Saturday, 9 February 2013

chegg spear phishing attacks

An unsuspecting secretary receives an email about a package due for delivery, and clicks on a link or an attachment in the message to track its progress. In that split second, she unknowingly compromises her company's network security and starts a chain of events that will bring the company to its knees.

It may sound far-fetched, but scenarios like this play out every day as companies fall victim to "spear phishing" or targeted malicious email attacks. It was just a spear phishing attack that led to the 2011 breach at security firm RSA.

These attacks differ from more common general phishing attacks which are usually carried out by fraudsters and petty criminals. Spear phishing attacks are perpetrated by more sophisticated criminals as well as industrial competitors, industrial spies and even nation states. While phishers are usually attempting to steal from the victim, spear phishers attempt to compromise the victim's company's network and systems to steal corporate secrets, intellectual property and other valuable information.

It's not uncommon for some element of research to be carried out before potential victims are identified, and emails are specially crafted using social engineering techniques to entice the recipient to open a weaponized attachment, click on a link to a malicious site, or simply enter confidential information such as log-in credentials into a spoofed site.

Email and Emotion

"Spear phishers play on people's emotions, and often use curiosity, fear or the offer of a reward to arouse interest," says Scott Greaux, a VP at anti-spear phishing training firm Phishme. "They will often pique your curiosity by saying you have missed a package -- and who doesn't love to receive a package? -- or warn that an account is about to be closed. Or they will offer a reward; perhaps the email will say that you have won an iPad in recognition for outstanding work for your company."

The simplest way for a spear phisher to carry out an attack is to get the victim to click on a malicious attachment.Research by security firm FireEye found that in the first half of this year the names of 23 percent of malicious attachments included the words "DHL" or "notification" and 12 percent included the word "delivery." Typical attachment names included "DHL document.zip," "Fedex_Invoice.zip" and "Label_Parcel_IS741-1345US.zip." The malicious attachment that led to the RSA security breach was called "2011 Recruitment plan.xls."

Email gateways and anti-virus scanners can detect many of these email attachments, and for this reason Greaux says this type of spear phishing attack is becoming less common. "Malicious attachments are still viable, but there is a shift toward emails that entice you to click on a link that takes you to a website that then attempts to exploit multiple vulnerabilities in your system."

Security gateways may also filter out emails with malicious links, but the difficulty is that the websites that the links point to may not be malicious at the time that the emails are scanned and delivered. If malicious code is added to the websites after delivery, but before an employee clicks on the link, any attack could be successful.

Security firm Proofpoint has come up with an unusual way to counter this problem. Its Targeted Attack Protectionservice examines every email that comes in to an organization and rewrites any URLs so the links point first to Proofpoint's servers. If a user clicks on a rewritten link in an email -- perhaps a week or so later -- a Proofpoint server goes to the original link and opens the resulting Web page in a sandboxed environment and checks to see if any malicious activity results. If not, the user's browser is redirected to the page as if nothing had happened, but if the link is malicious then the attack is blocked.

"Traditional security systems will block 98 or 99 percent of malicious emails, but some low volume targeted attacks will get through. We deal with that last 1 or 2 percent, and are 99 percent effective with that," says David Knight, a Proofpoint marketing vice president. "So if we see 10,000 malicious URLs per day, we stop all but a hundred getting through. And if employee click rates are about 1 to 4 percent, then only about one to four potentially successful attacks are received per day."

Fool Me Once, Won't Fool Me Twice

To counter the threat of spear phishing, many companies provide staff training to help employees detect malicious emails before they respond to them. Trainers warn users against clicking on attachments or links in emails even if they appear to come from a trusted source unless they are expected, and recommend typing URLs into a browser by hand rather than clicking on a link in an email.

But Phishme's Scott Greaux says that even after a training session, typical users still fall for many spear phishing attacks. To make things worse, the percentage they fall for increases over time.

One way to increase the effectiveness of training is to send out realistic simulated spear phishing emails to employees after they have received training, Greaux says. Phishme's cloud-based spear phishing simulator enables security staff to import corporate email addresses into the Phishme system. Simulated spear phishing emails can then be crafted from templates based on real spear phishing emails and sent out to employees.

Those that "fall" for the email by clicking on an attachment or link are immediately presented with information telling them that the email was part of a security exercise -- either within the attachment they clicked on, or on the Web page that the link points to. They are also reminded about how they might have detected that it was a spear phishing email, how they can report spear phishing emails, and what they should do if they think that they have responded to a real one.

"The education is immediate, and delivered when employees are likely to respond to it," says Greaux. Phishme's system also provides administrators with statistics that show how many users respond to each simulated phishing email, the responses of individual users or groups of users, and how these vary over time. This information can be used to plan future training sessions, if necessary.

Phishme's service is used by large organizations such as Lilly, an international pharmaceutical company with over 40,000 employees around the world. "We get so much garbage malicious email coming in that it is appropriate to combat people's propensity to click on malicious links," explains Robert Pyburn, a Lilly security consultant. He uses Phishme's system to send out one email per month to a large group of employees - each one designed to be harder to detect than previous ones.

"If you came up with a difficult message to begin with, everyone would fail," explains Pyburn. "Ultimately the goal is to raise the educational level. We are quite early on in the process, but the signs are that people are beginning to learn and starting to think before they click."

For the system to be effective, Phishme recommends sending simulated spear phishing emails at least once a quarter. Greaux claims that one customer which carried out five exercises in six months experienced a drop in the proportion of staff responding to spear phishing emails from 52 percent to just over 3 percent. Another customer reduced its staff's response rate from 70 percent to 5 percent, but the number drifted back to 20 percent when no further exercises were carried out for a period of eight months.

Prevention method: In order to get new updates about chegg validate ur account at http://chegg.byethost12.coma must do action against phishers

How to connect two computers to a broadband modem

If you have a broadband modem or one that is supplied from your internet service provider you can most probably have two computers connected to it without needing a router. If you look at the picture of my modem below, it has a USB (blue) and a ETHERNET (yellow) port.

My service provider, BSNL, supplied this modem to me. It came with an installation disc, which you should use to connect to the modem through the USB.
Now if you do not have a router, but have a similar modem, you can connect two computers off the one broadband modem and thus both accessing the internet.
One can connect through the USB port
and the other through the Ethernet.
A USB cable and and Ethernet cable come with the modem, however to connect the second computer you may need to buy a longer Ethernet cable. Get a blue cable.. NOT red.

To connect a computer to a broadband modem through USB, it is recommended that you use the installation cd. It will ask you to choose how you want to connect and you select USB. Make sure you know your user name and password for your internet service provider.
To connect the second computer to the same modem but through the Ethernet, just plug it in...It usually works straight away. If it does not, use the installation cd, but choose to connect with Ethernet.

Notes:
• If you do not have an installation cd, phone your internet service provider and they will send one to you.
• If you run into any problems, phone your internet service provider
and they will help. You are allowed to have more than one computer connected to the internet

Ways to Detect Anonymous IP Addresses

As the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy.

However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.

1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.

2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

PROXY DETECTION SERVICES

So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind andFraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.

How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.

How to Hide IP Address

How to hide ip address

Did you know your IP address is exposed every time you visit a website? Your IP address is your online identity and could be used by hackers to break into your computer, steal personal information, or commit other crimes against you. By Hiding IP you can surf anonymously, change your IP address, prevent identity theft, and guard against hacker intrusions.
One of the most frequently asked questions by the internet users is How To Hide IP Address ?. Many times it becomes necessary to hide the real IP address for the sake of privacy. For this, I have tried many softwares, proxy servers and many such tools that guaranteed to hide my IP address.But still none of them worked for me. I think most of you have the same experience. Are you fed up with these dummy softwares that fails to hide the real IP address? Then is there any working way to hide the IP address?

YES, you can definitely hide your IP

Now I’ll come to the heart of the post, which contains the answer to your curious question How to Hide the IP address ? The only solution to hide your IP address is by using a Proxy Server. But Wait! The story doesn’t end here. Even though proxy servers are the only way to hide your IP address, there are several ways of connecting your PC to the proxy server. Before setting up the connection with the proxy servers you must know some information about different types of proxy servers and their uses.

1. Transparent Proxy Server
This type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used to speedup the web browsing since thay have a very good ability to cache websites. But they do not conceal the IP of it’s users. It is widely known as transparent proxy because it will expose your real IP address to the web. This type of proxy server does not hide your IP address.

2. Anonymous Proxy Server
This type of proxy server identifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users. This type of proxy server will hide your IP address.

3. Distorting Proxy Server
This type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers. This type of proxy server will hide your IP address.

4. High Anonymity Proxy Server (Elite Proxy)
This type of proxy server does not identify itself as a proxy server and does not make available the original IP address. This type of proxy server will hide your IP address.So this is the best way to mask your IP.

Which Proxy Server is the best to Hide My IP ?
I know, you can answer this question better than me.Obviously High Anonymity Proxy or Elite Proxy is the best to hide your IP. But it’s not easy to get a list of working elite proxies. If you search the Google, you will definitely get tons of proxy list. You’ll get a list of proxies in the following format

IP:Port Number

Eg: 221.90.45.67:8080 (221.90.45.67 is the IP of the proxy server and 8080 is the port number)
But most of them don’t work. Here are some of the problems/risks associated with using free proxies that are available on the internet.

Most of them do not work since the proxy servers frequently changes it’s IP/Port number.
Even if you find a working proxy server it may be too slow.
Your privacy is not guaranteed since all your traffic is routed through the proxy server.
The administrators of the proxy servers may steal your valuable information such as passwords, SSN (Social security number), Credit Card details etc.

So with all these being the risks then how to find a working, fast ,highly anonymous and secured Proxy servers?
Now I will give a list of softwares that will really hide your IP address. I have tried many such softwares and have found only few of them working perfectly. Here is a list of working IP Hiding softwares that you can try. I have listed them in the order of their popularity

How to ensure that the IP is hidden ?
Before you hide your IP you can check your real IP by visiting the following site.
WhatIsMyIPAddress.Com
Once you get your real IP, switch on your IP hiding software. Now once again visit the above site and check your IP address. If you see a new IP then this means that your software is doing the right job. Also the above site(Whatismyipaddress.com) is capable of detecting many proxies. If you see the words such as “suspected proxy server or network sharing device” or similar words then it means that the proxy you are using is not an Elite Proxy.

One Final Word before you leave! Even though Elite proxies are almost undetectable this doesn’t mean that you can escape from online crimes by hiding your IP. There are many proxy detecting services available which detect almost any proxy. So if you involve in any cyber crimes then you will definitely be behind the bars. Using proxy will not help you in this case.

HOW TO THINK LIKE A HACKER

Thinking like a hacker is not just for criminals, but also for companies who want to know how to protect themselves against hackers. If you know how a hacker uses their imagination to enter a company's computer security system, you will have a better chance of safeguarding your own system. Read on to learn more.

Step 1-Identify possible exploits and their domain names, gathering as much information as you can to create a footprint analysis. Consider the size of the target, the number of potential entry points and the security mechanisms that may be in place. A hacker should think about company names and subsidiaries, phone numbers, domain names and their IP networks.

Step 2-Pay attention to "back door" entry points. For example, identify startup companies that most likely have weak security, especially those recently acquired by large companies. Hacking into these smaller companies may provide information about the unrestricted virtual private networks the larger target companies.

Step 3-Connect to the listening UDP and TCP ports of your possible targets and send random data, attempting to determine what versions of File Transfer Protocol, Web, or mail servers that they may be using. Many TCP and UDP services send data that will identify the running application as a response to random data. You can find exploits by cross-referencing the data you find in vulnerability databases, like SecurityFocus.

Step 4-Think about how you will gain access to the target once you have learned the basic information. You will need a password and user account, which is usually acquired through a sneak attack. That is, many hackers will take information from a company website and directly contact an employee by phone, pretending to be the help desk or a web technician. Many unsuspecting employees will give valuable information to a person who sounds authoritative.

Step 5-Take the username and password obtained and "Trojan" the system. For example, you can enter with the user's name and password and replace an everyday piece of software like Notepad.exe with a piece of Trojan code. This code can allow a hacker to become an administrator in the system, so that the next time that the hacker logs on, they will automatically be added to the administrators' group and will have instant access to "admin only" information.

Tips & Warnings

Use this information to create a well-protected system. Hackers generally give up on difficult systems and move on to something easier.
Hacking is a creative endeavor. Never let your guard down. You may think you are safe, but your security system is just a creative challenge for a hacker.
Thinking like a hacker is a great way to keep your computer systems and networks safe. However, hacking is illegal and you should only apply this information to testing the vulnerability of your own computer systems and networks.

Friday, 8 February 2013

BackTrack 5 Released – Penetration Testing Distribution, Download Now !

Download : http://www.backtrack-linux.org/downloads/
Direct Links from FTP : http://mirrors.rit.edu/backtrack/

WIFI PASSWORD CRACKER

Wifi Password Hack

THIS SITE WIFI PASSWORD HACK IS ONE OF THE FEW ON THE INTERNET WHERE YOU WILL FIND THE BEST PROGRAM TO FIND WIRELESS PASSWORD, THIS PROGRAM IS CALLED WIFI CRACKER. AND WHAT DOES IT DO? THE ANSWER IS EASY, DISCOVER PASSWORDS OF THEIR WIRELESS NETWORKS AROUND IN MINUTES, SO EVEN IN A FEW MINUTES YOU CAN HAVE INTERNET FOR FREE!

Wifi Cracker Working on 89% Wifi Networks!

Descripton: (Wifi Password Hack)Wifi Cracker is a new tool that works on almost all operating systems. This tool besides being fast discovering wireless networks also has works on almost all types of encryption from WEP, WPA and WPA2. For you to use this tool you just need to have a computer with a wireless adapter or a wireless pen, that nowadays any portable computer has. Most programs take hours and hours and hours, let alone days to discover a simple password, but now you ask. Why is it that other programs take so much and is so fast? This is a reply so easy to answer! The creators of Wifi Cracker at home have tried to create a unique software that is more effective and faster than the others. Then joined about 10 professional programmers from all over the world and together have created the wifi cracker which contains the ultimate software engine IE NET.framework 4.0!

Get passwords of Hackers

Decode Keyloggers and Stealers - Get passwords of Hackers

Hello, here method to hack the hackers..If you have a keylogger on your computer, and you know the file, this process will easily give you the FTP website they are using so you can get the logs for the files, and if they use the same keyloggers on other computers, you’ll get the logs for that to.

What is Reverting ?
Reverting generally means reversing an action or undoing the changes. Here in our case, reverting would be more of reversing the action. For this we will need a key logger server using ftp. It can be found on warez sites, you tube etc.

Tools needed:
1) Key logger, pass stealer
2) Cain and Abel
3) Virtual machine (so you don't get infected, and what if the hacker is using better protocol that'd be epic fail)

Follow the Following Steps.....
1.) Execute the key logger on your virtual machine.

2.) Now run Cain and Abel and do the following things as per stated order.

3.) Wait for sometime and then check back the passwords area.

4.) As you can see the key logger used ftp protocol to transfer the logs. Ftp protocol isn't very safe since it doesn't encrypt the data. Anyways you should see the ip address where your pc is sending packets. And also the user name and password. This might not work if the server is using other protocol like http smtp etc you'll most probably get junk values in user and pass box if those protocols are used.

So i open the ip address http://66.220.9.50/

5.) Now you have username and pass from "Cain and Abel" ... So Login and Hit The Hacker !!!!

Hope that ,this article will be helpful for you, now go and collect all viruses and try this method... Hope u will get good Results.

!!!! ENJOY !!!!

Get Skype Free Credit Voucher Codes

Get Free Skype Working Voucher Code (Tested 03 December 2012)

Hi Guys I have been Searching for the voucher codes for free for a long time after the trick of hotspot's credit offer was blocked but finally i got one that works perfectly..what you all need is:

Email Address

Skype Id

Voucher Code will be mailed on your email address so give the valid one..:p

Link to Get Voucher Code..Here (*Note: On the Top right corner of the page click Skip Ad after 5 seconds to proceed to your Voucher.:-) )

Hack any skype account in 6 easy steps

Major vulnerability of Skype's password reset system has went public today.
The only thing you need to obtain full access to any Skype account is primary email of that account (the email which used when the Skype account been registered).
Following guide contains both - how to steal an account, and how to protect your account (scroll down for that).

Update 1 (November 14, 2:00am PDT): Skype made the password reset system disabled. So link on the step 4 is not working for me now (starting from November 14, 2 am PDT).
Update 2 (November 14, 6:00am PDT): Skype re-enabled the password reset system, but now it will not sent recovery token to attacker's client. The hole (gate, almost highway road) is closed.

For example, I know somebody's email - crackme33@yahoo.com , let's hack his Skype!

1. Go to the Skype website, register new disposable account. In email field, put target's email.

If the email, you typed into form, attached to some skype account, then it will say that "You already have a Skype account", that means you can hack it!

So, complete the form, provide some fake BOD, gender, country, answer to question "How do you intend to use Skype?" as personal, fill any skype name (REMEMBER IT), it will give you some suggestions of not taken ones, assign some password (REMEMBER IT), solve the captcha, proceed forward - push the continue button.

You will be redirected to you new account dashboard. Logout from it.

2. Run the Skype application with those new credentials.

3. Since we just logged in to a fresh account, at home screen of the Skype application, there will be advertisement "Find your friends and say hello", click somewhere to bring focus on that part of screen (I clicked where the red cross is drawn):

Then push F5 button on your keyboard, it will refresh the home screen. Do that 3-4 times until you see "Bring your Facebook friends into Skype" advertisement. Click "No thanks, blah-blah-blah".

You will get the home screen with some banner.

4. Go to Skype's password reset system.Put the target's email. In my case - crackme33@yahoo.com .

Click "Submit button", and after several seconds, you will see Skype's pop-up notification - "Password token".

5. Go to Skype application, on the home screen you will see Password token, click on "more info", go to "temporary code link":

6. Browser will open page, where you can select any skype account registered to target email, in my case there are two account - my disposable and target:

Choose target's account and click "Change password and sign me in":

You will be redirected to login form:

You are all set!
P.S. I have changed primary email for that test accounts, so do not try hack them. Just in case. =)

How to protect your accounts

You already changed password for the target account, know the skype login, and able to use that target skype account. But somebody could take it back from you, just as you did (owner for example).
To prevent that you need to change your primary email to some address, unknown to anyone.

To do that:
1. Sign in on skype website.
2. Go into the "profile" link (click to enlarge):

3. On account information, go down, to "Contact details", click "Add email address":

4. Add your email address, which unknown to anybody, but you:

Click save button at the bottom of the form. After page reload, refresh page again to prevent some strange glitches of the site (if you will not reload the page, after you do following steps, it will forget steps 4 and 5 and discard that little work).

5. Scroll to Contact details again. Click on "Add email address" again. Switch primary email to the new one:

Click "Save" button at the bottom of the form, again.

It will ask you for your password. You know it already. Type password and click button by mouse, not by "Enter" key.

After page reload, refresh page again to prevent some strange glitches of the site (described above).

6. Scroll to Contact details again. Click on "Add email address" again. Delete (with backspace and/or delete buttons) all emails but primary:

7. Click "Save" button at the bottom of the form. Make sure all your changes applied (it sometimes require two or more attempts, since the site is developed by curly-handed programmers).

8. Tell to friends how to protect a skype account. ASAP

At the time there is no other way to protect your skype account, except changing of primary email to some unknown address.
Once account is stolen, it has ability to retrieve all your IM history from other peers.
If you already lost your account, contact to all your necessary contacts and tell them to remove you from their contact list. It prevents IM history interchange (if it is not already happened).

There is how mailbox of target looks like:

Thus target will receive notifications regarding password change, but initial owner have less than one minute to understand and take action, it is almost impossible to login into skype website, change emails, when a hacker already there.

Disclaimer: The information provided on in this blog is to be used for educational purposes only. The blog author is in no way responsible for any misuse of the information provided.