 |
 |
|
|
| |
| |
| |
|
Statistics |
| Unique Visitors: 0 |
| Total Unique Visitors: 14018859 |
| Visitors Out: 367 |
| Total Visitors Out: 7590 |
|
|
|
| |
|
|
| |
|
| How To Deal With Insider Threats? |
| 2012-01-23 14:43:00 |
The biggest threats to IT security don’t originate from outside a company. Employees, contractors, and business partners on the inside pose a far greater security risk. As long as your current or former staff and associates have access to your internal network, you are vulnerable to a security breach.
Here’s how to deal with the real and significant threat of attack from insiders, and avoid the widespread damage they can unleash on your company’s finances and reputation.
First: Assess the Risk
For most firms, implementing full protection against every possible threat is not feasible. It makes more sense to assess the risk, determining which data is critical and which is relatively unimportant. Protect critical resources first.
Next, decide who needs access to the network. Make sure that individuals such as partners, suppliers and contractors have access only to the information they need to serve your company or customers.
The third step in assessing risk is determining who ...
|
| |
|
| Hack Facebook Account Status - Facebook Status Vulnerability |
| 2012-01-20 10:23:00 |
We have already disscussed alot about "How To Hack Facebook Passwords" in my article Top 10 Ways How Hackers Can Hack Facebook Accounts In 2011. However in this article I will talk about a common vulnerablility which can be used by hackers to hack a facebook account status. Before I proceed with this article I would like to mention it clearly that every thing explained here is for educational purposes only. Our mission is not to encourage people to hack facebook accounts, However we want to raise awareness among people regarding latest internet security threats.
Facebook Account Status Hack - Methodology
There are tons of Facebook users who use a feature called facebook text in order to update a facebook status. If you have enabled this feature all you need to do in order to update your status is to type in your status and send it to "923223265".
However the idea behind this facebook Account status hack is to send a fake sms from your friend's number, therefore the facebook will th...
|
| |
|
| Wordpress Plugin Easy Comment Uploads Vulnerability - Thousands Of Websites Vulnerable |
| 2012-01-19 16:31:00 |
Wordpress as you might know is one of the most widely used blogging platforms, As a reason of which it has became the favorite target of hackers. Wordpress itself is quite secure, however the plugins make it unsecure resulting in hack attacks, data loss etc, when they are created the developers do not think of the security or do not know how to write the secure code, hence skipping lots of necessary checks making the plugins vulnerable to attacks like SQLInjetion, Remote File inclusion etc.
One of those popular vulnerable plugin is Easy Comment Upload plugin, The version 0.61 and prior versions are affected with Arbitrary File Upload Vulnerability. The plugin fails to check the upload file type as a reason of which it can be exploited by uploading a Phtml file.
There are thousands of wordpress blogs still vulnerable to this attack. The vulnerability can be fixed by updating the wordpress easy comments plugin to version 0.71.
If you want to know more about Protecting your wo...
|
| |
|
| Which Programming To Learn For Hacking? |
| 2012-01-18 09:01:00 |
Having the prior knowledge of programming is something which will separate you from all the other script kiddes( Wanna be hackers) and other tool lovers out there, Lots of times during penetration tests you come across a point where you need to write or build your own custom scripts and programs this is where the knowledge of programming comes handy.
The other and by the far the most important advantage of programming is that you will be able to understand exploit codes and even learn to write them too, Though there are softwares which have made the process of exploit writing much simpler, but you still need to have a solid grasp of programming languages in order to know how the exploits work.
Now that you have understood the importance of learning programming languages, You might be ...
|
| |
|
| Winners Announced - December 2011 Contest |
| 2012-01-08 11:28:00 |
It's finally time to announce winners for My "elearnSecurity Penetration testing course", First of all I would like to thank all the people who participated in the contest, Secondly I would like to inform you that the winners were not picked by me, They were picked by elearnsecurity team. We also received some private entries from people who were not interested in revealing their email addresses through the comments section.
Here were the rules of the contest:
[First Prize] The person with the most number of shares and the most impressive answer to the above question will win the first prize of penetration testing pro course.
[Second Prize] The person with the second most number of shares and an impressive answer to the question will win
Note: The answer carries more weight than your shares, which means that if you have the most shares and not a very impressive answer, You may move to the second and third positio...
|
| |
|
| Facebook Hacked: A Worm Steals More Than 45k Passwords |
| 2012-01-07 04:02:00 |
Facebook as you might know has been a victim of malware attacks and hoaxes for a large span of time now, It seems that facebook has been unsuccessful to stop these kind of attacks. A famous worm called Ramnit worm has been actively found in the facebook environment. It is reported by Symantec that this worm is responsible for the theft of more than 45k passwords.
According to Cyberthreat management site Seculert, most of the stolen credentials were from US, UK and France, Furthermore they have added that over the of these stolen logins were invalid and many of them have reacted correctly by changing their username and passwords.
Bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks
...
|
| |
|
| Hashing Denial-Of-Service Attack Leaves More Than Half Of The Internet Vulnerable |
| 2011-12-31 03:37:00 |
A recent research Alexander “alech” Klink and Julian “zeri” Wälde shows that more than half of Internet is vulnerable to Hashing Denial of service vulnerability. The HDOS vulnerability exploits the hash tables consuming more than 99% of the CPU usage hence causing a Denial of service attack.
The security researchers demonstrated the HDOS vulnerability at 28th Chaos Communication Congress security conference in Berlin, Germany, Earth, Milky Way. The talk was titled as "Efficient Denial of Service Attacks on Web Application Platforms". The reaserch shows that most of the web programming languages including PHP, ASP.NET, Java, Python, Ruby, Apache Tomcat (The list goes on and on) are vulnerable to the HDOS vulnerability
PHP 5, Java, ASP.NET as well as V8 are fully vulner...
|
| |
|
| December 2011 Contest Sponsor For RHA - elearnSecurity |
| 2011-12-19 13:10:00 |
Win 1400$ Worth Of Ethical Hacking Trainings - Contest For December
Due to a tremendous response of readers and huge number of participants of the last contest "Vote for RHA and Win Facebook Hacking Course", we decided to setup another contest for RHA readers. We have partnered with ElearnSecurity.net and arranged a contest for our readers, The winners will be handed over with prizes worth up to 1400$.
RewardsBefore we inform you about the Contest participation details, We would like you to know about the rewards and prizes which the winners will get their hands On.
[1ST PRIZE] Pentesting Pro Course [Worth 600$]
Pentesting PRO course is developed for ones who have some knowledge related to Ethical hacking and Penetration testing but would like to take their knowledge to the next level. In order to understand what's inside the Pentesting PRO course, I have conducted a short interview with the lead Instructor Mr.Armando.
What's the main difference b/w The Student Course And P...
|
| |
|
| Beware! Facebook Scam "Yeahh!! It happens on Live Television!" |
| 2011-12-13 09:48:00 |
we recently covered about a facebook worm which targeted a whole lot of facebook users. It's really sad to see that these types of scams keep growing and facebook hasn't really been able to successfully give protection to their users from such scams.
A new bloke in the list "Yeahh!! It happens on Live Television!", the most viral one yet, is spreading like a wildfire among facebook users.
The following status on one of my friend's wall bought my attention first towards this scam:
Yeahh!! It happens on Live Television![LINK] Lol Checkout this video its very embracing moment for herThe lady is the above screen shot is Marika Fruscio an Italian Model, She had Wardrobe malfunction (Accidental exposure of intimate parts) on a live TV show, which is what the scam refers to.
On clicking the link, Facebook users are directed to the folllowing page:
In order to play the video the user has to click the button "jaa", which appears as an age verification system required in or...
|
| |
|
| Elearn Security Beginners Course For Penetration Testers |
| 2011-12-02 08:32:00 |
There are thousands and thousands of people who want to become a penetration testers and Ethical hackers but most of them become after spending some time researching these topics get frustrated and quit, And I don't blame them for being frustrated as there is no proper information and guidance available on the internet and if there is some it is presented in the wrong way to the beginners.
When I started got interested in this field at the age of "14", there were no proper information available on the internet, Most of them were not available for Intermediates and were mostly targeted towards those who already have prior knowledge of Hacking and Penetration testing.
All the stuff I learned was by trial and error, Experimenting and experimenting and experimenting, As I reason of which went I managed to understand the inns and outs of this field, I wrote a book "A beginners Guide To Ethical Hacking" for beginners only, but it was more focused towards Et...
|
| |
|
| |
 |
|
| |
| |
|
 |
