Disqus for Cyber Fort

Showing posts with label hacker's view. Show all posts
Showing posts with label hacker's view. Show all posts

Thursday 13 February 2014

J.A.R.V.I.S : Artificial Intelligence Assistant Operating System for Hackers

Be The First To Comment

A group of Indian Hackers has designed Artificial Intelligence Assistant Operating System called 'J.A.R.V.I.S' , who recognizes them, answer questions, tweet for them and Collect information, scan targets for them.

Chiragh Dewan, a 18 year old student who is currently pursuing his BCA has taken the initiative to be the first Indian to complete this project J.A.R.V.I.S , which is inspired by Iron Man’s (movie) artificial intelligence assistant Jarvis.
With his team of 7 including Himanshu Vaishnav, Mayur Singh, Krishanu Kashyap, Vikas Kumar, Vinmay Nair and Sravan Kumar, they are about to finish the 3rd level of the project.
Their long term goal is to create an OS which could adapt itself according to the user's needs. Like if a doctor is using the OS, it will adapt itself so as it is capable of helping him out in his field like searching for new techniques, medicines, help in their research, etc. Add for architects, other professions. 
Project Task Completed: In the current version of Jarvis v1.0, it is capable of:
  • Answering questions asked by the administrator
  • Compile reports on any topic asked by the user.
  • Control lights by voice.
  • Basic interaction with the user.
  • Handling Facebook, Email and Social profiles of users
  • Using Twitter Account with voice control
  • Basic OS kernel is ready.
  • Can Scan targets for Hackers
  • Gathering Basic information about the target
All the above functionalities are completely controlled by voice. It has only been four months since they have started this project and have achieved a lot in this short period of time.

The team will announce the OS publicly soon after completion of phase 3, but for now Chiragh proudly shows off his creation on the J.A.R.V.I.S project website.

Read More

Top 7 Best Operating System For Hacking

Be The First To Comment


Hacking is not an art than can be mastered overnight, it requires dedication and off-course time. Have you ever thing why Hacking is possible because of “unaware developers and inappropriate programming techniques” . As a Ethical hacker i personally realize that You can never stop hackers to hack something, you can just make his task harder by putting some extra security. if you are really interested in Hacking, You need to be know Which Operating systems are used Hackers.

Today i want to say u that which is the best operating system for hacking a/c hackers .
1.  Kali Linux :-



Kali Linux is an advanced penetration testing tool that should be a part of every security professional’s toolbox. Penetration testing involves using a variety of tools and techniques to test the limits of security policies and procedures. What Kali has done is collect just about everything you’ll need in a single CD. It includes more than 300 different tools, all of which are open source and available on GitHub.
2. BackTrack 5r3 :-

The evolution of BackTrack spans many years of development, penetration tests, and unprecedented help from the security community. BackTrack originally started with earlier versions of live Linux distributions called Whoppix, IWHAX, and Auditor. When BackTrack was developed, it was designed to be an all in one live cd used on security audits and was specifically crafted to not leave any remnants of itself on the laptop. It has since expanded to being the most widely adopted penetration testing framework in existence and is used by the security community all over the world.
3. BackBox Linux :-

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools.
4. Samurai Web Testing Framework :-

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.
5. NodeZero Linux :- 
Best-operating-system-used-for-Hacking1
Penetration testing and security auditing requires specialist tools.The natural path leads us to collecting them all in one handy place. However how that collection is implemented can be critical to how you deploy effective and robust testing.
All though NodeZero Linux can be used as a “Live System” for occasional testing, its real strength comes from the understanding that a tester requires a strong and efficient system. This is achieved in our belief by working at a distribution that is a permanent installation, that benefits from a strong selection of tools, integrated with a stable linux environment.
6.  Knoppix STD :-
STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.



7.  CAINE :-
Best-operating-system-used-for-Hacking1
CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics
CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.



Read More

Monday 13 January 2014

MIT University website defaced by Anonymous hackers in honor of Aaron Swartz

1 Comment

Today is January 11, 2014 and the last year on the same day a 26-year-old, young hacker, Reddit cofounder and the digital Activist, Aaron H. Swartz committed suicide. He found dead in his Brooklyn, New York apartment, where he had hanged himself.
Swartz was indicted by a federal grand jury in July 2011, accused of hacking the MIT JSTOR database and stealing over four million documents with the intent to distribute them.

He could have prison for 50 years and $4 million in fines by the Court, but before that he committed suicide in fear. Swartz's father, Robert, later blamed the MIT and the judiciary system for his son's death.

On the first Anniversary of Aaron Swartz, today the Anonymous group of hackers defaced the sub-domain of the Massachusetts Institute of Technology (MIT) website (http://cogen.mit.edu/) for about an hour as part of #OPLASTRESORT.

Defacement page was titled 'THE DAY WE FIGHT BACK'. The message posted on it, “Remember The Day We Fight Back, Remember. We Never Forget, We Never Surrender, Expect Us.”
At the time of writing, the domain was down. The attack on the website of MIT is a part of the tragic suicide of hacker Aaron Swartz to give him tribute.

It was the MIT's role in the federal prosecution against an activist, which ultimately led to him committing suicide, but the U.S Government has not learned anything and they are planning to make laws stricter against hackers. Recently, The Senate Judiciary Committee Chairman 'Patrick Leahy' reintroduced a revamped version of the "Personal Data Privacy and Security Act" for tough criminal penalties for hackers. The new bill suggests 20 years in prison, rather than 10 years (currently) and also recommending to give same penalties for the hackers who even attempt to hack the systems, but doesn't succeed.
Read More

Wednesday 1 January 2014

Snapchat Got Hacked 4.6million Users Phone Numbers Leaked Online

Be The First To Comment
Snapchat Got Hacked 4.6million Users Phone numbers Leaked Online. First biggest hack starting with this New Year 2014. ZDnet has reported earlier that, "The Australian hackers announced its publication of Snapchat's API and the two exploits on the GibSec Twitter account on Christmas Eve ".
After this report hackers  use this trick and create a Video to access Snapchat hacks.

video



 Snapchat is a photo messaging application developed by Evan Spiegel and Robert Murphy, then Stanford University students. Using the app, users can take photos, record videos, add text and drawings, and send them to a controlled list of recipients. These sent photographs and videos are known as "Snaps".

When cyber security researcher submits website exploit report to companies, they didn't take it seriously. If Snapchat took action on these exploits before, then this was not happened.

As before True caller database was also hacked in July 2013. we hope other social network website will learn from these hacks and will more secure their servers.

Now SnapchatDB.info has been suspended after this leaked.

Read More

Sunday 8 December 2013

Attention: The NSA is Tracking Online Porn Viewers to Discredit

Be The First To Comment

Sitting on the wire, the NSA has the ability to track and make a record of every website you visit.  Today, the Huffington Post revealed that the NSA is using this incredible power to track who visits online porn websites, and to use this information to discredit those it deems dangerous. Their porn habits would then be "exploited to undermine a target's credibility, reputation and authority."   
The story was illustrated with six individuals, none of whom are designated terrorists themselves. Instead, they are deemed "radicalizers," people—two of which the NSA itself characterized as a "well-known media celebrity" and a "respected academic"—whose speeches and postings allegedly incite hatred or promote offensive jihad. 
The report raises the specter of abusing online viewing records to discredit other political opponents of the US government. The NSA document was reviewed not just by the NSA and counter-terrorism officials, but by entities like the Department of Commerce and the US Trade Representative. The USTR negotiates treaties (like the controversial Trans-Pacific Partnership), and one could certainly imagine that the leverage from this program could be useful in pushing for the US position. In fact, EFF and three dozen civil society groups have already asked the NSA to explain if they are spying on those advocating for the public interest in US trade policy.
Ed Snowden's latest revelation may leave SEC officials quaking as the NSA "has been gathering records of online sexual activity and evidence of visits to pornographic websites as part of a proposed plan to harm the reputations of those whom the agency believes are radicalizing others through incendiary speeches." Of course, as we have seen, this 'information' would never be used by the government for non-radical-terrorist suppressing reasons, as the ACLU notes, is is "an unwelcome reminder of what it means to give an intelligence agency unfettered access to individuals' most sensitive information using tactics associated with the secret police services of authoritarian governments."
Via Snowden...
The National Security Agency has been gathering records of online sexual activity and evidence of visits to pornographic websites as part of a proposed plan to harm the reputations of those whom the agency believes are radicalizing others through incendiary speeches, according to a top-secret NSA document.

The document, provided by NSA whistleblower Edward Snowden, identifies six targets, all Muslims, as “exemplars” of how “personal vulnerabilities” can be learned through electronic surveillance, and then exploited to undermine a target’s credibility, reputation and authority.

The NSA document, dated Oct. 3, 2012, repeatedly refers to the power of charges of hypocrisy to undermine such a messenger.”
Full ACLU Statement:
The NSA considered discrediting six people by revealing surveillance evidence of their online sexual activity, visits to pornography websites, and other personal information, according to a report today in The Huffington Post. The article cited documents leaked by former NSA contactor Edward Snowden. The targets of the NSA’s plan were all Muslims whom the NSA characterized as “radicals” but who were not believed to be involved in terrorism. The documents say one of the targets was a “U.S. person,” a term describing American citizens and legal permanent residents, but all of the targets were reportedly outside the United States.

American Civil Liberties Union Deputy Legal Director Jameel Jaffer had this reaction:

“This report is an unwelcome reminder of what it means to give an intelligence agency unfettered access to individuals' most sensitive information. One ordinarily associates these kinds of tactics with the secret police services of authoritarian governments. That these tactics have been adopted by the world’s leading democracy – and the world’s most powerful intelligence agency – is truly chilling.”

The administration keeps on attempting to justify the NSA spying by claiming there is oversight from the other branches of government. But, as Pentagon Papers whistleblower Daniel Ellsberg noted in the Why Care About NSA Spying video, spying makes a mockery of that separation. How can that oversight be meaningful if the NSA's huge storehouse of information contains the private viewing habits of every senator, representative, and judge? When the only protection against abuse is internal policies, there is no serious oversight. Congress needs to take action now to rein in the spying.


Read More

Saturday 7 December 2013

2 million Facebook, Google, Twitter passwords stolen

Be The First To Comment
Times of India |1 day ago |Posted By: landmarkvacanc ymanagemen
Security experts have uncovered a trove of some 2 million stolen passwords   to websites including Facebook, Google, Twitter and Yahoo from internet users across the globe. 

Researchers with Trustwave's SpiderLabs said they discovered the credentials while investigating a server in the Netherlands that cybercriminals use to control a massive network of compromised computers known as the "Pony botnet." 

The company said that it has reported its findings to the largest of more than 90,000 websites and internet service providers whose customers' credentials it had found on the server. 

The data includes more than 3,26,000 Facebook accounts, some 60,000 Google accounts, more than 59,000 Yahoo accounts and nearly 22,000 Twitter accounts, according to SpiderLabs. Victims' were from the United States, Germany, Singapore and Thailand, among other countries. 

Representatives for Facebook and Twitter said the companies have reset the passwords of affected users. A Google spokeswoman declined comment. Yahoo representatives could not be reached. 

SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down thePony botnet server. 

An analysis posted on the SpiderLabs blog showed that the most-common password in the set was "123456," which was used in nearly 16,000 accounts. Other commonly used credentials included "password," "admin," "123" and "1." 

Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack. 

"People are using very dumb passwords. They are totally useless," he said.

Read More

Monday 25 November 2013

Top 5 Beautiful Female Hackers in the World

Be The First To Comment
Hacking has traditionally been a man’s world, but women are quietly breaking into the hacker subculture. Take a look at top 5 female hackers in the world.

1. Kristina Vladimirovna Svechinskaya



Kristina Svechinskaya, a New York University student is one of the most common names in the hacker’s world. She is Russian money mule maker who was arrested on November 2010 and accused of breaking into millions of dollars from several banks in Britain and America and for usage of multiple fake passports. Svechinskaya was dubbed "the world's sexiest computer hacker" for her raunchy, but casual appearance.


Svechinskaya used Zeus trojan horse to attack thousands of bank accounts along with nine others and opened at least five accounts in Bank of America and Wachovia to disburse the theft money. For all her hacking activities and for using the passports fraudulently it is said that she may have to pay huge penalty of 40 years of imprisonment. It is estimated that with nine other people Svechinskaya had skimmed $3 million in total.


2.Joanna Rutkowska

Joanna Rutkowska

Joanna Rutkowska is a Polish woman who is interested in the world of hacking security. Her name first became known as the Black Hat Briefings conference in Las Vegas, August 2006. Rutkowska presented during which the attack she had done to the security system windows vista. Not only that, Rutkowska also been attacked Trusted Execution Technology and Intel's System Management Mode. 

Early 2007 she formed Invisible Things Lab in Warsaw, Poland. A company that focuses on OS security research and consulting services as well VMM internet security. The year 2010 also Rutkowska with Rafal Wojtczuk form Qubes, an Operating System that is very full protect security. Rutkowska also open to advise Vice President of mikocok Security Technology Unit to further tighten the security system in windows vista. Waw, Rutkowska is a hacker who is very welcome to work with.


3. Ying Cracker

Ying Cracker

Cracker ying, a teacher from Shanghai China. SHe taught about the basic process of hacking guide, how to change the IP address or manipulate office password, wow!
She is also an expert in making software hackers.
In a forum titled Chinese Hackers Hottie, his name is much discussed and it makes its popularity gaining altitude. In the forum she's also got a lot of fans members. It was the beginning credibility soar.


4. Raven Alder

Raven Alder

Raven graduated from high school at the age of 14 and college at 18. She was the first woman to give a presentation at the DefCon hacker’s conference. Adler an half ISP engineer, half security geek, is a contributing author to several technical books, magazines and a frequent speaker at conferences She designs, tests and audits intrusion detection systems for large federal agencies. She has worked as a Senior Backbone Architect and Senior Security Consultant in IT security. Her interest in securing networks end-to-end has led her to examine and pioneer standards in the security of network infrastructure.




5. Xiao Tian 
 Xiao Tian
Xiao Tian, just out of her teenage became famous after forming China Girl Security Team, a group of hackers especially for woman which is China's largest today, the group has over 2,200 members. Tian created the now-infamous hacking team because she felt that there was no other outlet for teenage girls like herself in the male-dominated world of hacking. Its time to Move over male Asian nerdy computer geeks, female Asian nerdy computer geeks are here to stay.

Read More

Saturday 26 October 2013

The NSA’s Website (NSA.gov) Is Down

Be The First To Comment
The National Security Agency’s website has been down for at least 30 minutes. Officials have acknowledged the outage, but won’t say if it was hacked. At least a few Twitter accounts that sound like the elite hacktivist contingent, Anonymous, are taking credit.
Official Anonymous channels are just making fun of the outage:
To be sure, The NSA’s website has been hacked before. But, we won’t speculate, for fear of perpetuating the kinds of rumors implied by this delightful XKCD comic:














While we’re all waiting to figure out what went wrong, feel free to add your own Healthcare.gov jokes in the comments.
Update: LOLZ

Read More

Friday 18 October 2013

"LeaseWeb" Hacked by KDMS Team

Be The First To Comment
World's Largest Web Hosting company "LeaseWeb" Hacked by KDMS Team




LeaseWeb is one of the World's largest hosting provider has been defaced by Palestinian hackers, named as KDMS Team. LeaseWeb was also hosting provider for one of the biggest file-sharing website Megaupload in the past. Later Megaupload Founder, Kim Dotcom claimed that Leaseweb had deleted all Megaupload user data from 690 servers without warning.

The hacker group replaced the Homepage of the website for just a few hours with an Anonymous Palestine, homepage titled "You Got Pwned" and the defacement message says:

     Hello Lease
     Web Who Are You ?
     Who is but the form following the function of what
     and what are you is a hosting company with no security
     KDMS Team : Well ,, We Can See That :P

We noticed that Attacker has just changed the DNS server to point the Domain to another server at 67.23.254.6, owned by the attacker. At the time of writing, Leaseweb team resolved the issue and get their Domain back to the original server.

But because the hack was done just a few hours back, Google DNS cache still pointing to domain to the attacker's server. Change your their DNS server to 8.8.8.8 and access LeaseWeb site again, you will be able to see the defaced page, as shown above.

The hacker also posted on the homepage,"Do You Know What That Means ? We Owned All Of Your Hosted Sites Index On Your Site Is The Prove ;)".

It seems a DNS hijacking only, But Hackers told The Hacker News, "We owned Leaseweb  Servers and kept some of their servers for us. But we only changed the DNS Server for now, because we faced some problems with the company website. Here, all what we need .. is to add our signature on their homepage to prove that there is not Completely Secure. If we can pwn them, we can hack other big providers too.,"

The hackers didn't claim that they get hold on customers' information or Credit card numbers. Stay tuned with us for further updates on this hack Story.

Update (9:35 PM Saturday, October 5, 2013 GMT): We contacted and ask LeaseWeb to provide an official statement over the Hack and claims by Hacker.

Update (5:51 AM Sunday, October 6, 2013 GMT): LeaseWeb confirmed the hack and tweeted, "Website should be back to normal in a few hours. No customer data compromised. We continue to investigate."

Hackers exploited a Zero-day SQL Injection flaw in Web Hosting software WHMCS used by LeaseWeb also.
 
Read More

Sunday 13 October 2013

Top 10 Most Hacking Countries

Be The First To Comment


1. China


The Chinese may not always guilty, but have a share of 41% of hacker attacks. Just one year before the Republic of China was responsible for only 13% of cyber attacks according to Akamai, and share in the third quarter was 33%.

2. U.S.A

Every tenth hacker attacks worldwide originated in the United States.

3. Turkey

Bronze medal for Turkey, accounting for 4.7% of global cybercrime.

4. Russia

Russia is considered to defuse the situation from 6.8% to 4.3% October-December 2012.

5. Š¢aiwan

Taiwanese are responsible for 3.7% of computer crimes at the end of 2012

6. Brazil

Brazil registered a decline of hacking attacks - from 4.4% at the end of 2011 to 3.8% in the third quarter of 2012 and 3.3% - in the fourth.

7. Romania

The seventh is Romania with a share of 2.8%.

8. India

India is responsible for 2.4% of hacking attacks worldwide.

9.Italy

Italy's share falling to 1.6%.

10. Hungary

Hungary is responsible for 1.4% of cyber attacks in late 2012.

Read More

Saturday 12 October 2013

Google Prevails in Legal Dispute Over Browser Tracking

Be The First To Comment


A legal dispute over Google's practice of tracking users to create targeted advertisements ended Wednesday as a federal judge ruled in the company's favor.
A class action lawsuit, titled Google Inc. Cookie Placement Consumer Privacy Litigation, was brought by web browser users who alleged that Google avoided browser security settings, using cookies to track usage on computers and mobile devices. The plaintiffs alleged that the company wrongfully maneuvered its way through browser security. They further claimed that this tracking information informed Google's use of targeted ads.
The lawsuit, which also named online advertisers Vibrant Media and Media Innovation Group, was thrown out by a federal judge in Delaware on Wednesday. Judge Sue Robinson acknowledged the fact that the companies in question avoided browser security, tracking the users, but said the plaintiffs did not prove they suffered damage from this action.
In an official document reproduced by CNET, the judge explained the reasons for the decision. Chief among these is the argument that "the transfer of inputted information (which would have occurred regardless of Google's placement of cookies) does not rise to the level of a serious invasion of privacy or an egregious breach of social norms."
What do you think of the ruling? Tell us your opinion in the comments below.
[via Wall Street Journal, CNET]
Image: Flickr, Victor1558

Read More

Friday 11 October 2013

Some Unwanted Computer Security Threats

1 Comment
Computer security threats are relentlessly inventive. Masters of disguise and manipulation, these threats constantly evolve to find new ways to annoy, steal and harm. Arm yourself with information and resources to safeguard against complex and growing computer security threats and stay safe online.

image credit - www.schoolcounselor.com  


                          
Computer Virus Threats

Perhaps the most well known computer security threat, a computer virus is a program written to alter the way a computer operates, without the permission or knowledge of the user. A virus replicates and executes itself, usually doing damage to your computer in the process. Learn how to combat computer virus threats and stay safe online.

Spyware Threats

A serious computer security threat, spyware is any program that monitors your online activities or installs programs without your consent for profit or to capture personal information. We’ve amassed a wealth of knowledge that will help you combat spyware threats and stay safe online.

Hackers & Predators

People, not computers, create computer security threats and malware. Hackers and predators are programmers who victimize others for their own gain by breaking into computer systems to steal, change or destroy information as a form of cyber-terrorism. What scams are they using lately? Learn how to combat dangerous malware and stay safe online.

Phishing Threats

Masquerading as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages. How can you tell the difference between a legitimate message and a phishing scam? Educate yourself on the latest tricks and scams.

Read More