Show Mobile Navigation
Security
Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

How to Protect Your Computer from Ransomware Attack

Hemant Verma - 4:13 PM
On the 12th May 2017 a cyber attack happened by some hackers in Europe and this is one of biggest cyber attack  in the history of cyber crime because this kind of attack still not happened in the history of cyber world.


This insanely fast-spreading threat that has already hacked nearly 200,000 Windows PCs over the weekend. 


In the first few hours, 200,000 machines were infected. Big organizations such as Renault or the NHS were struck and crippled by the attack.

The attack is believed to be the result of "RANSOMWARE", a type of malware that been used by computer hackers for many years to capture information, extort money or force people or organisations to behave in certain ways.


Now First get to know that "What is Ransomware"?

Ransomware - This is a kind of malware or in simple words, this is computer virus that has been used by the hackers to steal the important information by the govt. or from any organisation or to hack the bank accounts to capture their money or transfer their money in their account.

Hacker make this malware and do attack on the govt. sites to capture their whole data and then they demands for money to realise captured data.


Who Attacked from Wannacry Ransomware?

This attacked by the Wannacry:- Wannacry is a ransomware computer worm that targets the Microsoft Windows operating system. The virus was used to launch the WannaCry ransomware attack.

Update: Google Researcher Finds Links Wannacry Ransome's with North Korea 


How Ransomware can harm your Computer and to your Life?

In most cases, the malicious program infects computers through links or attachments in messages known as phishing emails.

"The age-old advice is to never click on a link in an email," said by a senior malware intelligence researcher at Malwarebytes, a San Jose-based company that has released anti-ransomware software.
"The idea is to try to trick the victim into running a malicious piece of code."

The malicious program is usually hidden within the links or attachments which come in emails. The clickbait might just compel the user to click on the link. When the user clicks on such links or downloads such documents, it is then when the malware is installed in the background without the knowledge of the user.

As we already mentioned that this kind of malware mostly attacks on the Windows Operation System like Windows XP, Windows 7, Windows 8.1, Windows 10 etc and also on all Windows Operation Systems like on DOS also. So, this malware can hack all ATMs who runs on Windows OS and also can hack all servers who still depends only on the Windows OS. 


What would be it's Effect in India?

India is world's major country and also stands in the world's top 20 country and it's Economy also growing day by day, Many outside countries are coming in India for growing their business, so it's a leading mentor for across the world, that why they also can harm India too, as we also knows that mostly the ATMs in India is operating on the Windows. So, it can be harmful to India as well.


What do they want from us?

If hackers hack your site or any thing and then they want money to realise our site they always wants money in the BitCoin form. IF they are asking money to you, don't give money to them else they can hack another pc and they will ask money also from them.

do you know the rate of bitcoins?

This is Rate of Bitcoins to Dollars






Reaction from the peoples across the world who hacked by Wannacry Ransomware....

It happened Till Yet

My entire music collection from the past 11 years got encrypted by ransomware.
Is there anything I can do about it?
They’re asking for $500 for the decryption key.
My photos and videos of my wedding has been hacked and they contains some very private photos and video as well:
They are asking 50 Bitcoins to decryption key and give my data back?
He looked down and said a bitter „no”.


How to Protect Your Computer from Ransomware Attack?

1. Always Install Security Updates

If you are using any version of Windows, except Windows 10, with SMB protocol enabled, make sure your computer should always receive updates automatically from the Microsoft, and it’s up-to-date always.

2. Patch SMB Vulnerability

Since WannaCry has been exploiting a critical SMB remote code execution vulnerability (CVE-2017-0148) for which Microsoft has already released a patch (MS17-010) in the month of March, you are advised to ensure your system has installed those patches.

Moreover, Microsoft has been very generous to its users in this difficult time that the company has even released the SMB patches (download from here) for its unsupported versions of Windows as well, including Windows XP, Vista, 8, Server 2003 and 2008.

Note: If you are using Windows 10 Creators Update (1703), you are not vulnerable to SMB vulnerability.


3. Disable SMB

Even if you have installed the patches, you are advised to disable Server Message Block version 1 (SMBv1) protocol, which is enabled by default on Windows, to prevent against WannaCry ransomware attacks.


Here's the list of simple steps you can follow to disable SMBv1:


  • Go to Windows' Control Panel and open 'Programs.'
  • Open 'Features' under Programs and click 'Turn Windows Features on and off.'
  • Now, scroll down to find 'SMB 1.0/CIFS File Sharing Support' and uncheck it.
  • Then click OK, close the control Panel and restart the computer.



4. Enable Firewall & Block SMB Ports

Always keep your firewall enabled, and if you need to keep SMBv1 enabled, then just modify your firewall configurations to block access to SMB ports over the Internet. The protocol operates on TCP ports 137, 139, and 445, and over UDP ports 137 and 138.


5. Use an Antivirus Program

An evergreen solution to prevent against most threats is to use a good antivirus software from a reputable vendor and always keep it up-to-date.
Almost all antivirus vendors have already added detection capability to block WannaCry, as well as to prevent the secret installations from malicious applications in the background.


6. Be Suspicious of Emails, Websites, and Apps

Unlike WannaCry, most ransomware spread through phishing emails, malicious adverts on websites, and third-party apps and programs.
So, you should always exercise caution when opening uninvited documents sent over an email and clicking on links inside those documents unless verifying the source to safeguard against such ransomware infection.

Also, never download any app from third-party sources, and read reviews even before installing apps from official stores.


7. Regular Backup your Files: (imp)

To always have a tight grip on all your important documents and files, keep a good backup routine in place that makes their copies to an external storage device which is not always connected to your computer.
That way, if any ransomware infects you, it can not encrypt your backups.


8. Keep Your Knowledge Up-to-Date (imp)

There's not a single day that goes without any report on cyber attacks and vulnerabilities in popular software and services, such as Android, iOS, Windows, Linux and Mac Computers as well.

So, it’s high time for users of any domain to follow day-to-day happening of the cyber world, which would not only help them to keep their knowledge up-to-date, but also prevent against even sophisticated cyber attacks.

Individuals and small businesses should: (in short)
  • Run Windows Update to get the latest software updates.
  • Update your windows to latest patches.
  • Make sure any anti-virus product is up to date and scan your computer for any malicious programs. It's also worth setting up regular auto-scans.
  • Back up important data on your computer in case it gets held for ransom.

What to do if WannaCry infects you?

If WannaCry ransomware has infected you, you can’t decrypt your files until you pay a ransom money to the hackers and get a secret key to unlock your file.

Never Pay the Ransom:

It’s up to the affected organizations and individuals to decide whether or not to pay the ransom, depending upon the importance of their files locked by the ransomware.
But before making any final decision, just keep in mind: there's no guarantee that even after paying the ransom, you would regain control of your files.

Moreover, paying ransom also encourages cyber criminals to come up with similar threats and extort money from the larger audience.

So, sure shot advice to all users is — Don't Pay the Ransom.


The Ultimate Online Privacy Guide

Hemant Verma - 4:56 PM
Not everyone has had the opportunity to take the time and read a ton of information on online privacy, but I will explain what I know in detail to make things easier. Sometimes we all worry about our privacy being leaked somehow to the internet, but with a little care and measures taken you will never have to worry about something like that happening to you. Today I would like to go through some very important steps you should use to watch out for attacks and prevent them from happening.


Trusting with Social Media

I know in today’s society everyone likes to share their events with family and friends through social media, but the majority of the time most have total strangers also. You should make sure who you have as friends on these social media sites as sharing too much information can be a very common thing.
Did you know that most social media sites contain a GPS system for all your posts allowing people to see where you are posting from whether it is text or photos? Turning these sorts of features off is vital for your own personal safety and to help prevent any sort of privacy invasion.

Creating Complex Password

Using the internet means you will have multiple accounts floating around in cyber space. It is wise to have unique and complex passwords attached to these accounts especially if they are accounts that may contain very personal information such as bank statements or credit card numbers. If you are like me and have problems creating complex passwords on the fly, then you might want to check out generators online, or check out some really nice detail guides on how to transform an everyday password into something hard to crack.


Unsolicited Emails and Filtering

There have been many cases where people get scammed due to email phishing and fraudulent government mail. How email phishing works is frauds will attempt to contact you with an address that looks relatively similar to its official counterpart in order to fool the user into giving up important information. 
Try to stay away from any attachments that might be added with these types of email as they could be malware or system hostage bugs. Some of the information these scams usually request are:
  • Home Addresses
  • Full Names
  • Medical ID Numbers
  • Social Security Numbers

Disposing of Devices Correctly

Everyone has a few old devices lying around the house, phones, old beat up hard drives, and even tablets. These devices should be properly disposed of as they could contain vital information without you even knowing, even though it is a physical object it can affect your online life. Take the time to properly format drives and delete old contacts, if you have problems doing so you can look online for digital manuals that can guide you through the process.


Public Wi-Fi Use

It is now easier to find free public Wi-Fi than it is to get a free glass of water, but did you know these connections are extremely unreliable? Most Wi-Fi connections are not secured and can be hacked by a lurker attempting to steal someone's identity or banking information.
There are many hackers that use luring public network names to basically reel in people. Once connect to “Free Network” you are now going to get streamed and even stripped of all private information. A great way to make sure you don’t fall victim to these types of scams is to ask around to see if it is a legit connection. If at a cafĂ© don’t be afraid to ask the waiters, as it could potentially bite you in the rear.


Virtual Private Networks

These are tools to mask the users from basically anything online, if connecting to a public Wi-Fi network you instantly become undetectable. It is highly recommended to activate a virtual private network when outbound, as it can protect your system from malware or human invasions. Getting into detail, what the program does is takes all the information that goes into and out of your system and scrambles it, using encryption software, making it unreadable to hackers.
This is also a great way to bypass restriction like country censorship and administrative blocks. When traveling, a virtual private network can be used for many purposes, and that is why it is high on my list of online security.


Anti-Virus

With people being more aware of what’s out there, the anti-virus market has risen and now is flooded with many mainstream brands. I will say that most anti-virus programs due offer their own unique look at online crime fighting. Taking the time to look through them all and research them would be your best bet as some might not be offering what you are looking for.
The good thing about anti-virus software is that you will always be warned if being attacked and will always be updated to fight against some of the more advanced malware and malicious website phishing schemes.
I hope you are able to put some of these protection methods into practice and keep yourself safe when surfing the web. Knowing what threats are out there and knowing how to disable them is the best thing anyone can learn as a computer user. Identity theft is a serious matter and with technology becoming easier to handle, I am afraid things will only get easier for criminals.


About The Author:

This guest post was contributed by Caroline on behalf of www.securethoughts.com, one of the best possible online sources for information regarding internet security. Caroline is a technology enthusiast and blogger who enjoys writing about technology and her main area of interest is internet security.


Facebook Legacy: What Will Happen With Your Facebook Account When You Die?

Hemant Verma - 10:44 PM
When I Die, I'd like someone to keep updating my Facebook Status, just to Freak people out, because who knew I’d have WiFi signal up there. Jokes apart, Facebook has fulfilled my this wish as well.
The social networking giant is giving its users control over what happens to their Facebook accounts when they die.



See a Real Hacker Boy GIF Shows True Faces of Cybercrime

Hemant Verma - 9:23 PM
The idea behind the movie "Blackhat," released in January, is not unheard of in the real world of hacking. It tells the story of a hacker turned informant who helps the government root out the perpetrators of cyberattacks in exchange for an ease on jail time for his own crimes.

We've seen this before. Take the case of Hector Monsegur, aka Sabu, who turned on the hacking group Anonymous, acting as a mole for the FBI.

See More: Top 10 Hackers of India


How to Spy on Others Websites?

Hemant Verma - 12:45 AM
There are times when most of us would not mind doing the most condemnable acts to beat our competitors and to promote our business.
I myself have devoted a lot of time to study the strategies followed by some best bloggers whom I have deep respect for.

Though we do have some tools, techniques and apps which can help us take our online competitors hands-on, let us talk about the strategies we need to adopt for the same.

  • Know Thy Rivals’ Psyche
First of all, try to bear in mind that your rivals, like you, are vying for the top position in search engine rankings. It holds as much value and importance for them to get to the enviable positions on Page 1 as it would to you.
They also probably think the same way as you do. So, how can you study their techniques, get to the bottom of their strategy and eventually beat them to get on the top of the rankings chart?
  • Keywords in Bold And/ Or Italics
Secondly, look for all the words your rivals are putting in bold and/or italics. Though most experts would want to suggest that doing so does not help you get any extra mileage to help get your keywords noticed, your competitors might be using this old trick which you gave up long ago to get noticed by search engine crawlers. So, if you can spot your rivals’ keywords with just a cursory glance, could it get any better for you?
  • Is He Into Affiliate Marketing?
Are your rivals promoting certain products and planning to earn as affiliates?
If yes, what are the products and/ or services they are promoting?
What are the anchor texts?
What are the underlined, bold or italicized words?
  • Keywords Appearing all Over the Page
If you have been unable to spot out the competitors’ keywords using both the techniques listed above, take a close look at the url first.
Now see if he is trying to use the same keywords as anchor texts.

After that, you might be able to spot them in the content as well. And might discover a few of them appearing more than once on the page.
Doing this, you will be able to know for sure your rivals are looking to get ranked for.
  • The Source Code
Now, getting to the source code is the best way out of getting to know your rivals’ keywords, no matter how hard he has tried to keep them hidden or not to reveal them.
Press Ctrl+U on any webpage to know its source code.
Once you see that, you can press Ctrl+F to see a search bar at the bottom of the page.
Look for the following things in the source code:
  • Keyword: it will not be easy to know the exact keywords your rival is trying to optimize for if you haven’t been able to do it so far, because he obviously knows how to keep them hidden. If you can see a Keywords MetaTag, you will know them.
  • Description: This description can appear anywhere along the source code. Try to read this meta description and try to spot out the mirrored keywords from here. If the rivals’ meta description is really smartly written to get the maximum mileage out of 160 characters, try getting a few cues from it and improve your own meta description using that.
  • H1 tag:  Taking a close look at the H1 tag and the text that has been inserted therein to get to know the keywords better.
  • ALT text: Most smart website builders insert one or few keywords in the Alt text whether or not their websites are image based. Look at the Alt text of the images on the page to know the keywords better.
Conclusion
Once you have done a thorough investigation of your competitors’ website(s) using the simple techniques listed here, you will find it easier to beat them because you will be able to create a keyword profile which is wide and varied.
And you might come across a few keywords which get more monthly searches, have a really high CPC and lower competition than the ones you were previously targeting till now with much lesser effort.

About Author:
This article is written by Amit Pal from Pune and he is a newbie in blogging of web and tech writing, He doesn't belongs to any blog but he is still doing his best with his first blog and that will be www.palswebtech.in

Vulnerability found in the All in One SEO Pack of WordPress Plugin

Hemant Verma - 3:14 PM
The team behind on the All in One SEO Pack just released a new version of their popular WordPress plugin.

It is a security release patching two privilege escalation vulnerabilities we discovered earlier this week that may affect any web site running it.


What is Risks?

If your site has subscribers, authors and non-admin users logging in to wp-admin, you are a risk. If you have open registration, you are at risk, so you have to update the plugin now.

While auditing their code, we found two security flaws that allows an attacker to conduct privilege escalation and cross site scripting (XSS) attacks.


Top 10 Hackers of India

Hemant Verma - 6:22 PM

Hacking and Hacker word is very unique in it and there is several hackers in the world some are hide and some are open and many of them is white hacker and many of them is black hacker, but some hacker do not show them self's and we want to tell you that indian hackers are also very good they can also break many security walls of internet. We just want to show Top 10 Hackers of India. You how to hack website, How to Trace a website. How to Send secret data to others. If you want to make your server undetectable, you need to know how AVs work and
how they detect your files, right? There are a few ways that AVs use to detect your server heuristics, sandboxing etc.



Previous
Editor's Choice

 



Make Your Blog Like a Pro
About | Contact | Affiliates | Privacy Policy | TOS