Monday, October 23, 2017

Learn to hide your Files



I'm going to introduce a software called "mylockbox" which allows you to hide and protect your data from unauthorized access.

First of all you have to download the software using below link.
https://my-lockbox.en.softonic.com/

Once you dowload the software you can see a zip file and extract it.
This is a normal installation like other mini 
software.

Installation Process 















After that click on Finish !!!!

Then open the software,you can see a dialog box like this.

Enter password -> give a strong password more than 8 characters including upper & lower case, special characters, symbols and numbers. Ex: *gsWjk56@3

Confirm Password-> Re-enter the password that you have been entered.

Hint-> Enter some hint if you really want to remember the password.

Email->Please enter a valid email address,Because it's help your to recover the password when you unable to remember.


Then you have to choose a file, folder or partition which you wish to hide your data.



Then if you want to unlock your data,Simply double click on the software and enter the password.Then you can see your data as it is.

Friday, October 20, 2017

Are we safe in WhatsApp ?



I'm sure that almost all of us have used WhatsApp  but the big question is are we secure enough?

Well that's why i'm writing this blog post to let you know the security issues that you should pay  attention to.

Imagine what if If WhatsApp were forced to create a backdoor into its service that allowed governments to spy on suspected terrorists, it would compromise the security of millions of users data.Another fact we have to pay attention is that WhatsApp claims this loophole exists so that if someone changes their phone, and therefore their automatic security key, messages will still send so as not to disrupt service. 


Unencrypted Backups

There is an end to end encryption system , that means that only your device has the ability to decode them. This stops your messages being intercepted during transmission , but it doesn't mention of their safety while on the device. On both iOS and Android it is possible to create a backup of your messages to either iCloud or Google DriveThe backups that WhatsApp create contain the decrypted messages on your device.


Encryption Vulnerabilities

Keys are used to verify the messages transmitted . This key can be changed when reinstalling the app or moving to a new phone.
How ever WhatsApp had the ability to change security keys for offline users, they may be able to intercept and decrypt messages. WhatsApp could then force you to resend your messages with the new security key, and allow themselves access to the messages.



Now lets find out some answers for some common questions people have about the security in WhatsApp

Do we have to turn on encryption ?


As a user, you don’t have to turn this feature on, nor can you turn it off. You should receive a message within your chats if you are using the latest version of the app (which is required) to let you know the change has been implemented for you.


Whats the End to end encryption meaning ?


When you send a message, it can only be ‘unlocked’ by the intended recipient.

Thursday, October 19, 2017

Linux Basics - Directory and File Commands




Before moving to commands related to files and directory manipulation commands, it is important to understand the structure of the file system in Linux.




Unlike in Windows file system where you can find separate partitions like C:/, Linux has a root directory denoted by /. root directory is the beginning of the Linux file system.
Root directory contains sub directories and files.

No 01 :-   ls

The ls command - the list command - functions in the Linux terminal to show all of the major directories filed under a given file system. For example, the command:

 

No 02 :- cd

The cd command - change directory - will allow the user to change between file directories. As the name command name suggest, you would use the cd command to circulate between two different directories.

No 03:- mv

The mv command - move - allows a user to move a file to another folder or directory. Just like dragging a file located on a PC desktop to a folder stored within the "Documents" folder, the mv command functions in the same manner.

No 04:- man

The man command - the manual command - is used to show the manual of the inputted command. Just like a film on the nature of film, the man command is the meta command of the Linux CLI.

No 05 :- mkdir

The mkdir - make directory - command allows the user to make a new directory. Just like making a new directory within a PC or Mac desktop environment, the mkdir command makes new directories in a Linux environment.

No 06:- rmdir

The rmdir - remove directory - command allows the user to remove an existing command using the Linux CLI.

 

Database Security



Databases often hold the major importance of an organization; Its’ transactions, customers, employee info, financial data for both the company and its customers, and much more are all included in databases, mostly controlled by the hands of a database administrator with no security training. 

Database security and integrity are essential aspects of an organization’s security posture.


What Is Database Security?


Database security, protects the confidentiality, integrity and availability of an organization’s databases.Database security should consist of the following

  1. Software – software is used to ensure that people can’t gain access to the database through viruses, hacking, or any similar process.
  2. Physical controls – an example of a physical component of database security could be the constant monitoring of the database by company personnel to allow them to identify any potential weaknesses and/or compromises.
  3. Administrative controls – this refers to things like the use of passwords, restricting the access of certain people to certain parts of the database, or blocking the access of some company personnel altogether.


functions of database security include

  • Blocking attacks from unauthorized users or hackers. 
  • Preventing malware infections and stopping viruses stealing data.
  • Ensuring that physical damage to the server doesn’t result in the loss of data.
  • Prevents data loss through corruption of files or programming errors.

Database Security Best Practices:

  • Protect against SQL injections by using parameterized queries to keep malicious queries out of your database.
  • Ensure your database administrators both understand the business value and importance of ensuring your databases are secured and extending them the resources to do so properly.
  • Static Code Analysis is an essential tool for organizations developing applications as portals to databases to slash SQL injection, buffer overflow, and mis-configuration issues.
  • Maintain CIA by keeping your databases up to date, removing any unknown components, and enforcing least privilege parameters to ensure the confidentiality, integrity and availability of your databases.
  • To maintain availability, employ an Uninterruptible Power Supply, or UPS, to ensure any forced shutdown doesn’t cause data loss.

How to make you mobile theft proof


Following are few steps that you can follow to secure your mobile devices form attackers. Security countermeasures are being developed and applied to Smartphone, from security in different layers of software to the dissemination of information to end users. There are good practices to be observed at all levels, from design to use, through the development of operating systems , software layers, and downloadable apps.


How to
1.      Add protection
You can activate the security features in the phone. Apple device users can enable the “Find My iPhone” or “Find My iPad” feature in iCloud, which will help them locate the device if it is missing and erase the data on it. New Apple devices also include an activation lock feature that prevents the devices from being reactivated without the owner’s credentials. Android device users can log into Android Device Manager to locate their devices on a map and set up the lock and erase capabilities.
2.      Set a strong password
choose long, complex passwords for their devices, instead of using the standard four-digit code. A strong password is at least eight characters long and includes a combination of letters, numbers and special characters. Employees should also set their screens to lock after a period of inactivity — for example, two minutes.A strong password can provide a valuable layer of protection for mobile data.
What to do if your device is lost or stolen

1.       Report the missing device

Contact the specialist organization to stop the record to anticipate unapproved utilization. The transporter may likewise add the gadget to a worldwide database of boycotted telephones, which can help prevent another client from initiating it. Additionally tell the police and give them the gadget's area and whatever other data that could recover it.

2.       Wipe the Device


If you believe sensitive data stored on the device may be at risk, wipe it remotely. This will reset the device to its factory installed settings. Any passwords stored on the phone should be changed as an extra precaution. For example, if an email password is automatically saved in an email application or a banking password is kept in a note-taking app on the device, the owner should log into the email or banking service from another device and reset it.

Contact the service provider to put a hold on the account to prevent unauthorized usage. The carrier may also add the device to a global database of blacklisted phones, which can help stop another user from activating it. Also notify the police and give them the device’s location and any other information that could help to retrieve it.

What are the consequences of mobiles not being secured?

·         The attacker can change your phone to a zombie machine
·         A compromised Smartphone can record conversations between the user and others and send them to a third party
·         The attacker can prevent the operation and/or be starting of the Smartphone by making it unusable

·         The attacker can remove the personal (photos, music, videos, etc.) or professional data

Cyber espionage



Cyber espionage is a threat that’s being heard more and more all the time and there have been a flood of stories in 2009 on this subject. Most of these incidents surround government bodies and agencies and therefore have not been a huge threat to most individual organizations. However, since cyber espionage has major implications for the government, it is a rising threat that must be closely monitored. 



Who performs these acts ?

Normally these are done by attack groups. Other than attack groups
·         state actors whom are acting on behalf of a governmental body
·          patriotic hackers
·          Hacktivists
·          Scammers
·          Data thieve
All of the above can be involved in cyber espionage.
Some attackers are out to steal intellectual property in order to damage businesses, others are going after sensitive government.

What are the objectives of cyber espionage?

·         Steal valuable trade secrets
·         Surveillance virus
·         Intellectual property
·         Confidential business strategies.
·         To eavesdrop on financial transactions
·         Disable industrial control systems.
·         Political reasons( nuclear, weapons)
·        Intimidation
Now let’s get to know the reasons behind these attacks.


What are the reasons of cyber espionage?

·         To gain knowledge or information of nations military operations
·         To identify the strength of other nations and to zero in on infrastructure
·         To have a competitive advantage against adversaries
·         To build defense and weaken other states
·         To generate revenue
·         To destroy critical infrastructure of victims
·         To gather intelligence of operations

Counter measures for cyber espionage

·         Patch management
·         Configuration management
·         Antivirus
·         Encryption
·         Firewalls
·         Intrusion Detection and Intrusion Prevention System
·         Biometric locks
·         Access control lists
·         Vulnerability and Risk Assessments
·         Authentication and Authorization










How Passwords are stolen!




Ever wondered how your passwords could get to the hands of hacker ? well lets get to know how.
I have listed few ways on how your passwords could get to the hands of hacker and a guide on how to create a proper password.


·         Dictionary attacks
Dictionary attacks are done using programs that cycle through a predetermined list of common words often used in passwords. Passwords with words or phrases are weak and that the easiest for these programs to predict. To protect your accounts from dictionary attacks do not use common words and phrases in your passwords.

How to protect your user passwords from dictionary attacks
  1. Change your passwords regularly.
  2. Do not use common words or phrases in your password.
  3. Do not write down your passwords, or share them with others.
  4. Use two-factor authentication (link is external)as an extra layer of protection .
  5. Do not use again the same password across different websites.

·        Password crackers

A password cracker is a program used to crack passwords by brute force, trying again and again millions of combinations of characters, until your password is detected. Shorter and less complex passwords are quicker to guess for the program. Longer and complex passwords take much longer to guess. If this is the case, the attacker is more likely to use a dictionary attack because of the lengthy amount of time it will take for the program to figure out the password. To protect your user passwords from password crackers use complex passwords.

How to create a complex password
  1. Never use commonly used passwords like “123456,” “password,” “qwerty,” or a word like “apple.”
  2. You must never use phone numbers, addresses, birthdays, your SSN or your name, the name of a family member or pet in your password.
  3. Always try to use a combination of lowercase and uppercase letters, numbers and symbols in your passwords.
  4. Create passwords  at least eight characters long as passwords with more characters and symbols are more difficult to guess.
  5. Do not use words or phrases.

What you must do if you suspect that your password have been compromised?

First things first , do not delay you must act fast.

  • Try to figure out  the kind of attack. Was it an online breach or a POS breach?
  • Use two-factor authentication whenever it is able to use.
  • Monitor potentially compromised accounts, especially your online banking accounts.
  • Alter your passwords to complex passwords on all of your accounts, especially if you tend to reuse the same passwords for different websites.













Let’s get to know about Logic Bomb and Time bomb

In a computer program, a logic bomb, also called slag code, is programming code, inserted surreptitiously or intentionally, that is designed to execute (or "explode") under circumstances such as the lapse of a certain amount of time or the failure of a a program user to respond to a program command. To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software It is in effect a delayed-action computer virus or Trojan horse. A logic bomb, when "exploded," may be designed to display or print a spurious message, delete or corrupt data, or have other undesirable effects

Some logic bombs can be detected and eliminated before they execute through a periodic scan of all computer files, including compressed files, with an up-to-date anti-virus program. For best results, the auto-protect and e-mail screening functions of the anti-virus program should be activated by the computer user whenever the machine is online. In a network, each computer should be individually protected, in addition to whatever protection is provided by the network administrator. Unfortunately, even this precaution does not guarantee 100-percent system immunity.

Time Bomb



When a logic bomb is programmed to execute when a specific date is reached, it is referred to as a time bomb. Time bombs are usually programmed to set off when important dates are reached, such as Christmas or Valentine’s Day. Disgruntled employees have created time bombs to execute within their organizations’ networks and destroy as much data as possible in the event that they are terminated. The malicious code will remain dormant as long as the programmer exists in the organization’s payroll system.

How to Prevent them
  • Do not download pirated software 
  • Install the latest operating system patches
  • Be careful with installing shareware/freeware applications
  • Be cautious when opening email attachments 
  • Do not click on suspicious web links
  • Always update your antivirus software 

Wednesday, October 18, 2017

Key Logger for Widows , Linux and Mac



A key logger is a program that records your keystrokes, and this program saves them in a log file on your local computer.


Installing Simple Keylogger

Windows

To change visibility of the window set the #define in line 6 to visible or invisible.
Simply compile into an .exe, and then run. Visual Studio is good for this.
  • invisible  makes the window of the logger disappear, and it also starts up hidden from view. Note that it is still visible in the task manager.
  • Visible  is visible, and the window does not close when typing. Great for testing it out.
Both of these save the keystrokes to a .txt file when closed.

Mac

This is a little more complicated. Please note, it does not work for secure areas such as password inputs. I have not found a work around yet.

Installation

Download the repo. It will install in  /usr/local/bin/keylogger.
Install it:
$ git clone https://github.com/GiacomoLaw/Keylogger && cd keylogger
$ make && make install
It will log to /var/log/keystroke.log. This may require root access, but you can change that if you want. Set where you want it to log:
$ keylogger ~/logfile.txt
Want to make it start on system startup?
$ sudo make startup
 That will run it on startup.

Uninstall

$ sudo make uninstall
Will uninstall the program, but not the logs.






Test Images

Below images  are being used for the   Hashtag Generator and Content Authenticator research .