WhatsApp Video Calling.

         WhatsApp being one of the most commonly used application across globe. It almost replaced the traditional message feature available in the phone and now after the launch of the calling feature many are using it. Recently WhatsApp announced a new feature.

          WhatsApp being one of the End to End Encryption enabled application have billions of users. Now WhatsApp released the video calling feature to all its users with End to End Encryption.

           This feature is available in the beta version so one has to register themselves as a beta tester and then can update their application through Play Store. Other way around is to use the APK Mirror of the WhatsApp beta version and use it.

             To use Video Calling feature one has to press the same call button upon which the user will be provided with Voice Call, Video Call option and it is mandatory that the other use should also use the updated version to support voice call, otherwise it will throw an error.

             There are many malicious APKs emerging to fool people it is highly recommended to download or update the applications using Play Store or download it from the official site.

P.S: The post is to create awareness and not to be misused.

Amazon Offers, Free Wifi, Lucky Prizes.

             Before proceeding to the post it is the name of the post that attracts many and made them read the post to grab some offers or free wifi. It is the root cause for losing your private details (Passwords, Bank Account Number etc.). There has been a rapid increase in the number of cyber crimes recorded these days and they are not due to computer error but purely due to the user's mistake.

              One such this that attracts everything is FREE OFFERS, In India Amazon has introduced Diwali Sale and its on full speed. Recently there has been a scam that is circulating around social platforms. You can see the picture below

                 The above link has a cloned site of Amazon.in where the users will be asked to enter the card details for the payment and then users card details are abused.

                 Another strategy is that to steal the credentials of Amazon website users it is accomplished by the following mail

                   This mail is one of the awesome work you can see the same amazon.com without any mistake. The only this is HTTP not HTTPS but the real site is something else which is hided within this link.

                   Why stealing card details indirectly lets steal it using their bank site. You wanna see that too ?

                    All the mistakes has been pointed out by one of the researcher. Upon clicking the link will steal your bank credentials.

                     Oh man come on lets install a malware in the victim's mobile so that one can monitor his/her activities 24*7. Wi-Fi is one of the essential thing everyone needed so just exploit them

                      Worst case, everyone is addicted to money so why cant steal the credentials by fooling them by telling one that you won huge money.

        

                   The pictures posted in this blog are pure malware and everything has been validated. The intention of the post is to avoid users from losing their credentials or information to these fake materials.

P.S: The post is to create awareness and not to create any negative impact.

Secret Conversation on Facebook Messenger.

            Eavesdropping and spying is one of the most common issue in Cyber space and many people are concerned about their privacy. Cryptography solves this problem to atmost extent by providing Encryption. Recently another giant rolled out Encryption feature.

             Apple incorporated End to End Encryption in iMessages, then WhatsApp rolled out End to End Encryption for its users. Now Facebook messenger supports End to End Encryption for its users.

             It is labelled as "Secret Conversation" in Facebook messenger and users with updated app version can use this. To enable End to End Encryption 

             Open Existing Conversation and click on Information icon and enable "Secret Conversations". Once enabled the chat is Encrypted on channel. One thing to be noted is you cant send gif, video through Secret Conversations.

              Another thing is that these providers are storing the Metadata about the chat which will be revealed when law enforcement asks for it. 

               The End to End Encryption on Facebook messenger is based on Signal Protocol. If you are so keen that not even your metadata should be revealed then you have to use Signal app which provides more privacy than these applications.

P.S: The post is to create awareness and not to create any negative impact.

Hack a computer with an image.

        Taking control over computer is a real time challenge for hackers these days. Hacking a computer is a tedious job if configured properly but the only way one can gain access is to use the well known weak link.

         Users are considered to be the weakest link in the cyber domain because one cant change the functionality of the system if configured well and in operation, whereas user who operate the system can do anything and has no restrictions.

         There is a separate section known as Social Engineering which exploits human trust and therby taking control over computer or device.

         Consider you are receiving an email stating "You have won 3.5 crores as prize and to redeem fill the form" 5 out of 10 will give away details as per survey conducted. Even a blank PDF file can be a malware in cyber space.

          It is now JPEG as it is easy to transmit and easy to fool users. Using malicious JPEG an attacker can take control over your system. Best way to spread Ransomware is to send malware through email attachment.

          Many are falling to Ransomware these days it is recommended to have a backup of files always. Use offline storage or Cloud storage to save sensitive data. 

          Users are recommended not to open email from unknown sources and simply delete them if it contains any attachment in any form (PDF, JPEG, DOC). Even a doc file with macro enabled can harm your system.

P.S: The post is to create an awareness and not to create any negative impact.

Using RAM booster for Android Mobiles.

        Android being one of the largest smartphone operating system is used by many people across globe. Millions of applications are there in Android Play Store and many of them are commonly used by many people. One among them is RAM booster or Cache Cleaner applications.

       In this blog post I am going to discuss the findings of one such common application used by almost more than 50 million users across globe. It falls under RAM booster category and cleaner application.

       One thing that has to be made clear is that Android has good RAM management and cache management program. Almost all the devices comes with average of 2 Gigabytes of RAM so there are 2 Gb available for applications.

       Unused RAM memory is Wasted memory according to many researchers. Ok lets see the functioning of any RAM cleaner application.

        Consider you are running a RAM cleaner application, it will kill the application that is dormant and also delete cache files. After that a nice GUI will tell you that almost 300 Mb has been restored. Ok in background after quitting the application or after the cleaning the application that has been killed will be again assigned to RAM and will create all deleted files again which takes more resources than before.

        Some applications will have cache files with some important data before saving in DB file or in backgorund file before that running RAM cleaner may delete the files and the application if required will download data from Internet which costs Mobile Data.

        Another nice thing is while analysing I came across an application that upon opening sharing IMEI number, Mobile model, Phone Build, Brand Name, Carrier Name and many more to famous Advertising company. 

         As a final thing using these types of RAM cleaner or Cache Cleaner will only take more resources and drain your battery and also may steal your details about device. Think before using it next time.

        For security reasons I am not disclosing the application name, here RAM cleaner referes to normal cleaner application. 

P.S: The post is to create awareness and not to create any negative impact.

Hack Windows / Mac Login Password using USB.

           It is not the new story that the USB drives has been used to steal credentials. There has been USB drives that explodes when connected and there are drives that will steal the credentials when plugged in. Recently yet another evil USB has been developed by a researcher.

           A security researcher developed a USB drive that will identify themselve as a network gateway and also as DNS server using the ethernet port. USB drive in USB port will have some restrictions before loading but the ethernet port will be whitelisted in the machine for sure.

           The device dubbed as evil USB upon inserting in the ethernet port will identify itself even the computer is locked out and then the drive will try to sniff the hashed credentials and stores them in the SQLite Database.

           After that the database entries can be cracked to find the password stored. The researcher tested this in many versions of Windows machine and also Mac running EI Captian and also Mavericks. 

           The only limitation for this attack is that the attacker need to have physical access to the computer for almost 13 seconds.

P.S: The post is to create awareness and not to create any negative impact.

1.9 Gbps Internet Speed in 4G.

             

             Internet has become one of the basic element of life and it is a backbone for many industries. Internet Speed is the major factor that determines the quality for any ISP. Recently an ISP has made a record breaking speed in 4G network.

             Top speed achieved in 4G network as of now is 300 Mbps but ISP named #Elisa, Finnish ISP with the help of Chinese technology Huawei achieved 1.9 Gbps (Gigabit per second) in 4G network.

             Actually the top speed achieved in 5G network is 1 Tbps (Terabit per second) by researchers from University and International Telecommunication Union achieved 20 Gbps in 5G network.

             Vodafone Germany is also planning to offer 1 Gbps by the end of 2016. It is stated that using Elisa the real time maximum possible speed is 450 Mbps where existing is 300 Mbps.

             It is to be noted that using Elisa 4G network one can download a Blu-ray film in the time period of 40-45 seconds.

P.S: The post is to create awareness and not to create any negative impact.

WhatsApp to share Data with Facebook.

             WhatsApp one of the famous application used for messaging introduced End to End Encryption for all the users to maintain confidentiality for the chats. Recently they have decided to share the data with Facebook.

            Facebook acquired WhatsApp before and at that time WhatsApp stated that they will not share the data with their Parent company Facebook and will maintain user privacy but now the company has decided to share the user data with Facebook.

           Since they have implemented End to End Encryption no user data that are sent such as text or media files can be shared as they are encrypted, they can share contact number and other information. Parent Company Facebook inturn may sell the data to the advertisers to target users with targeted Ads.

          All users who updated WhatsApp application will be pushed with Agree to License Agreement which automatically gives permission to share your data with Facebook. Those who has done that may opt out of that feature within 30 days.

          To stop sharing of data go to Settings -> Account -> Uncheck the checkbox with text "Share Personal Info". This will popup a message and click Dont Share to stop sharing of data with Facebook.

          There are many other applications that provide all and more features than WhatsApp like Telegram and Signal. 

P.S: The Post is to create awareness and not to create any negative impact.

Microsoft Open Sources PowerShell.

          Microsoft has been slowly moving towards Ubuntu and Open sources these days. Recently there is a big move made by Microsoft. They have Open sourced the PowerShell. 

          Almost all kernel has a shell to interact with. In Windows based we have Command prompt as CLI utility and all Ubuntu based will have Bash (Bourne Again Shell) to interact with. In addition to Command prompt, Windows also has a powerful utility known as #PowerShell.

          PowerShell is a scripting language that is mostly used by power users such as administrators and other users to automate kernel tasks. One who masters PowerShell can unleash the real power in Windows Kernel.

         PowerShell is based on .NET framework and all the commands executed will return an object. Recently Microsoft open sources Powershell by making its source code to GitHub under permissive MIT license.

         They have made the binaries available for CentOS, Mac OS X, Linux kernels and Red Hat platforms. They have made the version of PowerShell based on .NET Core which is a cross platform so as to run on both Linux and Mac.

         It has been released as a community based and alpha version. The official version is yet to be released by Microsoft.

P.S: The post is to create awareness and not to create any negative impact.

Google's Video Calling App - Duo.

            It has been already posted that Google is about to roll out two apps in the name #Allo - Smart messaging application and #Duo - Video calling application. Recently they rolled out the Duo application for both Android and iOS users.

            Google rolled out the new application Duo that is for video calling. It uses only the mobile number to activate and it also displays the username based on the contacts saved in the mobile. It uses #End to End Encryption to avoid any attack in between.

             Duo is also powered with a feature known as #knock-knock by which the recipient of the call will get the video feed of the caller before even answering the call in the locked screen.

            Duo also has the feature of switching between Wi-Fi and Mobile Data. It also has the feature of downgrading resolution automatically so as to prevent dropping or lagging of video due to bandwidth latency.

            Duo is now available for Android and iOS platforms but the official version is yet to be released by Google. If you are so keen in getting the application you can download Android Apk here. 

P.S: The post is to create awareness and not to be misused.

NSA's Hacking tools leaked online.

           United States of America leading one of the largest and sophisticated cyber intelligence agency in the name of NSA. Few days back a hacker group claimed to hack the #Equation Group - Cyber attack division of NSA. Recently the data and private tools has been leaked online.

           It is claimed by the hacker group #The Shadow Brokers that they have hacked the Equation Group and gained many private hacking tools used by the agency.

           Some of the exploits are published online and some security researchers considers the exploits to be legitimate and the group #The Shadow Brokers claims 1 Million bitcoins (568 Million USD) to dump the entire tools which includes installation scripts, exploits for famous vendor products such as Cisco and Firewall and so on.

            There is a news in the past that this Equation Group is responsible for Stuxnet attack but is not proved and the hackers claims that #Topsec, Chinese company is also target of Equation Group. 

            Some security researchers also claims that some of the code names relates to the documents leaked by the whistleblower #Edward snowden such as #BANANAGLEE and #EPICBANANA.

            The breach is not yet confirmed and there is a news that it may be a well organized hoax to gain Bitcoin in large amount and also to gain media attention. If this is proved, it will be historical hack in cyber history.

P.S: The post is to create awareness and not to create any negative impact.

#Use WhatsApp without Original Number.

              WhatsApp is the most popularly used application among smartphone users to send messages and also for calling. It almost replaced the traditional texting system. There is a way of using WhatsApp without using your original number.

              WhatsApp upon installation will ask for the mobile number to use and once the verification code has been verified, the application will startup with chat box. WhatsApp can not be used without this mobile activation step.

               If you are keen in using WhatsApp but not intended to reveal the original phone number then there is a way for you. Before proceeding it is purely for educational purpose and the author of this post is not responsible for any damage occured.

              Install WhatsApp freshly, it will prompt for the mobile verification and ask you to enter the mobile number along with the country code. Download and install Primo Application from play store. Enter the details and verify mobile number in Primo application.

              Once verification done with Primo application you will be displayed with Primo home where upon clicking on the menu button on top left corner a popup dialog will appear, find a number at the bottom of the menu displayed.

              It will be above the credits display and surely will not be your mobile number (Usually starts with +1 country code, may also be different) note that number. Go to WhatsApp application and enter the number with respective country code.

               Try to verify mobile number via phone call you will receive the call from primo application attend it and note the verification code. Enter the code and you are verified, now you can use WhatsApp without using original mobile number.

P.S: The post is to create awareness and not to be misused. Author of this post is not responsible for any act done by readers of this post.

#QRLJacking - Hijack QRL Code.

          Authentication is one of the crucial parameter in Information security. It is achieved by passwords, biometrics and 2FA and many other means. One of the feature considered to be much secure is QR code. Recently a security researcher hijacked the QR Code.

           QR code is the two dimensional data that has secret information including secret keys and session details. QR codes has been used by many sites including WhatsApp for authentication WhatsApp Web in browser or in desktop client.

           The security researcher produced a fake login page which resembles the one as WhatsApp web and then he made a script to change the QR code which will change every 20 seconds in Original site. So whenever the QR code changes it will reflect in the fake page. The technique is dubbed as #QRLJacking.

           If the user scans the QR code using his/her mobile then the account will be hijacked and the session will be opened in the Attacker machine with full authentication.

           This can be done if the page has been faked and then the QR code which changes in the period of time should also be updated in the fake page. 

           The security researcher has also created a PoC and it can be viewed public here.

P.S: The post is to create awareness and not to be misused.

Verified Boot - Android Nougat.

          Technology giant Google is about to roll out their new mobile operating system version in the name of #Android Nougat. It has many new cool features and now another cool feature has been released.

           Being a huge platform it is one of the most targeted platform for attackers and for spreading malwares and rootkits. Normal user will not be aware of the malware until its action goes abnormal. Inorder to help them a new feature #Verified Boot has been enabled by Android.

            Upto Android 6.0, the device will boot up even if the device is compromised by malware by popping up an alert to users but now they are strictly enforcing verified boot.

            After the installation of Android Nougat if your device has been affected by malware or any rootkit your device wont even boot up by showing you an error. This state is merely similar to bricking the device.

            Data corruption caused due to hardware or software failure will also fail in verified boot and so the device wont boot but Android is having a special program to detect if the problem in data corruption.

            Due to this enforcement, Rooting the device and customizing the kernel may be tedious for users. This feature is considered to be nice for normal people but not for those who want to play with Android Kernel.

P.S: The post is to create awareness and not to create any negative impact.

Earning $500,000 per day through Android.

      Android makes a major share in smartphone operating system which is also a targeted platform for hackers. There are numerous malwares that has been released in the market to exploit users. Recently the revenue made by hackers using Android malware has been released.

       Dubbed #Hummer is one of the Android malware that targets devices and installs itself,roots the device and then download unwanted apps by gaining admin privileges.

       Once this malware has been installed, the developer will get 50 cents and it may seem to be a small money but they are making 500000 USD on daily basis by having 1 million downloads daily.

        The activities of the app will be once installed, it has many rooting exploits which allows themselves to root the device. Then after rooting it will download all the unwanted apps thus consuming bandwidth.

       #Hummer comes in the form of fake apps like facebook, Linkedin and also famous games, utilities and many more.

        The company released the top 5 countries affected by Hummer along with the user numbers

1. India - 154,248
2. Indonesia - 92,889
3. Turkey - 63,906
4. China - 63,285
5. Mexico - 59,192

        Users of Android are recommended not to download any apps through links and even in Play store review the developer before downloading applications.

P.S: The post is to create awareness and not to create any negative impact.

Google knows more about you than anyone.

         Google is becoming one stop shop for all Internet activities right from search, videos, books, maps and many more. Google collects information about users to provide them with targeted advertisements. Recently Google introduces a new concept of "My Activity".

          Google's new My Activity will store all of your activities in Google products like searches, videos and everything. You can control the information that Google can use. The information allowed to Google will be used to provide users with specific targeted advertisements.

          Google is also about to roll out new "Prompt" feature by which one can customize the ad that are displayed based on various filters. The option is known as opt-in feature.

           This option will provide users more control over the advertisements. Example you are browsing on your mobile device and you dislike the ad, you can delete the ad and it can be deleted across all your devices rather than deleting on each devices.

            If you prefer privacy to be main concern you can have ultimate privacy control by controlling what are all information should be allowed for Google to track.

P.S: The post is to create awareness and not to create any negative impact.

Dozens of malicious Android Apps.

              Being an open-source operating system, #Android is exposed to a large attack vector due to the publicity and also the enormous amount of users across globe. Recently dozens of Android applications that cause harm to device has been revealed.

               Trend Micro detected a family of malicious applications that are being hosted in the Google Play Store has the capability of rooting almost 90 percent of Android devices.

                Rooting is the process of gaining super user privilege to the device. User who roots his/her mobile can customize anything from scratch, but it is highly not recommended due to the security risks it possess.

                 Rooting opens front door of the device for anyone and so any attack vector can attack the device. Its like the defense shield being teared apart. The apps are dubbed as "#Godless" has already been downloaded many times.

                 Once installed it uses Android Framework Tools to root the device and then it contacts the attackers Command and Control server and download the application further needed to exploit the devices.

                  It also make sure that it is not noticable to the users. It is highly recommended for any user to review the developer before downloading any applications from Google Play Store.

                 Many malicious applications are in the form of games, flashlight and other utilities for the devices.

P.S: The post is to create awareness and not to create any negative impact.

Google Prompt - Easier 2 factor authentication.

              Due to the increase in data breaches and the account hacks, it has been a tough time for everyone to secure their account from breaches. One of the solution exists till now is 2 factor authentication. Recently Google has made this 2 factor authentication a lot easier one.

               Many finds it difficult to use 2 factor authentication since it takes 10 to 15 seconds extra and also some other problems with devices. There is also an other way around to use Google Authenticator application that will generate the code everytime similar to RSA token.

               Now, Google made it very easier, all the user have to do is to just tap. Whenever the 2 factor authentication has been in effect, a popup message will arrive, just tap the message to sign-in. It is the pop up message through notification.

               To enable this feature login to the account and just enable 2 factor authentication and then select the "#Google Prompt" in the second dialog box and then provide the phone number from which the account has to be authenticated.

                Requirement for this feature to work is, if you own an Android device then updation of Google Play Store will do good. In case of iPhone, Google search application is needed and it should be signed in with the same account to use #Google Prompt.

P.S: The post is to create awareness and not to be missued.

Modify/Delete Facebook messages after sent to others.

            Facebook owned messenger has been used as a famous messenging service among users. It is very common question among users how to modify/delete the messages after it has been sent. Recently a security researcher has found a solution for this.

            Once the message has been sent from the Android messenger application it can be altered or deleted. Facebook messenger assigns a unique identifier to every message and it can be viewed from the php file.

            Once the php file has been comes up with the id of the message, it can be altered or modified and once it has been updated the target will get only the updated or revised message which has been updated recently.

           The bug however is a simple has been notified to the Facebook and they stated that the bug doesnot possess serious threat as they are using Anti-Spam and Anti-Malware solutions in their systems.

           Only the Android version of Facebook messenger application has this simple bug and has been patched by the Facebook team.

           The way how to do it is published online and it can be viewed here.

P.S: The post is to create awareness and not to be misused.

Earn more Gems for Clash of Clans, Diamonds for HayDay.

           "Desire is the root cause of all miseries". It is true that curiosity or the desire for wrong deed costs more. Hay Day, Clash of Clans are the games that has billions of users across globe and is very famous. This article will explain you #how to get more gems.

            Before that let me explain the working of those games. They are server side games in which your device will only have the client package that receives data from the server everytime you load the app. This is why you need Internet connection for playing those games.

             Your application will update the information at regular time basic like if you lose gem by 2 it will be updated to the server. If you exit the app the last update will be saved and sent to the client when you load after some time.

              There are games in olden days in which total game will be installed in the device which allow some pretty hack like cheat code. Imagine you are playing hay day and you are having 10 diamonds, you are tampering the request and make it 100 and send it to the server, the server will validate it by calculating the distance. Is it possible to get 90 diamonds in a second? No, server discard the request and the app will exit or restart with old settings.

               All requests will be validated by the server before updating the setting. Now imagine is it possible to get more gems, diamond by easy click and go process? Few days back I personally received a story from my friend.

               Player of CoC receives a whatsapp message from a person stating "Wanna get more gems click the link below", clicking the link and entering some details make me lose the game and also ACCESS to GMAIL account (Remember Google has Single Sign On mechanism which allows you to access all google product with one service signed in). Now game lost, account loss, not to mention Android phone has your google account linked.

               Adverse effects of clicking the link are

1. Loss of game
2. Loss of gmail / any account access
3. Some action can be taken in Android phone since it is integrated with google account.

              Beware of these type of messages as they are spreading in massive amount. It may affect the system also. Never go for any hack available online or any download file which may be a malware. 

P.S: The post is to create awareness and not to create any negative impact.

Either Encryption or AI - Facebook Messenger App.

             Every giant in Internet service domain started offering End to End Encryption so as to protect the data that has been sent between entities without being monitored in between. Recently Facebook set to roll out a new feature in its messenger application.

             Facebook is rolling out its messenger application that offers either End to End Encryption or Artificial Intelligence as opt in feature. Many researchers debated over the opt in feature available in smarter Google app.

             Users are allowed to select either encryption or smarter bot feature. With this feature the application will make flexibility to user to decide whether they want either privacy or smarter app.

              Facebook is yet to roll out the version and by updating the application users can enjoy this new feature.

P.S: The post is to create awareness and not to create any negative impact.

Don't have Facebook Account ? No need they can track you.

       Facebook being one of the giant in Social Networking get its major share of revenue from advertisements. They are using targeted Ad service to gain money. Recently there has been a statement that Facebook can track even if user don't have account.

        Google owns one of the Ad service in the name of Adsense which will display the targeted ad to their clients. This is by monitoring the user activities online. To make it simple go and visit any commercial portal and look for an item, you will see the same in whatever page you loaded provided it is Adsense powered.

         Likewise Facebook is going to extend their business beyond Social Networking and they are gonna use Third Party Cookie information that supports Facebook plugins to provide targeted ad to the audience.

        Facebook states that they are not selling any user data to marketing agency but they got a huge amount through marketing in the first quarter alone.

       With this huge step there is no need that one should have an account in Facebook to get targeted Ad now even a person with no Facebook account can get Ad from Facebook through third party cookie information.

P.S: The post is to create awareness and not to create any negative impact.

Google Trust API to replace passwords.

          Passwords are used from very olden days to provide authentication to any service. It is to be noted that the password strength plays a major role in the security of the system. Recently Google introduced a new way to replace passwords.

          Many people are not aware of the password strength or having negligence decided to use simple passwords such as "123456" or "p@ssw0rd" as their account passwords.

          There has been many hacks due to the simple passwords, but many are not even changing their passwords keeping it vulnerable.

          Google inorder to keep it low introduced a new way of authentication known as #Trust API that can identify a person who they are claiming to be.

           This API idenifies a person by taking Biometrics into consideration such as face and also other parameters such as voice pattern, typing pattern and timings, location. These parameters are considered and then decision is made.

            Earlier there has been a method that the device unlock and lock if it is under a specific location and this is the upgraded version to it in the name of #Trust API.

            If the parameters fails to identify a person then he / she will be asked to enter their password in order to provide access to the service.

P.S: The post is to create awareness and not to create any negative impact.

How to decrypt TeslaCrypt Ransomware.

          As an advancement in malwares, its period for Ransomwares. It encrypts all the files in the computer or device and demands a ransom to be paid in the form of Bitcoins to get the decryption key. Recently they released the master key for TeslaCrypt.

          #TeslaCrypt is one such ransomware that demands around $500 in the form of Bitcoins as ransom to provide decryption key to the victims. Now the master key that decrypts the files has been released, not by any security professionals but by the ransomware authors themselves.

           The ransomware authors posted that "Project is Closed" and they also posted the decryption master key with which all the files can be decrypted. Eset developed a new free decrypter tool to decrypt the files.

           If you are one of the victim of #TeslaCrypt you can decrypt your files using either using this tool or using this tool.

           For any analysis the master key is as below

440A241DD80FCC5664E861989DB716E08CE627D8D40C7EA360AE855C727A49EE

           The main reason for the attack of ransomware are

1. Downloading attachment in email from unknown sender.

2. Visiting or initiating download from unknown or fake site.

3. Malware infection.

P.S: The post is to create awareness and not to create any negative impact.

Android Instant Apps.

         Android owns a lion share in smartphone market and is being used by billions if users world wide. Android is bringing many awesome features these days. Recently in the developer conference a new cool feature has been released by the team.

          Consider you are going to book a movie ticket but doesnot have the corresponding application. You may download the application or share it from friends, but these options seems to be a tedious some times. Google came up with an idea to solve the issue.

           Hereafter no need that you have to install the application or download the application to execute them, just use them. All you have to do is to click on the URL use the application then close the window.

           It is not like opening the application in the browser, the concept is known as #Instant apps. All the user have to do is to click on the corresponding URL and then the miniature version of the application pops up, make the action then close the application.

            No need for bandwidth consumption and waiting to download the application but the existing apps has to be modified by the developers to meet this new feature.

            It also offers "Call to action" with which the application can be downloaded if the user finds it interesting. The feature will be released offically and it will be supported by Android 2.2 (Jelly bean) and later versions.

P.S: The post is to create awareness and not to create any negative impact.

Allo Duo - Smart Apps from Google.

           Google has been researching in the field of AI (Artificial Intelligence) for quite long time and have made many advancements. Now they have introduced a new application that uses AI. The app is said to be more smarter.

            #Allo is a messaging application that uses AI to give more smarter answer and then uses the machine learning that helps in growing smarter. It gives replies to the users in the form of pictures and also in the form of stickers and emoticons.

            Allo is powered with Google search engine and which can be used by typing @google to invoke the feature while chatting with others. It also makes a search with pictures to find the picture that you are interested or thinking.

            Allo can also be used to book hotels, restaurants and also finding scores and make a Google search. It also offers End to End Encryption if activated the #incognito mode.

             Duo is the video calling application that also uses End to End Encryption to secure the chat and also Allo offers the feature of expiring chats.

             The application is yet to be released officially by Google for both Android and iOS users.

P.S: The post is to create awareness and not to create any negative impact.

Microsoft removes Wi-Fi Sense Password Sharing feature.

             Microsoft released its latest version of operating system in the name of #Windows 10. It has many new features and one among them is Wi-Fi Sense password sharing. Recently Microsoft decided to remove Wi-Fi Sense password sharing feature.

             Wi-Fi Sense password sharing feature let others connect to the network and it let others share the network. There is no option to select any selected contact for sharing Internet.

              The password can be shared with contact list in Facebook but can't select any separate contact. This feature is not widely appreciated though. Through this option it is possible to conduct Man in the Middle attack.

               With fewer response from the users, Microsoft planned to drop the feature in its latest release Windows 10 build 14342. This version has been released for testing. 

                The company will remove Wi-Fi sense password sharing option from its anniversary update, but the company will keep Wi-Fi sense features that let users to connect to open networks.

P.S: The post is to create awareness and not to create any negative impact.

WhatsApp for Desktop and Mac.

           WhatsApp being one of the famous application used by billions of users globally has new feature. Earlier this year the company rolled out End to End Encryption for all users. Recently WhatsApp released its official desktop software.

            Few months back, WhatsApp released its web client through which any user can use WhatsApp through the browser if it is compatible. After that it offered End to End Encryption to its billion users as default setting.

            Now the company has released desktop software for using the service. It is available for both Windows and OS X. All that need is to have Windows 8 and above for Windows users and OS X 10.9 or above to work.

            With this new release any user can use the service through this software. Once installed, just scanning the QR code as in case of web client will make it work.

             The software is released officially and is available for download. You can visit the page here for direct download link.

P.S: The post is to create awareness and not to be misused.

Apple's iMessage on Android phones.

          Apple provide an encrypted messaging system in the name of #iMessage that allows Apple users to send end to end encrypted message. Recently a developer came up with the solution to send iMessages to Android phones.

           It needs a Mac or iMac for messaging. The service is not provided by Apple officially and is done by a developer through a smart little hack.

           The name of the code he developed is known as #PieMessage. It needs a OS X client as a server to route the messages to an Android phone. The entire work is done by Mac systems.

           It receives the Apple script to capture iMessages as they arrive on the system and then uses Java app to scoop the message. It then forward it to the Android phone which will inturn display in the custom application.

          The limitations are one can't send group message but can receive one and it will not show "typing" message. Apple may block this service in near future as it may cause risk.

           The developer released PoC for public reference and also the code is available online through GitHub.

P.S: The post is to create awareness and not to be misused.