Crashing Android Phones.

              Its been a hard week for Android few days back the severe vulnerability has been discovered in the name of #Stagefright vulnerability that allows attacker to crash the mobile phone. Recently another vulnerability has been discovered on Android.

              The vulnerability causes the phone to crash and useless to even make a single call or send sms to other through the phone.

               More than 55 percent of mobile phones has been vulnerable and the version that are vulnerable are Android Jelly bean and later including Android Lollipop.

               950 million Android phones are under risk and it can be done by two ways

1. Booby Trapped Website and
2. Malicious Application.

               Booby Trapped website is the malicious web site where the user are redirected and the malicious activity can be executed and the mobile can be crashed.

               Fake website effect can be removed by restarting the mobile but the malicious application if installed the app will initiate the crash call whenever the phone has been started or restarted.

               This makes the phone useless for any other purpose. This was due to the Indexing of media files by the OS while starting or booting. The service is known as #mediaserver service.

                The proof of concept has been released by the security researchers and it can be found here.

P.S : The post is to create awareness and not to be misused.

Android Hacking Tool - RCSAndroid.

                      Few days before several TBs of data were dumped in the Internet and the real fact about how the attack has been done is not revealed and now it is discovered. Recently Security researchers revealed the fact about the attack.

                     Security Researchers at Trend Micro has been analysis and found that there has been an Android Hacking tool that can be used to attack many number of devices. The tool is named as #RCSAndroid.

                      The tool requires no knowledge on hacking thus any script kiddie can run the tool and attack the victim and can spy the target without any difficulties. 

                      The tool must be installed in the remote Android Phone and this can be done by sending the malicious link via social media and messaging application pretending to be something else and once the target clicks the link.

                       The Root privilege will be attained and the APK are installed in the target device and the features that can be accomplished by the installation of the tool are

Collect SMS,MMS
Take Screenshot
Get all the Saved Passowords
Record Calls
Take Photos using Front and Back camera
Gather Information about the device
Find the location
Record using Microphone
Gather contacts.

                        The spreading of app can also be done by exploiting some known vulnerabilities also and as the Backdoor the apps such as "#BeNews" can be used which are available under the Google Play Store.

                         Any version of Android can be targeted and the users are recommended not to click on any link from untrusted source or from any fake messages that are forwarded such as

Click the link to get 100 rs. Free Talktime
Frwd to 2 groups to get 100% battery charge
Click the link and getting blessing from God or bad things will happen for next 2 years
Click the link to win the offer.

                         These are just to fool you and users just think before you make a click. Don't be a victim.

P.S : The post is to create awareness and not to be misused.

Four Zero Day Exploit for Internet Explorer.

                 Many exploits has been discovered these days that affects many services and now it is for Internet Explorer. Recently four zero-day exploits has been revealed for Internet Explorer by Hewlett-Packard.

                  HP's Zero-Day Initiative (#ZDI) has disclosed four exploits in Internet Explorer that could be exploited by any attacker that can be used to execute malicious code on victim's machine.

                   Zero-Day exploit means any exploit that has been discovered that is not even known to the developer or service provider. These four exploits also affects Internet Explorer Mobile on Windows Phones as well.

                   The four exploits are
#ZDI-15-359 : AddRow Out-Of-Bounds Memory Access Vulnerability.
#ZDI-15-360 : Use-After-Free Remote Code Execution Vulnerability.
#ZDI-15-361 : Use-After-Free Remote Code Execution Vulnerability.
#ZDI-15-362 : Use-After-Free Remote Code Execution Vulnerability.

                   The most critical vulnerability is the first one that affects the way Internet Explorer handles some specific arrays. Another bug is handling #CAttrArray objects. It allows attacker to manipulate document's element.

                    The last two are similar and they are in mishandling #CTreePos and #CCurrentStyle objects in some situations.

                     The four bugs has been reported to Microsoft and they has fixed the bugs but the flaws remain open in Internet Explorer Mobile. 

P.S : The post is to create awareness and not to be misused.

Google,Yahoo, Facebook Collaborate against Bots.

               Few portion of network traffic at the data centers are not legitimate and many are due to the bots that are making this traffic and consuming Bandwidth. There has been many steps taken to prevent bots and now it is Google, Yahoo and Facebook join hands to blacklist the bots.

               The giants join hands to fight against the bots by blacklisting them by flagging the IP addresses. #Trustworthy Accountability Group (TAG) has announced a program that will tap Google's internal data center and blacklist the bots.

                The new pilot program will reject traffic from web robots or bots by making use of blacklist and the suspicious IP addresses will be blacklisted and Google's DoubleClick blacklist alone blocked 8.9 % of data-center traffic.

                Bots are used mainly as a tool for making money through Click Frauds ( Refer tutorials.kingprakatheesh.in for more info) which causes loss of money to providers and among them main two are #UrlSpirit and #HitLeap.

                 #UrlSpirit is a software that has nearly 6500 installations presenting 500 million fake ad requests or average of 2500 requests per day for installation.

                 #HitLeap is larger with 4800 installations network of which 16% are operating in data centers. 

                  TAG will soon release a set of principles for online users comments that will be then incorporated into the final pilot program. The tool will be available to public by the end of 2015.

P.S : The post is to create awareness and not to be misused.

Microsoft's Emergency Update.

                    Releasing of a patch or hotfix is common for any vendor to fix any security loop hole that has been exploited and it is #Microsoft now releasing an emergency update for fixing a critical vulnerability.

                    Remote Code Execution seems to be more deadly when exploited. Consider you own computer which you owned works for other stranger, it is the case with the remote code exploitation and it is the Microsoft Windows that faces a critical situation.

                    A Critical Flaw has been identified that affects all the supported version of Windows and it resides in the way Windows Adobe Type Manager Library handles OpenType fonts. The critical vulnerability is designated with #CVE-2015-2426. 

                     Once exploited the attacker can execute any remote code and can take complete control over your computer. Windows versions Vista, 7, 8, 8.1 and Windows RT are all affected by this vulnerability. It also affects Windows Server 2008 and later and also Windows 10 Insider Preview.

                     So far there is no indication that the attack has been exploited by an attacker but the chances are very high and also it is a critical vulnerability.

                      Microsoft released the patch and all the Microsoft Windows users are requested to update the windows as soon as possible because the vulnerability is easy to be exploited and the complete control over the system can be gained.

                       The vulnerability has been discovered by Security Researchers Mateusz Jurczyk and genwei Jiang.

P.S : The post is to create awareness and not to be misused.

Net Neutrality Report in India.

              All the Internet Users must be aware of #Net Neutrality and the recent arguments over it. Net Neutrality means the Internet Freedom which allows user to have Free, Fast and open Internet to all. Recently a report has been released regarding Net Neutrality.

              The #Department of Telecommunications (DoT) has released a report after the announcement of services such as Facebook's #Internet.org and #Airtel Zero. 

               According to the report which is 100 pages it recommends #Telecom Regulatory of India (TRAI) to end the Free Domestic voice calls in India.

                The report says the core principles must adhere to protect user rights on the Internet and so #Telecom Service Providers (TSP) do not able to restrict their ability to access any service on the Internet.

                The report recommends the TRAI to regulate domestic VoIP calling services while taking a liberal approach to International VoIP services. This means any voice calls made overseas will be free and any calls within India will be charged.

                The services such as #WhatsApp, #Skype and other VoIP services are free if used to connect International user and charged if connected locally as per the Internet Pack the user running.

                 The report also criticizes Facebook's Internet.org saying 'the content and application providers cannot be permitted to act as gatekeepers" and Facebook Vice President Stated that it is a gateway but not a gatekeeper.

                   DoT has rejected the demand for regulation of over-the-top (#OTT) Free messaging service stating that the user can use messaging service like WhatsApp, Viber and Hike for free.

                   The committee's report is not final and the report has only been presented to TRAI and the recommendations will be considered before Government's Final call.

                    The report can be found here.

P.S : The post is to create awareness and not to create any negative impact.
                

Automatic Update cannot be Disabled in Windows 10.

             Microsoft is yet to release the new version of Windows under the name #Windows 10 by July 29 and there has been many features that are being added to the version. Recently it has been said that the automatic updates can not be disabled in windows 10.

              Microsoft has a feature known as #Automatic Update that is used for Fixing the patch and also for providing stability to the system. 

               Actually if a security Researcher or any attacker finds a new way to exploit the system, the company will fix the issue and provide a patch for that and thus the Automatic update seems to be one of the important feature.

                Many of the users do not want to install the updates as it consumes more Bandwidth and also may slow down the system performance if the Bandwidth is small. For this Windows 8 has four options for the user.

Download and Install automatically
Download but choose when to Install
Check for Download but choose when to install
Never check for updates

                 These are the options but due the enormous increase in Cyber Threats and getting many opinions from Security Experts Microsoft decided to remove the last option from the list above.

                  So hereafter you like or not you can not disable the Windows automatic Update in Windows 10. The options that will be available are

Check, Download, Install and Reboot Automatically
Check, Download, Install Automatically and then choose to reboot.

                 These will be the options that will be available in Windows 10.

P.S : The post is to create awareness and not to create any negative impact.

              

Cracking RC4 Algorithm.

                    Cryptography has been used since the period of Julius Ceaser and also been used still now because of the increase in cyber threats. one of the algorithm that is considered to be  secure and unbreakable is #RC4. Recently a method has been developed to crack the RC4 algorithm.

                     Cryptography is the art of making the message unknown to anyone who are intercepting it unless it is an intended recipient. #RC4 is one such algorithm that has been used in many protocols like

SSL
TLS
WPA
WEP
Microsoft RDP

                    These services are working on RC4 as their shell for protection. In 2013 a method has been proposed by which the algorithm can be cracked in 2000 hours and the method proposed now requires only 312 to 776 hours for cracking.

                     The success rate is believed to be 94 % which is too bad still 50 % of the services are running on RC4 algorithm.

                      The  method for exploitation can be found as follows

                      It takes only 75 hours to crack the key with 94 % accuracy and the video covering the attack can be found here.

                     The whitepaper detailing about the attack can be found here.

P.S : The post is to create awareness and not to be misused.

JAVA Zero Day Exploit.

                Java is one of the powerful and more dominant language that prevails for more decades and one of the powerful characteristic is Security that is provided by Java. Recently a zero day exploit has been revealed by Security Researchers.

               The zero day exploit has been revealed in the latest version of Java 1.8.0.45 but the older versions of Java such as 1.6 and 1.7 are not at all affected by this zero day exploit.

                Attackers are using email messages to send the malicious links to the victims and once clicked the exploit code delivers a basic Trojan Dropper, #TROJ_DROPPR.CXC, that drops the payload #TSPY_FAKEMS.C.

                 The payload is injected into the /login user folder and thus compromising the security of the system. The advanced Persistent Threat (APT) group operation #Pawn Storm are thought to be responsible for the Java zero-day exploit attacking member of NATO and US defense.

                 The exploit has been reported to Oracle and the steps how to exploit it has not been released yet but it is believed to be used by many attackers.

                  Oracle is working with Trend Micro to develop a fix to patch the issue. Until the patch is released the users are advised to disable Java temporarily in their browser.

P.S : The post is to create awareness and not to be misused.

Google Photo App Sync even after Uninstalling.

                   What will be your reaction if you uninstall an application and it is still running on your device ? What if the uninstalled application sync your data ? Recently it has been found that Google Photo App sync the data even after uninstalling.

                    Android has a major share in mobile operating system and it has the application known as Google Photo for syncing their photos in their account.

                    The main purpose of the application is similar to that of the built in sync feature available in the Apple Iphone that helps the user to sync their photos in Icloud. 

                     The weird thing about the Google Photo application is that the application continues to sync the photos even after the application has been uninstalled by the user.

                      Recently a Journal Editor found that the photos he has taken even after the installing of the application are synced to his account.

                       When he contacted Google they said "The backup was as intended" and that the users will have to turn off the feature in the phone's Google Play Services Settings. It is because the Google Photos settings are interconnected with the Phone's Google Play Services.

                        Inorder to fix this issue do the following

                        If you are an Android user and dont want to sync personal photos automatically you need to disable the sync option from either Google Photos app or from your phone's Google Setting.

                        The video demonstration can be found here.

P.S : The post is to create awareness and not to create any negative impact.

Malicious Android App got Million downloads.

                  Android mobile operating system has been used by billions of smartphone users and it is one of the attack vector for the attacker. It is not the first time that malicious application has been found on the play store. Recently another application has been identified to be malicious.

                  The Android application dubbed as "#Cowboy Adventure and #Jump Chess has been found malicious but it is also found that the malicious application has been downloaded over a million of times.

                  The malicious applications steal the credentials of the users Facebook accounts by creating a fake login page. The application has the feature named as #OAuth that allows the user to login into the Facebook account.

                  Once the user enters the credentials the entered credentials will be sent to the attacker and thus the user Facebook account is compromised.

                  Users if downloaded the game and using it are advised to change their Facebook credentials and the account where the same password is used for login.

                   The steps that can be followed for the prevention of downloading the malicious app are

1. Do not download application other than from Google Play Store or Apple App Store.
2. Read the users review before downloading any application.
3. Always use Two-Factor Authentication for prevention of malicious login.
4. Install a good Antivirus Software for additional Protection.

                    The malicious app has many reviews stating that the application locks the Facebook account. Inspite of this there are million of download for this application.

P.S : The post is to create awareness and not to create any negative impact.

Chrome Starts Blocking Torrent sites.

         Google Chrome is the web browser of Google and it has been built on Chromium and it has been used by millions of users globally. Recently Chrome starts blocking sites like torrent and proxy sites.

         Actually Google Chrome is having an advanced monitoring tool for preventing users from getting caught by any malicious file that may cause damage. Usually the Chrome will display a warning message that the page contains the malicious file that may damage the system.

        The screen that has the error message will be in red color and will notify the user about the risk. Recently Chrome started blocking Torrent sites like Kickass, Torrentz saying that it has malicious program that can damage the system.

        This also created some confusion among the users such as whether to follow the guidelines of the Chrome or to ignore the message and proceed.

        The blocked sites also in confusion why Chrome has blocked their sites and they posted that they will contact Google and find a solution to the issue at earliest.

        Google Chrome may block the sites due to the fact that the page may contain some Advertisement that can done some malicious activities and so the web page may be blocked.

        Not only Torrent sites but also many proxy service sites has been blocked may be because of the same reason.

         If any user or experiencing the same issue and want to resolve it follow the tutorial given by the Google that can be found here.

P.S : The post is to create awareness and not to create any negative impact.

Increasing Firefox browsing speed.

                 Mozilla Firefox is used globally by billions of users for surfing the net. Firefox rolls out many features and the main feature expected by all the user is to increase the net speed and surf faster through web. This post is about how to increase the speed in Firefox.

                  The post deals with how to increase the surfing speed in the #Firefox browser but please know that changing the configuration file may void your device warranty. If you want to stay at safer side please do not proceed.

                   The technique that is used is Pipelining. Pipelining plays a major role in computer architecture that is used to compute the data and produce the result at higher rates.

                   To change the configuration file in the Firefox do the following at your own risk

Type about:config in the address bar and it will take you to the configuration setting page of browser.

Set "network.http.pipelining" to "true"
       "network.http.proxy.pipelining" to "true"
       "network.http.pipelining.maxrequests" to some values such as "10"

 Lastly, right-click anywhere and select New->Integer. Name it “nglayout.initialpaint.delay” and set its value to “0“;.(Zero).

                       The change of setting will make the browser to execute the pipelining and make the browser to accept the requests faster than existing speed. The addition of the new integer will make the broadband user to surf with much increased speed.

                        THE AUTHOR OF THE POST IS NOT RESPONSIBLE FOR ANY DAMAGE DONE BY MAKING THE CHANGING AND THE USER IS SOLELY RESPONSIBLE FOR ANY DAMAGE DONE.

P.S : The post is to create awareness and not to be misused.

Now Find Who Unfriend You on Facebook.

             Facebook is one such social networking site which has billions of users globally and it has been an expected feature ever to find who unfriend the user or who delete the user. Recently there has been an application developed for this purpose.

             There has been many number of applications that are used to serve this purpose but may of the applications are fake and are only designed to steal the user credentials. An application has been developed that can be used to find who unfriend the user or delete them.

              The application is named as #Who Deleted Me application and is developed by Exeter-based developer and the application is free to install for both the Android and IOS platform.

               The application after installing will display the friends online, friends who unfriend them earlier and the number of followers who unfollowed and also the last seen timestamp for all the users in friends list.

                The application will start monitoring after the installation and the report will be based on the time after the application has been installed.

                 A chrome extension is also available for the application and can be added to the chrome.

                Android users can download the application from here.

                IOS users can download the application from here.

                Chrome Extension can be downloaded from here.

P.S :  The post is to create awareness and not to be misused.

Right time to move towards IPv6.

           Computer users must know that to access the Internet they need a unique address for the identification among the large pool of devices for that IP (Internet Protocol) address is used. We are now managing with IPv4. Recently there has been a news that IPv4 is getting exhausted.

            Few days back there has been a report from #ARIN (American Registry for Internet Numbers) who provides a unique IP address to vendors or ISPs (Internet Service Providers) about the exhaustion of the IP addresses.

            They released a statement that they are running out of IPv4 address and the ISP are left with few options such as 

1. Only limited amount of IP blocks can be provided.
2. They can make use of IP addresses from other organisations that does not use them.
3. They can join the waitlist.

             North America is facing the difficult situation with the exhaustion of the IP addresses and it is the right time to move towards IPv6.

             IPv4 can serve billions of devices and the migration towards IPv6 has been proposed since 2011 and IPv6 was developed two decades back in 1998 and they are having the capacity to serve trillion trillion of devices.

              Not only the exhaustion of IPv4 needs the migration there is a rapidly emerging technology known as #IoT (Internet of Things) where are the devices (Fan, Grinder, Light etc.) are connected to the Internet.

               IoT needs enormous amount of IP address to serve the needs and so the migration towards the IPv6 is becoming a mandatory needs.

P.S : The post is to create awareness and not to create any negative impact.

Digital Amnesia - A New Outcome.

                 Smartphones are found everywhere and in everyone's hand and even some of the users are having more than one smartphone. Recently a survey has been made and the result stated is about growing #Digital Amnesia.

                  We are all using smartphone to save others phone number and also we make a note of things that are needed handy and many users are using smartphone to store their daily tasks and also the passwords for their online accounts.

                    A survey has been made by the Cyber Security Company #Kaspersky on 6000 people and they found that the total dependency on smartphones results in #Digital Amnesia.

                    The shocking facts are as 70 percent parents cannot remember their children phone number and 90 percent people can not remember their children school contact number.

                    50 percent of people can remember the same when they were 10 to 15 years old and the fact is that it is not that ageing that made them forget the number but the total dependency on smartphones.

                     50 percent of people totally dependent on smartphone details and the Principal Security Researcher at Kaspersky stated that it is a human nature if we have a device to save the details, why we should remember those details.

                     Researchers also stated that many cannot remember their children, spouse and sibling number. Smartphones are there to help us not to make us dependent on them. 

                      They also stated that there is a drastic change in the human brain and it is getting adapted to the Internet.

                       Let's take a quick survey Can you recall your parents number ? Sibling number ? Children number ?. If not you may be a victim of Digital Amnesia and you are dependent on Smartphones.

P.S : The post is to create awareness and not to create any negative impact.

Anonymous WiFi connection over 2.5 miles.

                  Anonymous browsing seems to be a bigger problem in today's world and Wi-Fi connection has been used by millions of users and also facing many problems. Recently a new device has been developed to connect to Wi-Fi over 2.5 miles.

                   There are many anonymous services like TOR proxy and VPN service but in that services too if the IP address of the client is known then the anonymous nature of client has been lost and all the packets can be intercepted.

                   Security Researcher Benjamin developed a new device named as #ProxyHam that can be used to connect to the Wi-Fi that are within a distance of 2.5 miles away.

                    The device #ProxyHam has three antennas. One antenna is used to connect to a Wi-Fi hotspot at public places and the other two can be used to transmit the data at 900 MegaHertz Frequency. 

                    The 900 MHz transmission is not identified by many intercepting devices and it is developed on a Rasperry Pi computer and it has the power to transmit the data at low frequency.

                    The other features that can be implemented in future by the Researcher to include the Self Destruction and it can be made to fix in a small box.

                     According to the developer it offers complete anonymicity and stability in transmission of data over low frequency.

                     The product and the blueprint along with the Hardware Specification is about to be released on the DefCon Conference at Los Angeles next month.

P.S : The post is to create awareness and not to be misused.

Find Mobile that are in Silent Mode,

                   Life without a mobile phone seems to be very difficult these days and the big problem is that users forget where they placed the mobile and search it. If the mobile device is in silent mode then that is a big problem. Recently there has been a method to find the mobile device that are in silent mode.

                   There are ways that can be used when the phone has been put in silent mode but the methods need Internet Connection for many ways. One such way is that logging into the application and activate the ring to find it.

                    These methods need Internet Connection what if you are struck in a place where no Internet is available ? The solution is to install an application named #Clap To Find. Just download the application and configure it and you are ready to use it.

                     Once when the phone is struck in silent mode then all you need to do is that "Clap your Hands Three times" the phone will ring in full volume no need for Internet Connection.

                     Another classical feature that can be used is that Just send a pre configured text message to the device it will ring your phone in full volume. For enabling this feature you need to install the application named #Ring My Droid.

                      After the configuration if you sent a text message it will ring the phone in full volume.

                      The Application #Clap To Find can be downloaded from official Google Play Store and it can also be downloaded from here.

P.S : The post is to create awareness and not to be misused.