Introduction to Ethical Hacking

The methods and processes to protect information and information systems from unauthorized access, the disclosure of information, usage or modification. Information security ensures the confidentiality, integrity, and availability. An organization without security policies and appropriate security rules are at great risk, and the confidential information and data related to that organization are not secure in the absence of these security policies. An organization along with well-defined security policies and procedures helps in protecting the assets of that organization from unauthorized access and disclosures. In the modern world, with the latest technologies and platforms, millions of users interacting with each other every minute. These sixty seconds can be vulnerable and costly to the private and public organizations due to the presence of various types of old and modern threats all over the world.

Public internet is the most common and rapid option for spreading threats all over the world. Malicious Codes and Scripts, Viruses, Spams, and Malware are always waiting for you. That is why the Security risk to a network or a system can never eliminate. It is always a great challenge to implement a security policy that is effective and beneficial to the organization instead of the application of an unnecessary security implementation which can waste the resources and create a loophole for threats.

Be secure…
AncusH S. Gaikwad

Apple testing Ultra-Fast Li-Fi Wireless Technology for Future iPhones

 2 hours ago

Apple to make future iPhones compatible with a cutting-edge technology that has the capability to transmit data at 100 times the speed of WiFi, suggests the code found within the iOS firmware.

Apple may ship future iPhones with Li-Fi capabilities, a new technology that may end up replacing the widely-used Wi-Fi in the future technology.

Beginning with iOS 9.1 update, the operating system’s source code makes mention of “LiFiCapability” alongside declarations to other hardware and software capabilities, hinting that Apple may be experimenting with ways to integrate Li-Fi technology with future iPhones models.

Li-Fi compatibility with Future iPhones

Li-Fi compatibility was spotted in the code for iOS 9.1 by a Twitter user, who goes by name Chase Fromm, and was independently confirmed by Apple Insider. However, there is no such indication that Apple is actually working with Li-Fi.

But, as pointed out by Apple Insider, Apple filed a patent application for a device in 2013 that described a method of “optical modulation using an image sensor,” hinting that the company may have been working on new ways to utilize light to transmit data.

What is Li-Fi Technology?

Li-Fi, a next-generation technology invented by Professor Harald Hass of the University of Edinburgh in 2011, is capable of transmitting data via light (i.e. Visible Light Communication or VLC). The thing that makes Li-Fi so compelling is its fastest data transferring speed.

Li-Fi tests have shown it can transmit information more than 100 times faster than a standard Wi-Fi network, with theoretical speeds of around 224 gigabits per second.

This means that you could download multiple high-definition (HD) movies to your iPhone over a LiFi connection in a matter of seconds.

However, it is unclear how Apple intends to make use of LiFi, as, at the present, no technology on the market uses LiFi. So, it could be used for talking to devices, say the Apple TV, within the same room. This is just speculation.

So, is Li-Fi technology likely to be a feature with iPhone 7?

No chance.

Given the early stages of the LiFi technology, it is unlikely to say that it could be a feature with iPhone 7. Although a number of companies are working to commercialize the technology, it is expected that Li-Fi could be ready for commercial use by the end of the decade.

Also, despite promising high speed, LiFi has some limitations. The biggest drawback to the LiFi technology is that it cannot work through walls because visible light cannot penetrate through walls.

Besides this, the LiFi technology also requires a direct line of sight between the transmitter and the device in order to operate.

However, this limitation could be seen as a boon as it make Li-Fi secure from external sniffing. Meanwhile, this also means there is less interference from other devices, making the technology a more secure transfer protocol than standard Wi-Fi.

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.

Be secure…
AncusH S. Gaikwad

earn from Android

नौकरी (job) करने वाले दोस्त कृपया जरूर पढ़ें :-

भारत में लगभग 70% लोग ऐसे हैँ जो 10 से 15000/= की नौकरी करते हैं उनके बॉस या मालिक उनसे 8 से 12 घंटे की कड़ी मेहनत करवाते हैं तब जाकर उन्हें पगार (salary) देते हैं उस पैसे से वे लोग अपने घर का खर्च भी ठीक से नहीं चला पाते दोस्तों मै भी ऐसा ही था सोचता रहता था काश कोई ऐसा काम मिल जाये जिससे मेरे परिवार की सभी जरूरतें पूरी हो जाएं और मुझे जॉब भी ना छोड़नी पड़े आखिर भगवान की कृपा से वो काम मुझे मिल ही गया 3 महीने मैंने इस कंपनी में जैसे मुझे बताया गया वैसे करता गया अब मुझे यहाँ से 10000 रूपये महीना मिल रहे है और यहाँ किसी की गुलामी (नौकरी) नहीं करनी केवल दिन में 2 घंटे अपने android मोबाइल से (घर या ऑफिस कही भी बैठकर) वर्क करना होता है बस और हर महीने income दुगुनी होती जा रही है ।

दोस्तों आपको भी ये बिज़नेस करना है तो संपर्क करे:-

http://champcash.com/89105

नोट :- कृपया वे ही लोग संपर्क करें जिनके पास android मोबाइल हो और फेसबुक तथा whatsapp ठीक से use करना जानते हों

धन्यवाद

Refer ID of Sponsor : 89105

Be secure…
AncusH S. Gaikwad

What is android.

Android Tutorial

Android (/ˈæn.drɔɪd/; an-droyd) is a Linux-based operating system[11] designed primarily for touchscreen mobile devices such as smartphones andtablet computers. Initially developed by Android, Inc., which Google backed financially and later bought in 2005,[12] Android was unveiled in 2007 along with the founding of the Open Handset Alliance: a consortium of hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.[13] The first Android-powered phone was sold in October 2008.[14]

Android is open source and Google releases the code under the Apache License.[11] This open source code and permissive licensing allows the software to be freely modified and distributed by device manufacturers, wireless carriers and enthusiast developers. Additionally, Android has a large community of developers writing applications (“apps”) that extend the functionality of devices, written primarily in a customized version of the Java programming language.[15] In October 2012, there were approximately 700,000 apps available for Android, and the estimated number of applications downloaded from Google Play, Android’s primary app store, was 25 billion.[16][17] A developer survey conducted in April–May 2013 found that Android is the most popular platform for developers, used by 71% of the mobile developer population.[18]

These factors have contributed towards making Android the world’s most widely used smartphone platform,[19] overtaking Symbian in the fourth quarter of 2010,[20] and the software of choice for technology companies who require a low-cost, customizable, lightweight operating system for high techdevices without developing one from scratch.[21] As a result, despite being primarily designed for phones and tablets, it has seen additional applications on televisions, games consoles, digital cameras and other electronics. Android’s open nature has further encouraged a large community of developers and enthusiasts to use the open source code as a foundation for community-driven projects, which add new features for advanced users[22] or bring Android to devices which were officially released running other operating systems.

Android’s share of the global smartphone market, led by Samsung products, was 64% in March 2013.[23] In July 2013 there were 11,868 different Android devices, scores of screen sizes and eight OS versions simultaneously in use.[24] The operating system’s success has made it a target for patent litigation as part of the so-called “smartphone wars” between technology companies.[25][26] As of May 2013, a total of 900 million Android devices have been activated and 48 billion apps have been installed from the Google Play store.[27][28]

Android, Inc. was founded in Palo Alto, California in October 2003 by Andy Rubin (co-founder of Danger),[29] Rich Miner (co-founder of Wildfire Communications, Inc.),[30] Nick Sears[31] (once VP at T-Mobile), and Chris White (headed design and interface development at WebTV)[12] to develop, in Rubin’s words “smarter mobile devices that are more aware of its owner’s location and preferences”.[12] The early intentions of the company were to develop an advanced operating system for digital cameras, when it was realised that the market for the devices was not large enough, and diverted their efforts to producing a smartphone operating system to rival those of Symbian and Windows Mobile (Apple’s iPhone had not been released at the time).[32] Despite the past accomplishments of the founders and early employees, Android Inc. operated secretly, revealing only that it was working on software for mobile phones.[12] That same year, Rubin ran out of money. Steve Perlman, a close friend of Rubin, brought him $10,000 in cash in an envelope and refused a stake in the company.[33]

Google acquired Android Inc. on August 17, 2005, making it a wholly owned subsidiary of Google. Key employees of Android Inc., including Rubin, Miner and White, stayed at the company after the acquisition.[12] Not much was known about Android Inc. at the time, but many assumed that Google was planning to enter the mobile phone market with this move.[12] At Google, the team led by Rubin developed a mobile device platform powered by the Linux kernel. Google marketed the platform to handset makers and carriers on the promise of providing a flexible, upgradable system. Google had lined up a series of hardware component and software partners and signaled to carriers that it was open to various degrees of cooperation on their part.[34][35][36]

Speculation about Google’s intention to enter the mobile communications market continued to build through December 2006.[37] Reports from the BBCand the Wall Street Journal noted that Google wanted its search and applications on mobile phones and it was working hard to deliver that. Print and online media outlets soon reported rumors that Google was developing a Google-branded handset. Some speculated that as Google was defining technical specifications, it was showing prototypes to cell phone manufacturers and network operators. In September 2007, InformationWeek covered an Evalueserve study reporting that Google had filed several patent applications in the area of mobile telephony.[38][39]

On November 5, 2007, the Open Handset Alliance, a consortium of technology companies including Google, device manufacturers such as HTC, Sony and Samsung, wireless carriers such as Sprint Nextel and T-Mobile, and chipset makers such as Qualcomm and Texas Instruments, unveiled itself, with a goal to develop open standards for mobile devices.[13] That day, Android was unveiled as its first product, a mobile device platform built on the Linux kernel version 2.6.[13] The first commercially available phone to run Android was the HTC Dream, released on October 22, 2008.[40]

Since 2008, Android has seen numerous updates which have incrementally improved the operating system, adding new features and fixing bugs in previous releases. Each major release is named in alphabetical order after a dessert or sugary treat; for example, version 1.5 Cupcake was followed by 1.6 Donut. The latest release is 4.3 Jelly Bean.[41] In 2010, Google launched its Nexus series of devices—a line of smartphones and tablets running the Android operating system, and built by a manufacturer partner. HTC collaborated with Google to release the first Nexus smartphone,[42] theNexus One. The series has since been updated with newer devices, such as the Nexus 4 phone and Nexus 10 tablet, made by LG and Samsung respectively. Google releases the Nexus phones and tablets to act as their flagship Android devices, demonstrating Android’s latest software and hardware features.

 

On 13 March 2013, it was announced by Larry Page in a blog post that Andy Rubin had moved from the Android division to take on new projects at Google.[43] He was replaced by Sundar Pichai, who also continues his role as the head of Google’s Chrome division,[44] which develops Chrome OS.

 

Android consists of a kernel based on Linux kernel version 3.x (version 2.6 prior to Android 4.0 Ice Cream Sandwich), with middleware, libraries and APIswritten in C, and application software running on an application framework which includes Java-compatible libraries based on Apache Harmony. Android uses the Dalvik virtual machine with just-in-time compilation to run Dalvik ‘dex-code’ (Dalvik Executable), which is usually translated from Java bytecode.[66] The main hardware platform for Android is the ARM architecture. There is support for x86 from the Android-x86 project,[6] and Google TVuses a special x86 version of Android. In 2013, Freescale announced Android on its i.MX processor, i.MX5X and i.MX6X series.[67] In 2012 Intel processors began to appear on more mainstream Android platforms, such as phones.[68]

Android’s Linux kernel has further architecture changes by Google outside the typical Linux kernel development cycle.[69] Android does not have a native X Window System by default nor does it support the full set of standard GNU libraries, and this makes it difficult to port existing Linux applications or libraries to Android.[70] Support for simple C and SDL applications is possible by injection of a small Java shim and usage of the JNI[71] like, for example, in the Jagged Alliance 2 port for Android.[72]

Certain features that Google contributed back to the Linux kernel, notably a power management feature called “wakelocks”, were rejected by mainline kernel developers partly because they felt that Google did not show any intent to maintain its own code.[73][74][75] Google announced in April 2010 that they would hire two employees to work with the Linux kernel community,[76] but Greg Kroah-Hartman, the current Linux kernel maintainer for the stable branch, said in December 2010 that he was concerned that Google was no longer trying to get their code changes included in mainstream Linux.[74] Some Google Android developers hinted that “the Android team was getting fed up with the process,” because they were a small team and had more urgent work to do on Android.[77]

In August 2011, Linus Torvalds said that “eventually Android and Linux would come back to a common kernel, but it will probably not be for four to five years”.[78] In December 2011, Greg Kroah-Hartman announced the start of the Android Mainlining Project, which aims to put some Android drivers, patches and features back into the Linux kernel, starting in Linux 3.3.[79] Linux included the autosleep and wakelocks capabilities in the 3.5 kernel, after many previous attempts at merger. The interfaces are the same but the upstream Linux implementation allows for two different suspend modes: to memory (the traditional suspend that Android uses), and to disk (hibernate, as it is known on the desktop).[80] The merge will be complete starting with Kernel 3.8, Google has opened a public code repository that contains their experimental work to re-base Android off Kernel 3.8.[81]

The flash storage on Android devices is split into several partitions, such as “/system” for the operating system itself and “/data” for user data and app installations.[82] In contrast to desktop Linux distributions, Android device owners are not given root access to the operating system and sensitive partitions such as /system are read-only. However, root access can be obtained by exploitingsecurity flaws in Android, which is used frequently by the open source community to enhance the capabilities of their devices,[83] but also by malicious parties to install viruses and malware.[84]

Whether or not Android counts as a Linux distribution is a widely debated topic, with the Linux Foundation[85] and Chris DiBona,[86] Google’s open source chief, in favour. Others, such as Google engineer Patrick Brady disagree, noting the lack of support for many GNU tools, including glibc, in Android.[87]

 

This chart provides data about the relative number of devices running a given version of the Android platform as of July 8, 2013.

Version

Code name Release date API level Distribution 4.3 Jelly Bean July 24, 2013 18 0.0% 4.2.x Jelly Bean November 13, 2012 17 5.6% 4.1.x Jelly Bean July 9, 2012 16 32.5% 4.0.3–4.0.4 Ice Cream Sandwich December 16, 2011 15 23.3% 3.2 Honeycomb July 15, 2011 13 0.1% 3.1 Honeycomb May 10, 2011 12 0% 2.3.3–2.3.7 Gingerbread February 9, 2011 10 34.1% 2.3–2.3.2 Gingerbread December 6, 2010 9 0% 2.2 Froyo May 20, 2010 8 3.1% 2.0–2.1 Eclair October 26, 2009 7 1.5% 1.6 Donut September 15, 2009 4 0.1% 1.5 Cupcake April 30, 2009 3 0%

Be secure…
AncusH S. Gaikwad

How to hack Wi-Fi Password from smart doorbell.

How to Hack WiFi Password from Smart Doorbells

January 13, 2016 3:07 PM

The buzz around The Internet of Things (IoT) is growing, and it is growing at a great pace. 

Every day the technology industry tries to connect another household object to the Internet. One such internet-connected household device is a Smart Doorbell.

Gone are the days when we have regular doorbells and need to open the door every time the doorbell rings to see who is around.

However, with these Internet-connected Smart Doorbells, you get an alert on your smartphone app every time a visitor presses your doorbell and, in fact, you can also view who’s in front of your door.

Moreover, you can even communicate with them without ever opening the door. Isn’t this amazing? Pretty much.

But what if your doorbell Reveals your home’s WiFi password?

Use Smart Doorbell to Hack WiFi Password

Until now, we have seen how hackers and researchers discovered security holes in Smart CarsSmart refrigeratorsSmart kettles and Internet-connected Toys, raising questions about the security, privacy, and potential misuse of IoTs.

Now, security researchers at UK consultancy Pen Test Partners have discovered a critical security hole in Wi-Fi-enabled video doorbell that could be used to expose the home network password of users.

The security hole is uncovered in Ring – a modern IoT Smart doorbell that connects to the user’s home WiFi network, allowing them to view who is in front of the door with the help of their mobile device, even if the user is not at home.

Additionally, the Smart doorbell also gives users option to hook up to some smart door locks, so users can let their guests or family members into their home even if they are not in the house.

Researchers were impressed by the functionality of Ring, though shocked when analysed the security of the device that allowed them to discover the home user’s WiFi password.

Press Button, Access a URL and Get WiFi Password!

As researchers explain, with the help of screw gauge, anyone can detach the doorbell mounted on the outside of the house and press the orange button ( given on its back), which puts the device’s wireless component in AP ( Access Point) mode.

“Pressing the setup button [puts] the doorbell’s wireless module (a Gainspan wireless unit) into a setup mode, in which it acts as a Wi-Fi access point,” the company’s consultant David Lodge explains in a blog post.

You can then use your mobile phone to connect to the server, via a specific URL ( http://192.168.240.1/gainspan/system/config/network).

When accessed, the above URL will reveal the wireless module’s configuration file in the web browser, including the home WiFi network’s SSID and PSK (Pre-Shared Key, a.k.a. password) in clear text.

Now, you just need to do is put the Smart doorbell back on the house’s wall and disappear.

Since home WiFi networks have always been trusted by their owners who connect their devices to them, having access to this network, hackers can launch other malicious attacks against the victim’s workstations, and other smart devices.

Researchers reported the security hole to Ring that resolved the issue via a firmware update released just two weeks after they were notified.

Be secure…
AncusH S. Gaikwad

US inteligence hacked by teen

US Intelligence Chief Hacked by the Teen Who Hacked CIA Director

noreply@blogger.com (Swati Khandelwal) / 24 minutes ago

Nation’s Top Spy Chief Got Hacked!

The same teenage hacker who broke into the AOL email inbox of CIA Director John Brennanlast October has now claimed to have broken into personal email and phone accounts of the US Director of National Intelligence James Clapper.

Clapper was targeted by the teenage hacker, who called himself Cracka and claimed to be a member of the hacker group Crackas with Attitude (CWA) that made headlines in October for hacking into CIA Director’s email and accessing several online portals and tools used by US law enforcement agencies.

Trove of Information Related to Top Spy Chief Hacked!

Cracka told Motherboard that he had access to a series of accounts connected to Clapper, including:

Home telephone accountInternet accountsPersonal email accountsHis wife’s Yahoo email

The spokesperson for the Office of theDirector of National Intelligence (DNI) Brian Hale confirmed the intrusion on Tuesday, saying that they were aware of the hacking incident and had reported it to appropriate authorities. Though, he declined to provide any other details.

However, just having his hands on Clapper’s online accounts wasn’t enough for Cracka. He also claimed to have changed the settings of Clapper’s Verizon FiOS account, so that every incoming call to his house number would get redirected to the Free Palestine Movement.

Cracka also provided a list of call logs to Clapper’s home number and what he claimed were screenshots from his wife Susan’s Yahoo email account, as well as Clapper’s email account, though the authenticity of the screenshots is not verified.

Here’s How the Hacker Able to Do this:

The hacking incident was likely the result of social engineering techniques used to guess Clapper’s passwords or security questions through research and web searches into his life or by spoofing service providers to get them to disclose information.

As CWA mentioned earlier, their actions are all in support of the Palestine cause. “I’m pretty sure they don’t even know they’ve been hacked,”Cracka told the publication.

Twitter suspended CWA account, but the teenage hacker created a new Twitter account (@dickreject) to taunt the US federal authorities.

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.

Be secure…
AncusH S. Gaikwad

Don’t believe on antivirus

Antivirus Allows Hackers to Steal all Your Passwords

January 12, 2016 9:44 AM

If you have installed Trend Micro’s Antivirus on your Windows computer, then Beware.

Your computer can be remotely hijacked, or infected with any malware by even through a website – Thanks to a critical vulnerability in Trend Micro Security Software.

The Popular antivirus maker and security firm Trend Micro has released an emergency patchto fix critical flaws in its anti-virus product that allow hackers to execute arbitrary commands remotely as well as steal your saved password from Password Manager built into its AntiVirus program.

The password management tool that comes bundled with its main antivirus is used to store passwords by users and works exactly like any other password manager application.

Even Websites Can Hack Into Your Computer

Google’s Project Zero security researcher, Tavis Ormandy, discovered the remote code execution flaw in Trend Micro Antivirus Password Manager component, allowing hackers to steal users’ passwords.

In short, once compromised, all your accounts passwords are gone.

Technically, The Password Manager component within the Antivirus suite works by starting a Node.js server on the local computer, by default, every time the main antivirus starts.

When analyzed the Password Manager component, Ormandy found that the Node.jsserver leaves a number of HTTP RPC ports used for handling API requests open to the world.

Available at ” http://localhost:49155/api/,” hackers could craft malicious links that, when clicked by a user with Trend Micro antivirus installed, would allow them to execute arbitrary code on the local computer with zero user interaction.

In short, an attacker could easily remotely download malicious code and execute it on your machine, even without your knowledge.

Besides this, Ormandy also found that the Trend Micro Password Manager also exposes over 70 APIs through this same Node.js server.

More? Trend Micro Uses Self-Signed SSL Certificate

Just like Lenovo’s Superfish and Dell’seDellRoot, Trend Micro also adds a self-signed security certificate to its user’s certificate store, so that its users will not see any HTTPS errors.

Ormandy said, “ this thing is ridiculous.

Trend Micro installs a self-signed HTTPS certificate that can intercept encrypted traffic for every website a user visits.

Ormandy reported the issue to Trend Micro’s team and helped them create a patch for it, which is now available to address the remote-code execution flaw. SO, Trend Micro users are advised to update their software as soon as possible.

Be secure…
AncusH S. Gaikwad

hack to prison.

26-Year-Old Hacker Sentenced to Record 334 Years in Prison

January 11, 2016 3:40 AM

A 26-year-old hacker has been sentenced to 334 years in prison for identity theft as well as mass bank fraud in Turkey, or in simple words, he has been sentenced to life in prison. Named Onur Kopçak, the hacker was arrested in 2013 for operating a phishing website that impersonated bank site, tricking victims into providing their bank details including credit card

Be secure…
AncusH S. Gaikwad

Bitcoin Quit

Bitcoin Core Developers Quit Bitcoin Project to Launch a New Digital Currency

noreply@blogger.com (Swati Khandelwal) / 1 day ago

Some of Bitcoin’s Core developers have left the Bitcoin project and started building their separate cryptocurrency called DECRED.

Decred aims to prevent the issues Bitcoin is currently facing regarding project governance and development funding.

CEO of ‘Company 0‘, Mr. Jacob Yocom-Piatt, who has funded Bitcoin development since early 2013, said the actual development of the Bitcoin cryptocurrency is funded by external entities that forms a conflict of interests between the groups and the project’s core developers.

According to Bitcoin’s developers, these group puts limitations on input in Bitcoin’s governance, selecting options that are favorable to their own interests only, and generally ignoring the developers’ and project’s best interests.

“The Bitcoin software is controlled by a small group of people who decide exclusively what can and cannot be changed,” Jacob says in a press release.
“This is in part due to a lack of mechanisms and pathways for funding development work directly from the community, and, as a result, Bitcoin development is funded by external entities that create conflicts of interest between the developers and the representative power of the community that uses Bitcoin.”

So, in order to address this issue, some of the Bitcoin developers have joined hands with the makers of the widely used BTCsuite and are now building their own new digital currency called DECRED.

What is DECRED?

Decred, managed and funded by Company 0 LLC, is an open and progressive cryptocurrency that will adopt a more decentralized community-based governance integrated into its blockchain.

The team has the advantage to make Decred a really great product as they already have experience with Bitcoin.

Some Highlights of DECRED

Decred intends to include a long list of features such as:

Implementation of consensus system based on proof-of-work and proof-of-stake systemDecred development is self-funded and open with block subsidyDecred uses Blake-256 hashing algorithmDecred may be compatible with BitcoinDecred community members will be involved in making bottom-up non-financial decision making easierIt will use secp256k1 signature scheme or Ed25519/secp256k1-Schnorr for better integration into existing software and make good use of the features offered by Schnorr signatures respectivelyDecred uses Go as a codebase for development

Decred has an Airdrop scheduled for next month (20 days and a few hours from now) where they’ll be giving out 4 percent of the total Decred supply to all participants.

Interested developers can take part in the Airdrop by filling in their details on Decred website.

About the author

Swati Khandelwal is Senior Technical Writer and Security Analyst at The Hacker News. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

Latest Stories

Comments ()

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers

Be secure…
AncusH S. Gaikwad