Risks and threats by using chatting applications..

Security risks by using chatting applications:

                      Crackers or blackhat hackers have consistently used IM networks as vectors for
             delivering phising attempts, poison URLs and virus-laden file attachments. For ex: IM used
             to infect computers with spyware,viruses,trojans and worms.
                      
                      In addition to the malicious code threats, the use of instant messaging at works also
             creates a risk of non-compliance to laws and regulations governing the use of electronic
             communications in business.

                     Organisations of all types must protect themselves from the liability of their employees
             inappropriate use of IM. The informal, immediate and ostensibly anonymous nature of  
             instant  messaging makes it a candidate for abuse in the workplace.
   
                     Cyber criminals hide their identity through false name and age. Even grown up people
             may pretend to be a child/teenager.

Tips for make yourself secure:
                      
         1/ Be care full before choosing an online friend. Try to not reveal all your personal details
             to whome you meet online. Use nickname for yourself and hide your personal details from
             stranger.

        2/  Take your time and make sure that you are sending it to right address. Also cross check
              if you are chatting with the right person who is responsible enough to access those details.

        3/  Do not open the spam messages as it might inject malicious code into your pc. Always use
             updated IM and firewall versions. Be conscious before clicking on the link because it may
             contain spyware.

Identity theft: A serious issue.......

IDENTITY THEFT:

                        Identity theft occurs when someone, without your knowledge gain some of your
             personal information and use it to commit fraud. Identity theft is a crime used to refer to
             fraud  that involves someone pretending to be someone else in order to steal money or get
             other benefits.The victim of identity theft (The person whose identity has been assumed
             by the identity thief) can suffer adverse consequences if they are held accountable for the
             perpetrator's actions.

Identity theft can be divided in two categories:

            .Application fraud:  Application fraud happens when a criminal uses stolen or fake document
                                            to open an account in someone else's name. Criminal may try to steal
                                            documents such as utility bills and bank statements to build up useful
                                            personal information.

            Account takeover :  Account takeover happens when a criminal tries to take over another
                                            person's account first by gathering information about the intended victim,
                                            and then contacting their card issuer masquerading as  the genuine card
                                            holder, and asking for mail to be redirected to a new address. The
                                            criminal  then report the card lost and ask for a replacement to be sent.

How to avoid identity theft?????????????                                          
                                            
                 1/ Never provide personal or financial information including your passwords, credit card
                     information, account numbers to unknown persons.
                
                 2/ Never click web links in your mail, chat box. It may contain malicious code that can
                     enter into your computer and retrieve the valuable information.

                 3/ Shred any sensitive documents before you throw them in to trash.

                 4/ Review your credit card bill every month to make sure there has not been extra charges.

                 5/ Review your credit card information regularly to  make sure there have not been new
                     issue cards or accounts.

                 6/ Don't participate in peer to peer networks if you are not familiar with this type of
                     networks.

What to do if it happens to you?????????????

                 1/ The first thing  to do is to report the crime to the police and get a copy of your report.

                 2/  Immediately contact your credit card issuing bank and close your existing account and
                     get replacements cards with new account numbers.

                 3/  Close any account which were opened without your awareness.

Follow steps when you online????

                 1/ Use phising filters in your Internet browser.

                 2/ Don't use passwords like name, date of birth , pet name etc...
            
                 3/ Look for digital certificates when you use credit card on Internet and also see that your
                     CVV number is typed in non clear text.
                

           

Bypass Apple ios6 passcodes...

   Hacking apple ios 6...........
            
                     hello friends????? Today i ma going to tell you how to bypass apple iphone passcodes running ios6. By doing so, an unauthorized user can send mails, can edit contacts, make voice calls bla bla bla...It will provide you full access to the dialer, contact list, voicemails, call history and photos by editing a contact. An email or text message can be sent by sharing a contact.You can also be able to make a face Time call. FaceTime is accessible through the contacts.

Here are the steps to hack iphone ios 6......................

1/ From a locked iPhone running iOS 6, load the emergency dial screen.
2/ Press and hold the power button and then hit cancel.
3/ Make a fake emergency call — dialed 112.
4/ Hang up immediately.
5/ Hit the power button to put the phone back in standby.
6/ Hit the home button to bring up the lockscreen
7/ Hold down the power button and at the three-second mark, hit the Emergency Call button.
8/ Keep holding the power button until the Phone App comes up.
9/ Hit the Home Button and release as if you’re taking a screen shot.

How can you send messages in facebook though you are blocked by someone..................

Send messages though you are blocked....!

How you can send messages in facebook though you are blocked by someone???????
do you think it is possible friends????
  
Here below is the trick. Use today and enjoy sending uninterrupted messages to your love one who have blocked you.

 1>> Log into your email account.

 2>> Compose a new email

 3>> In "send to" enter   
         username@facebook.com.  (for example: john@facebook.com  replace username 
         with john so its look like john@facebook.com.)

4>> Send it.........and have fun...your message will directly reach in the inbox. 

 

Know more about CAPTCHAs...............Definition and Applications....

...??? What actually CAPTCHAs Are??????

A CAPTCHA is a program that can generate and grade tests that humans can pass but current computer programs cannot. For example, humans can read distorted text as the one shown below, but current computer programs can't:

                           
The term CAPTCHA (for Completely Automated Public Turing Test To Tell Computers and Humans Apart) was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas Hopper and John Langford of Carnegie Mellon University. At the time, they developed the first CAPTCHA to be used by Yahoo.

In other words,  a CAPTCHA is a type of challenge-response test used in computing as an attempt to ensure that the response is generated by a human being. The process usually involves a computer asking a user to complete a simple test which the computer is able to grade. These tests are designed to be easy for a computer to generate but difficult for a computer to solve, but again easy for a human.


                                           Applications of CAPTCHAs

Protecting Website Registration:  Several companies (Yahoo!, Microsoft, etc.) offer free email services. Up until a few years ago, most of these services suffered from a specific type of attack: "bots" that would sign up for thousands of email accounts every minute. The solution to this problem was to use CAPTCHAs to ensure that only humans obtain free accounts. In general, free services should be protected with a CAPTCHA in order to prevent abuse by automated programs.

Preventing Comment Spam in Blogs: Most bloggers are familiar with programs that submit bogus comments, usually for the purpose of raising search engine ranks of some website (e.g., "buy penny stocks here"). This is called comment spam. By using a CAPTCHA, only humans can enter comments on a blog. There is no need to make users sign up before they enter a comment, and no legitimate comments are ever lost!

Preventing Dictionary Attacks: CAPTCHAs can also be used to prevent dictionary attacks in password systems. The idea is simple: prevent a computer from being able to iterate through the entire space of passwords by requiring it to solve a CAPTCHA after a certain number of unsuccessful logins.

Worms and Spam: CAPTCHAs also offer a plausible solution against email worms and spam: "I will only accept an email if I know there is a human behind the other computer." A few companies are already marketing this idea.

Search Engine Bots: It is sometimes desirable to keep webpages unindexed to prevent others from finding them easily. There is an html tag to prevent search engine bots from reading web pages. The tag, however, doesn't guarantee that bots won't read a web page; it only serves to say "no bots, please." Search engine bots, since they usually belong to large companies, respect web pages that don't want to allow them in. However, in order to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.

Online Polls:  In November 1999, http://www.slashdot.org released an online poll asking which was the best graduate school in computer science (a dangerous question to ask over the web!). As is the case with most online polls, IP addresses of voters were recorded in order to prevent single users from voting more than once. However, students at Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU thousands of times. CMU's score started growing rapidly. The next day, students at MIT wrote their own program and the poll became a contest between voting "bots." MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. Can the result of any online poll be trusted? Not unless the poll ensures that only humans can vote.
                    

GOOGLE Tricks...................

We all know that google is a popular search engine and most of the people use google as their online search tool.Today i am going to tell you about Top 7 google tricks that will amaze you.Some of the tricks are provided by google itself while other have been provided by the developers.

1. Google Gravity:-
We all have read the Newton’s law of gravity.Does it also apply to google?To test it follow the instructions,
Go to google.com
Type Google Gravity
Click on I’m feeling Lucky
Now you will see the effect of gravity on google.The google icon will fall down automatically.You can even pickup and throw google icon anywhere

2. Google Pacman Game:-
Play Google Pacman Game

3. Change Background Image:-
You can also change the background image of google image.To change the background image follow the instructions,
Go to google.com
Click on the Change Background Image
Login with gmail username and upload Image

4. Epic Google:-
In epic google you will see the font size of google increasing automatically as if it will come out of your computer screen.To use google Follow the instructions
Go to google.com
Type Epic Google
Click on I’m feeling Lucky

5.Google Sphere:-
Google Sphere is a fun trick. It will start rotating all links on google in sphere. you can change rotation of sphere by moving cursor.Follow The Below Steps
Go to Google homepage
Type Google sphere
Click on I’m feeling Lucky

6. Google Hacker:-
want to see how the google homepage will look if it gets hacked .Follow the instructions below,
Go to google.com
Type Google Hacker
Click on I’m feeling Lucky

7. Annoying Google:-
In this trick the capitalisation of your searches will change automatically.Some words will change into small letter and some into capital letters in your search result.Want to try it follow the instructions
Go to google.com
Type Annoying Google
Click on I’m feeling Lucky

8. Google Loco:-
In This Trick Google Logo Will Dancing In Free Mod, To Try This Out Follow The Instructions,
Go To google.com
Type Google Loco
Click On I’m feeling lucky

 Hope all you enjoy....do like and comment how you feel on applying all those...........

A glance at MALWARES around us....................

MALWARES:------  INTRODUCTION,  CLASSIFICATION,  & TIPS FOR BEING SECURE......

INTRODUCTION: WHAT IS A MALWARE?????????????????
              
                                A malware is a malicious software designed to harm a computer system without
                                the owner's informed consent. Malware  software, is software used or 
                                programmed by attackers to disrupt computer operation, gather sensitive 
                                information, or gain access to private computer systems. It can appear in the  
                                form of code, scripts, active content, and other software. Malware is a general 
                                term used to refer to a intrusive software.Malware includes computer viruses, 
                                worms, Trojan horses, rootkits, spyware, dishonest adware,crimeware and other 
                                malicious and unwanted software.Around 80% of malware today is designed to 
                                steal and find confidential information stored on your computer.This type of 
                                malware is sometimes called crimeware.Malware can invade your machine 
                                through infected email attachment, "bots" that crawl the internet looking for 
                                unprotected computers.


MLWARE CLASSIFICATIONS:     TYPES AND DESCRIPTIONS......................

                                VIRUS:  A virus is a program which is able to replicate and attach itself to a
                                               program or files infecting the system without your knowledge.This are 
                                               the software programs that hide on your computer and cause its
                                              damage
                                             .

                               Spyware:  Spyware is a malicious software program that hides on your computer,
                                                 tracks what you are doing online, and sends that information over the 
                                                internet.Some types of softwares like keyloggers can records what you 
                                                are typing in your computer and lot others you can't imagine.

                        Trozan horse:   For a malicious program to accomplish its goals, it must be able to 
                                                 run without being detected, shut down, or deleted. When a malicious
                                                 program is disguised as something normal or desirable, users may 
                                                 willfully install it without realising it. This is the technique of the  
                                                 Trojan horse or trojan. A Trojan horse is any program that invites the 
                                                 user to run it, concealing harmful or malicious code. The code may 
                                                 take effect immediately and can lead to many undesirable effects, such 
                                                 as deleting the user's files or installing additional harmful software.

                              Rootkits:    Once a malicious program is installed on a system, it is essential that 
                                                 it  stay concealed, to avoid detection. Techniques known as rootkits
                                                 allow this concealment, by modifying the host's operating system so 
                                                 that the malware is hidden from the user. Rootkits can prevent a
                                                malicious process from being visible in the system's list of processes, 
                                                or  keep its files from being read.

                                   

                                        
  TIPS TO SECURE:        
                                     * Set the browser to open the webpages only from the trusted web sites.
                                      
                                     * Always checks for the extension of a file and always scan any attached files
                                       before using it.

                                     * Always scan the removable mediums before you open.

                                     * Avoid downloading the files with double extension.

                                     * Always use anti-virus software and also update its signature database when 
                                       available.
         
                                     * Try to avoid the attachment from unknown users.

                         

SOCIAL ENGINEERING.......

  SOCIAL ENGINEERING :   AN APPROACH TO HACK HUMAN MINDS.........................

  INTRODUCTION: 
                                  It is an art of deception.Social engineering is an approach to gain access to information through misrepresentation.It can be called as the manipulation of people to obtain information  without realising that a security breach is occurring.It may take the form of impersonating via telephone or in person and through email. Some emails lead the recipient into opening an attachment that activates a malicious program in to your computer.
           
               The main reason behind the social engineering is like careless talking about business, the office and personal information with an unauthorised person. You may also be one of the victim of the unauthorised person if you also make a mistake like above talks.So be careful from being social engineered from an unauthorised person as it may lead to harm your confidential information or your office or organisation's secrets.


 HOW A SOCIAL ENGINEER DONE ALL THIS....????

                                    * Social engineering can be done in many ways like in public places, gossips   
                                       bla bla bla......
                                   
                                    * A Social engineer may meet you outside of your workplace, or organisation
                                       and may ask you about your work or how your organisation does this
                                       things.
                                    
                                     * A social engineer may ask your identity card to gain your personal
                                        information about your school, organisation etc.
                                    
                                     * A social engineer may approach you either via a telephone or email and pose
                                        as a person interest to work with you and later come to know about all your
                                        personal details and may ask your user id, password or other details like
                                        systems and network information.

                                     * The main goal of social engineering is same as hacking in general such as
                                         trying to gain unauthorised access to systems and personal information to
                                         commit fraud, network intrusion , identity theft or simply disrupt the
                                         system  and network.

 MAKE YOURSELF SECURE  FROM BEING SOCIAL ENGINEERED:
                                     
                             * Don't send sensitive information over the Internet before checking a website's
                                security. Pay attention to the URL of a website. Malicious websites may look
                                identical to a legitimate website, but the URL contains the variations say
                                spellings etc. example: https://www.faceb00k.com instead of
                                https://www.facebook.com   

                             * Don't provide personal or financial information in email and do not respond to
                                emails asking for this informations.

                             * Don't provide personal information or information about your organisation
                                including its structure or networks to a unauthorised person.

                             * Be cautious because social engineers try to fool you by creating false situation
                                and make you to believe in order to collect your confidential informations.

                             * If you are in doubt in opening an email or if you know that you have received a
                                phising email, then don't respond to it and don't even click the links you received
                                from untrusted sources.

                             * Don't give any financial information to unknown people over phone, confirm to
                               whom you are speaking and cross check the concern company or bank before
                               giving any information.


                                       
                                      

PASSWORD THREATS

                                                        PASSWORD THREATS

INTRODUCTIONS:
                   A  password is a key to access a system or some confidential information stored
                in a server or client machines.
                        
                 The passwords could be shared with other persons and might be misused and
                 also sometimes passwords can be forgotten. The stolen passwords can be used by
                 unauthorized user and he may collect your personal information.

ATTACKS THAT CAN YOU SUFFER IN CASE OF YOUR PASSWORDS:
                                 
  1/ BRUTEFORCE ATTACK:
                          The main idea behind the bruteforce attack is guessing of passwords.Hackers try
                      all possible combinations with the person's name, petname, numbers ( phone numbers,
                      date of birth), school name etc. in order to gain your password. When there are large
                      number of combinations of passwords then the hackers uses fast processors and some
                      software tools to crack the passwords. This methods of cracking of passwords is known
                      as bruteforce attack.

2/ DICTIONARY ATTACK:
                           In this type of attack hackers try to crack your password with all possible dictionary
                      words and also using some software tools.

3/ SHOULDER SURFING:
                           This is one of the technique for stealing the password in which a password is stolen
                      by standing behind an indivisual and over look their password while they are typing.
                      Its comperatively easy to stand next to someone and watch as they fill out a form, enter
                      a PIN number at an ATM machine or use a calling card at a public pay phone.

4/ SHARING YOUR PASSWORD WITH STRANGERS:
                           Sharing the password with a unknown person may also lead to loss of your personal
                      information. By using your login information, the stranger can get access to your
                      information. If the strangers after getting access to your information they can do
                      anything with it i.e they can apply, modify or delete it.


GUIDELINES FOR MAINTAINING A GOOD PASSWORD:

1/ Avoid using the words from dictionary. They can be cracked easily.

2/ A password must be difficult to guess.

3/ Change the password in cach 15 days or when you suspect someone know your password.

4/ Do not reveal your password before the unauthorized person.

5/ Remember that your brain is the most secure place to store the password rather than writting it to
    any paper or hard disks.

6/ Use your passwords that contains at least 8 characters or more. The more number of characters you
use, the more secure is your password.

7/ Use a password that contains the combinations of letters, numbers and special characters.

Phising and Vishing scams......

                                                  

                     Phising and Vishing  SCAMS

INTRODUCTION: 

 Phising and Vishing scams are created to steal your personal information and web    

 identity. Phising is carried out via fradulent emails and Vishing  is done via bogus voice    
 messages and phone  calls.

How They Are Done:

  If you receive any phone calls or email  making about your netbanking 
  details like your account number, PIN code, password or debit /credit
  card details like card   number, CVV number   validity  of your card   etc.
  Please do not respond to  this phone calls and forward  this phone calls 
  and forward  all details to your corresponding bank.

      Today many vishing scams happening to the common people where a customer called to  

      a  particular  customer telling about that he is a bank  representitive or  customer 

      relationship  officer and asking you about all the relevant  details of your banking 

      procedure telling  this  that you need to upgrade your account or your  account

      suffering less security and thus he may told you in order to increase your bank account 

      security, he needs this particular details

Please Follow These Simple Steps To Avoid These Scams 

      
1/  Do not open suspected email attachment or instant message download links.

2/ If you are in doubt, do not click on any link provided in the email.

3/ Do not give any confidential information such as passwords, credit/debit card number or 

     PIN, CVV, DOB to  any email request. Even if the request is from government   authorities

     like income tax department or any card  association company like master   card or   VISA.
  

4/ Always check the web adress in the URL(uniform resource locator) before sharing any 

     sensitive information.

5/ Always type the website adress say (www.netpnb.com) on your web browser.

6/ Do not access netbanking or don't make online payments using your debit/credit card 

     from shared network.

7/ Always ensure that padlock icon at the upper or bottom right corner of the webpage is on

     during secure transaction.

    

8/ don't share your account details with unknown.  

People today i am going to tell you about Email Security...that you should follow in order to make yourself secure......

Emails are called as electronic mail which is also a digital message.Emails are widely use in day         today's life as it makes the world faster and represents the digital world in electronic message communication system. But today many crime also happens including email also say if a hacker get access to your email system then he can literally do everything without your permission. It means he can be able to make an unauthorised access to your mailing system. So you  should follow some security while using your email. Those following securities are like:

1:  You should ignore e-mails from strangers.

2:  Avoid opening attachments coming from strangers as it may contains a virus.

3:  Be careful while downloading attachments from emails in your computer. Scan the attachment
     with the update anti virus to check for viruses.

4:  Don't send personal information to the strangers through emails.

5:  Don't click the emails from untrusted sources as it may execute malicious code and spread into 
    your system
.
6:  Don't fill the forms that asking for your personal information as it may spam.

7:   Use email filtering software to avoid spam so that only messages from authorised users are

      received

8:  Beforee sending the email message try to encrypt the email using some encryption software like 
     PGP ( pretty good privacy ) to encrypt the email message so it can be decrypted only by the
     specified recipient.

9: Don't click any link asking for your user name and password though you logged in your account.
    It for sure  is a phising page. ( Phishing is the act of attempting to acquire information such as

    usernames, passwords, and credit card details (and sometimes, indirectly, money) by    

    masquerading as a trustworthy entity in an electronic communication

Cyber SEcurity & Technobuzz: Be secure when using netbanking

 Be secure when using netbanking: Most of the attacks on online banking used today are based on deceiving the user to steal login data and valid TANs. Two well known example  for those attacks are phishing and pharming. Cross-site scripting and keylogger/Trojan horses can also be used to steal login information.
                                       
 
A method to attack signature based online banking methods is to manipulate the used software in a way, that correct transactions are shown on the screen and faked transactions are signed in the background.
A 2008 U.S. Federal Deposit Insurance Corporation Technology Incident Report, compiled from suspicious activity reports banks file quarterly, lists 536 cases of computer intrusion, with an average loss per incident of $30,000. That adds up to a nearly $16-million loss in the second quarter of 2007. Computer intrusions increased by 150 percent between the first quarter of 2007 and the second. In 80 percent of the cases, the source of the intrusion is unknown but it occurred during online banking, the report states.^[4]
The most recent kind of attack is the so-called Man in the Browser attack, where a Trojan horse permits a remote attacker to modify the destination account number and also the amount.

Securities:

              

• The PIN/TAN system where the PIN represents a password, used for the login and TANs representing one-time passwords to authenticate transactions. TANs can be distributed in different ways, the most popular one is to send a list of TANs to the online banking user by postal letter. The most secure way of using TANs is to generate them by need using a security token. These token generated TANs depend on the time and a unique secret, stored in the security token (two-factor authentication or 2FA). Usually online banking with PIN/TAN is done via a web browser using SSL secured connections, so that there is no additional encryption needed.

Another way to provide TANs to an online banking user is to send the TAN of the current bank transaction to the user's (GSM) mobile phone via SMS. The SMS text usually quotes the transaction amount and details, the TAN is only valid for a short period of time. Especially in Germany, Austria and The Netherlands, many banks have adopted this "SMS TAN" service as it is considered very secure.

• Signature based online banking where all transactions are signed and encrypted digitally. The Keys for the signature generation and encryption can be stored on smartcards or any memory medium, depending on the concrete implementation.