We all use internet a lot and for the purpose we make a lot of accounts too, but there are some mistakes which we commit while registering for a site. We just visit the site and then register for no reason often because most of the new people at the internet feel good to make account at every site which they visit. But this is really not a good act if we look into the whole situation with reference to the security. It can be harmful to you in many ways. You must keep in mind the following tips while choosing your password and while signing up for the new sites.
Precautions to be taken while signing up for new site and Choosing a Password:
Be sure that the site is worthy enough to have an account over it. You must be sure with the ranking and user base of the site too, I mean you must be well aware about the site. You can't signup for some fake site where they can use your details for the identity theft.
Don't use the same password for every site you signup, Because it can be really fatal for your online life like if you are using the same password for every site then if any one of them get hacked, hacker is going to hack your whole email id's and accounts.
Be sure to use a different and strong password with your primary emails, and then signup to other services using those emails with some other and strong password. Don't use your primary passwords everywhere.
A strong password contains some symbols, some numbers, some alphabets and some capital and small alphabets. You should make a combo of all the available characters to make it impossible to be cracked.
While choosing a security question never use something really common which others may know, Like your name, like birthplace of your mother. Common other's gonna guess it surely. Keep something really unique which can't be guessed by the public. Or else always keep that question in mind because one can use social engineering to ask you the same question and you may be dumb enough to give the correct answer.
It's a good practice to connect to new sites using the Facebook or twitter connect as I guess that it is more suitable, but in case your Facebook or Twitter get's hacked you got nothing to do. Thus, it's always safer to keep your important accounts separate with unique passwords to be used with them only.
That was it! Next time i'll come up with something more good and unique, Till then remain safe and have a happy internet life.
Security experts have reported a Brute Force attack over the WordPress blogs and thousands of blogs have been reported to be hacked because of the massive attack being done. This attack has been confirmed by the Cloudflare. The attack uses botnet and automated attempts to guess the passwords for the default admin account of the WordPress. Surely! the use of weak passwords and the default admin username for your WordPress is the biggest problem which can become the cause of your blog take-down by the hackers.
Remain Safe From the Massive WordPress Brute Force Attack:
You can easily avoid this attack by following these general and very simple instructions:
- Don't use default user name i-e admin to login to your blog because it's the default account which you get when you install WordPress. Be sure to add a new administrator account and change the username of that account to something random.
- Don't use weak passwords because passwords like in the dictionary and other language words are damn easy to be guessed by a powerful machine. Make a strong password consisting of numbers and symbols.
- Be sure that your WordPress version is up to date and no surplus deactivated themes and plugins are present, as any old file and vulnerable can be a cause of hacked WordPress blog.
Actually the attack isn't that much strong but chaining together the power of various servers and hosting is going to make it real strong against your blog. If the hosting companies accounts are vulnerable and undertaken by hackers then a botnet attack carried by this will be damn more powerful than the zombie laptops attacks.
A recent report has shown that the last attack reported was dependent on the 90,000 IP's and it means how large number of hosting accounts have been compromised and as far as I am concerned they are also making use of other vulnerabilities in the WordPress and website structure though the main attack is reported to be a Brute Forced one.
WordPress team action at it's side:
WordPress is going to roll out a two factor verification for the login process of the CMS and it will make brute force die out completely and almost unusable against the WordPress blog. Unfortunately it's not possible to change the default login directory of the WordPress but once can change his username and password. So go for it!
Last Thursday, a Pakistani student failed to avoid the extradition from Britain to the United States over the hacking attempts allegations for helping a FBI agent. The name of the student is Usman Ehzaz who came to Britain to study in information technology and computer systems.
He was arrested at the request of US authorities after being found suspect of controlling a botnet of more than 100,000 computers without the owners knowledge whom the computers belonged to!
Court was told that Usman Ehzaz was paid by an FBI agent and was also provided by a malicious code to inject to computers. Protected computers which were infected were those belonged to the foreign commerce or used in interstate or for communication purpose. The student was paid $600 for this job and the FBI undercover agent asked him to do so as reported by Dawn News!
Over 100,000 computers were effected and 800 of them were in United States and thus Home Secretory Theresa May ordered Usman Ehzaz extraditions on allegations related to 800 US computers.
If proven guilty over there he may be imprisoned for 12 months and Ahzaz appeal to the Britain court was also rejected.
A lot of people are getting annoyed by the amount of rubbish messages they are getting just because of this SMS bombing fact. In fact I have also edited some SMS bombers and have come to know certain facts about them. Mostly, researches may vary from them but you must be aware also from what I got to you today. Many internet users just pay for these SMS bombers just to annoy someone since they have some bad intentions. Lets, see how these SMS bombers work:
Top Reasons on how these SMS bombers Work:
- Mostly Mobile Sites offer some subscription service from their websites and user just has to input his mobile number there, After that an automated confirmation message is sent to user’s cell phone. Any bad minded guy can easily exploit this easily by just tempering the page requests to the server and by understanding the mechanism on how it works to process the entered number.
- A paid SMS bomber can also use some online SMS sending service, there are a lot paid services available which can be used to send as many texts as you want. But such SMS bombers are never free ones, Such SMS bombers can also have spoofing feature.
Thus, An SMS bomber takes the mobile number of the victim as the input and then forwards that to specific website which then send automated message to the victim’s number.
SMS bomber makes this process to repeat at a rate of thousands of time. And victim mind just blows off and he turns off his mobile.
How to prevent such SMS bombers to be fully functional:
- This part is for websites admin who offer sms services, It would be better to use some captcha as per security reasons. I know captcha can also be bypassed but still its better than nothing.
- Not more than 10 messages should be sent by the website again and again to same number. Within 24 hours, Some filtering techniques should be implemented.
I am here this week with a new trick as lots of android smart phone users are complaining about that blocked market for the country restricted users. I personally tried this way and this worked well too! I know you all may be well aware that you can easily enable the access to country restricted market using some third party application but the users are complaining that even these third party application after emulating the sim to another USA carrier doesn’t work well. I had to sort out a solution because last day I just installed Cyanogen Mod and after the flash of Gaps I couldn’t do successful emulation to enable every content of the market for my country. So, I tried every way cleared the cache and emulated every sim but I failed. I was able to reach to application e-g Google Voice Search but was unable to download that, Following was the error on clicking download:-
This Application can’t be downloaded in your country, and So what, I don’t remember it much
Procedure I tried to Unblock the Applications which are country restricted to USA only:-
- Download any third party SIM emulator like MarketAccess, Market Enabler etc. Try Googling I can’t give link here without the developer permission If you need help ask in comment will email you!
- After that downgrade your upgraded market in case if your ROM had old Google Market when installed/Flashed, Here I am assuming that you had previous version of Market before Upgrading to newer Google Play So in this Case go to Manage Applications and Simply select Google Play and uninstall any updates from there, It will be reverted back to Android Market.
- Emulate your Sim using the above mentioned program in first step and Search any country restricted application like Google Maps and try Installing. It will take much time and after couple of minutes download will start
- Incase, You have preinstalled Google Play when you purchased a phone with latest ICS release, then please uninstall that using Titanium Backup and then drop comment here, to get the link for Old Market for Android. Well, Ok one link is being posted here, Cheers Download it and Install it and then emulate the Sim and woa, Its Woking…!
Download Attached File (You May Need to Skip Add From Top Right Corner)
Hello All! Hoping that you all will be fine because I am posting an update for Hackers Thirst after a long time; I read some emails too but not the all and will review emails soon and you will listen to my replies too. Well; this update as the title shows is about the two things one is about this that Hackers Thirst will no longer support the cracked versions of software and also I being admin of this blog will mainly concentrate on the open source and latest techy updates. Second news is this that Hackers Thirst is going under some maintenance and load time has been greatly reduced, All this will be finished in a couple of days or more. So; basically I am here with two main things :-
Concentrating on Following things only:-
Open Source Content will be supported not the cracked versions of software. Previous any promoted crack has been disabled by me because of some complaints, Since We people were never involved in there generation therefore we were urged to let them be disabled for the public use and I did this.
Rest content will be generated as published earlier and I shall make it possible for everyone to learn new things and to keep themselves save from attacks of outside evil world being master in computer usage.
Hackers Thirst is under Construction:-
Well, the second important notification is this that Hackers Thirst is under maintenance and its regular maintenance schedule part, For more than a year I didn’t care much for the load time and the rest of things but now I thought that it’s the time that speed of loading pages plus a clean look is needed to be done with this site, So! I am here with some changed look and please, Drop down comments below about these changes…!
Bought an Android smart phone and don't know the difference between a company modded ROM and a custom Rooted ROM. Well, I am here to let you get information on a custom ROM; maintained by team Cyanogen. It always depends on you that whether you use a custom ROM after rooting your android phone, Or else you are lazy enough to prefer a company modded ROM. Likely, I accept the fact that in company modded ROM some features may take the whole game i-e can be much good as compared to cyanogen, but if you are advanced user and like to customize the phone the way you want, then use cyanogen ROM. Let me explain some facts of this Good Modded ROM.
This ROM is much customize-able, you can do whatever you want with your phone, It comes pre-installed with ADW Launcher which works super fast with it, You can have a dock placed at the home screen, Can have a transparent Application drawer on clicking the menu button and can even have some transparent notification place. You can MOD the phone the way you want. If your phone has some LED lights, this cyanogen gives you the way to mode them too. You can change when those lights should function. Now you can think that all this can be done in Stock ROMS too, But surely that stock ROM gonna be slow after having installed ADW Laucnher, except that built in interface, but cyanogen doesn't slow down.
Home screen swap transition effects can be modified the way you like.
Unlike those 500MB stock ROMS, this 100MB cyanogen, works like a charm, I first installed this in my HTC phone and when I swapped the home screen, and typed some text notes, I wondered its much faster than that stock ROM. If you are regular user of Stock ROM then after getting this custom ROM installed you will surely feel the speed differences.
Gestures For the Home Screen:
You can easily add some gestures for the home screen, Likely you can add any pattern and can link that pattern to the custom application which you want to be launched upon repeating the pattern at the locked screen, No need to unlock just make a custom pattern and make that pattern on the lock screen and WOA! That application linked blazes to come to screen and start working like charm.
To add a gesture just go to Settings>>CyanogenMod Settings>>LockScreen Gestures and add any application with the required gesture you build.
Screen Rotation Extent:
You are able to rotate your screen using the sensor at any angle you need, Its the option under the CyanogenMod settings under Display and using the sensor you can get the required results, Like the screen can be rotated even at the home screen unlike stock Rom.
Sufficient Theme Repository:
Under the CyanogenMod there is absolutely sufficient theme repository. After getting the Mod installed just attach your Google account with your phone and then search the keyword "cm7 theme" and you are done there will be many themes for cm7 I am using cyanogenMod seven as the reference because latest stable release is at 7 version. Plus, in-order to get the skins for the launcher like your home screen and the application drawer cyanogen uses ADW Launcher and you can search at market (Google Play)for ADW skins, Keep searching on and you will get the good stuff.
Rooted ROM Advantage:
This ROM has full features to get advantage of the rooted phone, you can customize the phone the way you want and it can give you pretty results, I will show you in the next upcoming posts that how can you customize it better in a rooted way ;).
Have you installed any application? and don't want that application to be spyware then cyanogen is the right choice for you, because you can revoke any application permission with your own desire, Just to have some more security this is the best feature, To enable this go to Setting>>CyanogenMod Settings>>Application Setting and Tick Permission Management. After that go to application management from your device and below the application management after opening specific application you can edit the permissions.
Overclocking the CPU:
In cyanogenMod you can over-clock your cpu without using the third party application like setcpu etc. You can easily setup the maximum and minimum CPU frequency and keep in mind that you may not set wrong values or much high which may be bad for your phone. Do some Google searches for your mobile to get the best values for your mobile. For this go to >> Setting >> CyanogenMod Settings and Performance.
This was just a review on my personal basis because I used this ROM and found it to be good. You should also share your views in the comments, Plus tweaks for Cyanogen ROM will be posted soon.
This must be the holy grail of hacking: a cheap, do-it-yourself flying drone that can break into Wi-Fi networks and turn computers into zombies that can be controlled remotely. The coolest part for evildoers: it makes the hacking untraceable.
The SkyNET drone is a modified $300 Parrot quadcopter with a Linux computer, 3G card, a GPS unit and two Wi-Fi cards.
How It works:
Controlled by a botmaster using 3G, the drone or group of drones fly over any urban area looking for Wi-FI networks. As they find them, they automatically try to break in. Once they get inside the network, it searches for personal computers that can be compromised. Any computer that falls to the attack gets turned into a zombie without the user ever knowing it.
After the infection process, the hackers can easily control the zombies remotely through the Wi-Fi drone-to-host connection. The zombies can be used to perform any attack through their internet connections, receiving commands from SkyNET but with no traceable internet ties to the hacker botmaster:
Subsequent drone ﬂights are used to issue command and control without ever linking the botmaster to the botnet via the Internet. Reverse engineering the botnet, or enumerating the bots, does not reveal the identity of the botmaster.
It's a perfect idea. Total cost: a mere $600. Anyone can easily build a complete fleet of these.
Chrome is one of the fastest available borwser but unfortunately if you are using linux as a root user then you are not able to run chrome after the installation as a root user. Here, I shall let you know that how can you make chrome install in Linux and can run it as root. Even in Backtrack 5.
Installing Chrome in Linux (Backtrack, Fedora, Ubuntu):-
- Download the chrome Package, Latest on from here.
- Download the debian package according to your system. Whether its 32bit or 64bit choose in accordance to them.
- Suppose its downloaded to Downloads (There after downloading rename the dowloaded file as chrome.deb). Open the terminal. Write following commands:- 1- cd /root/Downloads 2- dpkg -i chrome.deb
- It will be installed now. If you are using as root then under terminal type google-chrome and hit enter. You will see an error that you are logged in as root unable to start Google Chrome.
Making it Run under the Root:-
Go to terminal. Type:- 1- gedit /usr/bin/google-chrome 2- Gedit window will popup. In the end line with a space write :- --user-data-dir and click save. You are done. Run chrome and it will flare up like a fire. See image below that how I wrote this trick line in the end.
At daily basis a large number of the common internet users get hacked and become a victim of the cyber frauds. They become victim of such attacks because of the fact that they even don’t know about the word “Security”. There systems are majorly not up to date in order to meet the recommended requirements for security. As a result due to many weaknesses present in there system these are easily exploitable without any warning. I am publishing this article to help you let you know that how can you make your self more and more secure. It would not be the end there will be surely many more other ways to help you make your system more secure but once you get to the proper line you will be able to identify the frauds just at your own. I have already published many articles to let you know about the dark aspect of the technology. The Hacking! if you are a regular reader than you might be well aware of many facts already. What I'll share today is the basics tips and tricks to ensure maximum security. There may be many further articles related to this section. So, better subscribe to Us.
1- Ensuring proper Viral Protection:-
Without a proper viral protection environment you are probably the victim of the latest viruses which may take your computer at the edge of the death. These viruses are often very harmful and are able to convert your smart available data in junked one. Without much effort. You should use a better antivirus program to ensure a maximum security against the viruses. Before buying a good antivirus you must check that! A good antivirus must have :-
- Real Time Scanning for Threats
- Real Time Web URL’s Scanning
- Real Time Updates from the server for the new viruses
- A Real time functional Firewall to monitor any kind of IP attacks and On-going and ingoing traffic
- Real Time protection against all the viruses and phishing pages. In short a Web Protection Tool kit must be present.
Try Using Nod 32 Or Eset Smart Security! Get one working here!
2- Making Use of Virtual Safe Environment to Access Viral and Infected Files:-
Sometimes we are forced to check some infected executable files. Here comes into play a Virtual Machine which will help you a lot in checking those infected files without infecting your real system and the Windows or OS under the use. I have posted some articles to install any OS under virtual environment. The theme is this that you can install “Virtual Box” or “VM Player” to use virtual Hard Disks and Virtual OS installed on them. So, After installing you can download any doubted file and can run that for inspection on the Virtual Machine. Lets, suppose that’s a keylogger, then a antivirus program will popup to help you out. Or else if you have run it, then go to processes and check any additional logging processes which can be associated to key logging feature on your machine. For processes open Task Manager. On upper Tabs the second tab is for process list. Read this article also:-
3- Make your USB or Removable Media Virus Proof:-
You can always make your USB drive or Removable Media auto immune from the viruses. The most viruses come into play because of the fact that a single USB often gets attached to a large number of the computers because of the portability factor. So, system wide usage makes it full of virus sometimes and plugging that USB into a clean computer makes that affected also. Read this post to make your USB secure:-
USB IS INFECTED! I NEED IMPORTANT DATA! Now?
The best available option is to make a Live Linux USB and then booting your computer from that after that plug in the viral USB which is suspected to have some Windows OS viruses. And get to the detailed listing mode i-e in which the file types is also shown. Keep the following points in mind (Press ctrl+H in Linux to get the hidden files also):-
- Folders shown with .exe Extension should be ignored.
- Any small File which is in hidden mode and appears to be in .exe format and .bat ones should also be ignored.
- Don’t forget to check the autorun.ini file which will give you the information that which files should be executed on plugging in the USB
- The music files and Images in most cases are safe from the viruses. Keep them under white list!
- The software setup’s in more cases get infected. So, keep them at risk and don’t execute them under the Windows without scanning with a proper antivirus
- If you can’t find any data. Then you can recover deleted or formatted USB data also. I shall post a tutorial on how to recover data using Linux and Windows.
4- Visiting the Sites safely as much as possible:-
Often times Hackers lay down a trap to hack people innocent like you. But you don’t get what's going to happen with you and thus you become an easy victim. You might have read about the botnet as I have already posted. Now, a hacker makes you slave with many techniques present or many techniques hidden too which just a sharp mind can think or invent. We call these all techniques social engineering.
Hacker! Making you a Victim:-
Often you visit any site and there you see images which are quite tempting for you and are offer giving images to earn more from the internet quickly! Now the fact is this that we can only earn a right income just by doing hard work. Now, lets suppose antivirus program isn’t installed so you click that images. You are headed to some destination or else a file is downloaded! Suppose the first case and then you are headed to a simply designed page there a PDF is provided in which ways are written to help you earn money. But wait! Install a proper antivirus and then download that PDF. Because there may be a keylogger attached to it or some kind of RAT.
Note:- You should be concerned about downloading anonymous and promising PDF’s or files which you may think that these may be affected with viruses. So, it’s a good choice to install a better antivirus if that’s not that case that,virus isn’t encrypted to bypass the antivirus so a better antivirus is always suggested. Plus! Subscribes to us to get all the latest updates on scam and spams.
Rest information will be posted soon! To help you make safe over this unsafe internet. As I say! Learn to make things secure! Comment below and let me know about your suggestions.