the curb and get those apps is off the of systems.

The FBI investigate and found , the 663 IP addresses listed in the IOC are being used by Hidden Cobra for network exploitation. DHS and FBI want network administrators to add those source and destination IPs to their watchlists to determine if there has been malicious activity within their organizations. The alert also includes YARA rules and network signatures created through a “comprehensive vetting process.”

                                                         Read full news article


Thursday, 25 May 2017

Android warning: Newly-discovered Android exploit" Cloak & Dagger" that can show users a fake screen

The discovery was made by researchers at Georgia Institute of Technology (Georgia Tech), who has tested the vulnerability in closed environments.

How to Avoid that Attack 
The exploit depends primarily on Android’s SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE (“a11y”) to draw interactive elements over real apps.

The first permission, known as "draw on top," is a legitimate overlay feature that allows apps to overlap on a device's screen and top of other apps(Settings>Apps>”Gear symbol”>Special access>Draw over other apps)

1.  New attack found to start with Android users downloading infected apps
2.Hackers overlay screen with false information to gather data without being seen
3.They are able to do this by combining permissions for two certain features 
4.Features involved are very useful in mapping, chat or password manager apps

The two features involved are very useful in mapping, chat or password manager apps, so preventing their misuse will require users to trade convenience for security. 
The attack, dubbed 'Cloak and Dagger', enables cyberthieves to control handsets by overlaying the interface with false information to hide malicious activities being performed underneath


Wednesday, 17 May 2017

North Korea Possibly Behind Ransomware Attacks|| WannaCry

Considered the world’s biggest ransomware attack to date, WannaCry went on rampage over the weekend, hitting targets in 150 countries and infecting over 230,000 computers at its peak. The spread slowed down on Monday, but not before new malware variations emerged.
The ransomware’s weak point was a hardcoded domain used for sandbox evasion, which also served as a kill-switch: once the domain was registered, the malware no longer infected new machines.

"An earlier WannaCry ransomware sample shows code similarities with malware used by a North Korea-linked hacking group responsible for multiple financial and destructive attacks, security researchers say."

Symantec, on the other hand, was also able to pinpoint exactly the Lazarus tools the older WannaCry samples share similarities with. “This SSL implementation uses a specific sequence of 75 ciphers which to date have only been seen across Lazarus tools (including Contopee and Brambul) and WannaCry variants,” the company said.

Last year, Symantec linked the Banswift Trojan that was used in the Bangladesh attack to manipulate SWIFT transactions with early variants of Contopee, which was already known to be used by attackers associated with Lazarus. In their report on Op Blockbuster, BAE Systems also suggested the Bangladesh heist and the 2014 Sony attack were linked.

“Symantec identified the presence of tools exclusively used by Lazarus on machines also infected with earlier versions of WannaCry. These earlier variants of WannaCry did not have the ability to spread via SMB. The Lazarus tools could potentially have been used as method of propagating WannaCry, but this is unconfirmed,” the security firm continues.

Tuesday, 16 May 2017

How to secure personal PC or Laptop

Problem:Virus, Trojan, Worm                                            
Solution :Use Antivirus (McAFee , Norton , etc)

Problem :Malwares (spyware+ adwares)                            
Solution: Use Anti malware's:                                                                              
1.MalwareBytes' Anti-Malware
4.Secunia psi

Problem :Remote Hacking                                                
Solution:Use Zone alarm firewall

Problem :Date & Information thief                                    
Solution :Use best crypt software (jetico)

Problem :Email Hacking          
Solution: Use own System and use password manger.

Problem :Password Hacking                                              
Solution: Use password manger and use virtual keyboard

Problem :Untrusted file                                                    
Solution:  First scan online

Problem :Sniffing                                                                
Solution:Use anti-arp software for arp and dns spoofing.