Posts

From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

Image
Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as 'Not Secure' in its years-long effort to make the web a more secure place for Internet users. So if you are still running an insecure HTTP (Hypertext Transfer Protocol) website, many of your visitors might already be greeted with a ' Not Secure ' message on their Google Chrome browser warning them that they can't trust your website to be secure. By displaying 'Not Secure,' Google Chrome means that your connection is not secure because there is no SSL Certificate to encrypt your connection between your computer and the website's server. So, anything sent over a non-HTTPS connection is in plain text, like your password or payment card information, allowing attackers to snoop or tamper with your data. The non-https connection has been considered dangerous particularly for web pages that transfer sensitive information—like login pages and paym

Mozilla Club Patan Leads 2 Districts for LogOut - Cyber Awareness Campaign

Image
Hi Geeks, I'm Dipak Parmar, Club Leader at Mozilla Club Patan, a professional cyber-security enthusiast and a Mozillian who really gets excited when gets opportunity to work on any kind of project in this domain, as I begin my journey with Mozilla community I have been with them from past 2 years. I met the Mozilla Gujarat team at MakerFest 2016 Ahmedabad.  The year after I found "the hacker meetup" event is happening in the city and I'm interested to learn more about cyber security and get in touch with Viral Parmar CEO of ComExpo Cyber Security and Mozillian Rep. His Project LogOut - Cyber Awareness Campaign is selected by the Mozilla. So when I found out that “Viral Parmar” was organizing a cyber-awareness conference (LOGOUT Gujarat’s 1st Cyber Awareness Conference) in Ahmedabad, I applied to be a part of working team so that I could get involved and contribute to what I am positive will become an important privacy and cybersecurity conference over time.

Kali Linux 2017.2 Released with Powerful New Tools

Image
Kali Linux is a Penetration Testing Distribution based on Debian. Developed by Offensive Security. It is the world’s most capable and famous security testing platform, utilized by security experts in an extensive variety of specializations, including penetration testing, forensics, reverse engineering, and vulnerability assessment. Kali Linux 2017.2 With the new release, they have added dozens of Powerfull tools and also updates for existing tools, if you are kali lover then it’s time to Upgrade by using following Commands. First Time users can download from here . Some New Tools hurl  – a beneficial little hexadecimal and URL encoder/decoder phishery  – phishery lets you inject SSL-enabled basic auth phishing URLs into a .docx Word document ssh-audit  – an SSH server auditor that checks for encryption types, banners, compression, and more apt2  – an Automated Penetration Testing Toolkit that runs its own scans or imports results from various scanners, and t

Info Security Can Save Your Identity

Image
Cyber security has become a hot topic throughout businesses and organizations as new technology continues to develop. In the past several years the world has evolved around technology tremendously, making it hard for people to keep up and adapt to it. As new phones, computers, automated tellers, and security devices become familiar around the world; there are also people determined to break into them, as opposed to utilizing them correctly. These people are known as hackers, and they are dangerous. Their intention is to steal, bribe, and or threaten technology users for their information. Safety in the household, at work, and in the economy have increasingly developed into daily task items. Whether that means enabling a home safety device, locking a computer at work, or even encrypting bank information. The number of hackers increases daily around the globe and their actions ranging from spamming your email to as far as stealing encrypted data from banks and capital markets. The U

Ubuntu Linux for Windows 10 Released

Image
Windows and Linux in the same line? Yes, you heard that right... and that too, on the same computer and within the same operating system. Two months ago, Microsoft announced its plans to let its users install  three different flavours of the Linux  operating system –  Ubuntu ,  Fedora , and  SUSE  – directly through their Windows Store, allowing them to run Windows and Linux apps side-by-side. Now, downloading an entire operating system has just become as easy as downloading an application with the availability of popular Linux distro  'Ubuntu' in the Windows App Store . However, unlike a conventional Ubuntu installation, this Ubuntu version runs in a sandboxed alongside Windows 10 with limited interaction with the operating system and is focused on running regular  command-line utilities like bash or SSH  as a standalone installation through an Ubuntu Terminal. For now, Ubuntu is currently only available to Windows 10 Insiders users and would be made available

This Website Has Leaked Details of Reliance Jio Users in India

Image
On Sunday evening, a website called “magicapk.com” surfaced that contained the personal data of millions of Reliance Jio users. Screenshot of leaked Jio data. Credit: Twitter New Delhi:   A website that reportedly contained the personal data of millions of Reliance Jio users surfaced on Sunday evening and crashed later that night presumably due under a high load of web traffic. At roughly 6 pm on Sunday, a website called “ magicapk.com ” started making its way through various Indian social media channels including Twitter, WhatsApp and Reddit India. The website, which came with a simple user interface as shown above, simply asks visitors to enter a Reliance Jio mobile number to get access to “Jio sim details”. Throughout the evening, the authenticity of some of the leaked data was confirmed by users online as well as  tech website  Fonearena . It should be noted that the scale of this data breach is unclear at this point: when  The Wire  tried searching for a few Relia

Wannacry/ WannaCrypt Ransomware First Analysis Report

Image
CRITICAL ALERT Wannacry/ WannaCrypt Ransomware Original Issue Date:- May 13, 2017 Updated On:- May 15, 2017 Virus Type:-  Ransomware It has been reported that a new ransomware named as "Wannacry" is spreading widely. Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named as ETERNALBLUE. The ransomware called WannaCrypt or WannaCry encrypts the computer's hard disk drive and then spreads laterally between computers on the same LAN. The ransomware also spreads through malicious attachments to emails. In order to prevent infection, users and organizations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010. https://technet.microsoft.com/library/security/MS17-010 After infecting, this Wannacry ransomware displays following screen on infected system: Source: Symante