Dipak Parmar

Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as 'Not Secure' in its years-long effort to make the web a more secure place for Internet users. So if you are still running an insecure HTTP (Hypertext Transfer Protocol) website, many of your visitors might already be greeted with a ' Not Secure ' message on their Google Chrome browser warning them that they can't trust your website to be secure. By displaying 'Not Secure,' Google Chrome means that your connection is not secure because there is no SSL Certificate to encrypt your connection between your computer and the website's server. So, anything sent over a non-HTTPS connection is in plain text, like your password or payment card information, allowing attackers to snoop or tamper with your data. The non-https connection has been considered dangerous particularly for web pages that transfer sensitive information—like login pages and paym...

Cyber security has become a hot topic throughout businesses and organizations as new technology continues to develop. In the past several years the world has evolved around technology tremendously, making it hard for people to keep up and adapt to it. As new phones, computers, automated tellers, and security devices become familiar around the world; there are also people determined to break into them, as opposed to utilizing them correctly. These people are known as hackers, and they are dangerous. Their intention is to steal, bribe, and or threaten technology users for their information. Safety in the household, at work, and in the economy have increasingly developed into daily task items. Whether that means enabling a home safety device, locking a computer at work, or even encrypting bank information. The number of hackers increases daily around the globe and their actions ranging from spamming your email to as far as stealing encrypted data from banks and capital markets. The U...

On Sunday evening, a website called “magicapk.com” surfaced that contained the personal data of millions of Reliance Jio users. Screenshot of leaked Jio data. Credit: Twitter New Delhi:   A website that reportedly contained the personal data of millions of Reliance Jio users surfaced on Sunday evening and crashed later that night presumably due under a high load of web traffic. At roughly 6 pm on Sunday, a website called “ magicapk.com ” started making its way through various Indian social media channels including Twitter, WhatsApp and Reddit India. The website, which came with a simple user interface as shown above, simply asks visitors to enter a Reliance Jio mobile number to get access to “Jio sim details”. Throughout the evening, the authenticity of some of the leaked data was confirmed by users online as well as  tech website  Fonearena . It should be noted that the scale of this data breach is unclear at this point: when  The Wire  tr...

The German cybersecurity researchers have found that many security vulnerabilities in many websites could, in fact, be due to people learning to code from popular online tutorials which are riddled with many mistakes. The Computer scientists from the Saarland University, the Technical University of Braunschweig, Technical University of Berlin, and the cybersecurity firm Trend Micro have analysed thousands of PHP programming projects on the  GitHub  and they have cross-referenced the code against a bunch of popular coding tutorials which rank at the top of Google. Most of the popular tutorials online focus on teaching the new coders how to perform a particular task, like how to create a search form in PHP or how to accept the user’s input from a HTML form /message box and output it in the JavaScript; or the tutorials on how to start using an open source database management system like  MySQL . These tutorials offer coding examples that people can copy, but more...

A team of researchers from the University of Michigan  discovered  that hundreds of applications in Google Play Store have a security hole that could potentially allow hackers to steal data from and even implant malware on millions of Android smartphones. The University of Michigan team says that the actual issue lies within apps that create open ports — a known problem with computers — on smartphones. So, this issue has nothing to do with your device's operating system or the handset; instead, the origin of this so-called backdoor is due to insecure coding practices by various app developers. The team used its custom tool to scan over 100,000 Android applications and found 410 potentially vulnerable applications — many of which have been downloaded between 10 and 50 Million times and at least one app comes pre-installed on Android smartphones. Here I need you to stop and first let's understand exactly what ports do and what are the related threats. Ports can be ...

Whatever the reason is, ransomware activity skyrocketed last month. An influx of crude, unprofessionally tailored samples bombarded home users and enterprises, sometimes simply destroying data beyond recovery due to broken crypto. Meanwhile, high-profile threats like Spora, Sage, Cerber and Jigsaw became more sophisticated. The statistics for March are as follows: threat actors released 46 new strains and updated 20 existing ones. Although anti-malware labs and security enthusiasts were able to devise seven free decryptors, that’s still a disproportional achievement. Read this report to stay on top of the current ransomware trends. MARCH 1, 2017 The comeback of Crypt0L0cker A new wave of the Crypt0L0cker, or TorrentLocker, ransomware campaign breaks out after a lengthy standstill since mid-2015. The updated strain primarily  zeroes  in on European countries. Clever AV evasion by Locky According to Microsoft Malware Protection Center (MMPC),  the latest O...