Thursday, 3 April 2014

Labels:

Facebook will launch drones and satellites

Posted by Surgical Strike at 13:01 No comments :






Facebook plans to launch a fleet of drones to out-compete the technology giant Google. In the fast growing world of IT, survival of companies depends upon the number of followers and customers. 
In a bid to increase Facebook users, the CEO Mark Zuker berg has announced in a blog post that the company has planned to launch drones which will provide the remote areas, especially of third world countries, with hassle free internet access. 
Apparently this has been decided to out-compete Google which had launched internet balloons last year in Switzerland. Last year, Facebook and other technology companies had launched internet.org to provide internet to unprivileged masses.
 Facebook is perusing its goal of connecting over 1.2 billion people to facebook before the end of the decade. Facebook has been already working hard with multiple stakeholders around the world to increase its users. Last year Facebook had teamed up with Philippines and Paraguay to increase its users in that region. 

Yet Zuckerberg believe that increasing Facebook users will also require state of Art technology. This technology includes Drones, geosynchronous satellites and infra-laser beams to provide easy and censor-free internet access to people.

 In this regard, Facebook had hired the services of experts including a five-member team that worked at British firm Ascenta, whose founders developed the Zephyr, which holds the record for the longest-flying solar- powered unmanned aircraft. Also to bring the project to fruition, Facebook has set up a Connectivity Lab that will include experts in aerospace and communication technology, from Nasa's jet propulsion lab and its Ames research center...
Read More

Wednesday, 2 April 2014

Labels:

WinRAR File Extension Spoofing helps Hackers to Hide Malware's

Posted by Surgical Strike at 23:27 No comments :

WinRAR , a tool which is mostly used by 90% of the people around the world to compress files or to extract ZIP files which are already compressed. WinRAR is even the most famous and much popular than other tools which compress or extract ZIP files.


Imagine that you opened a RAR file which had some images or some mp3 music files but when you played or opened any single of them , it installed a malware on your system. Wouldn't that be dangerous ? Yes ! obviously it will be ! This file extension spoofing vulnerability was discovered by a Israeli security researcher Danor Cohen (An7i)






The WinRAR File Extension Spoofing was done by an Israeli security researcher , he used a hex editor in which he noted that WinRAR adds two things in an archive file , it adds first name and second name of file. First name of the file contains the name of the original file and the second name contains the file name with extension which shows in WinRAR GUI window. Danor Cohen just edited the second name to "FAX.png" as the original malware name and extension was "FAX.exe".

This helped him to get victims trapped easily as when they open any format file which is shown in WinRAR GUI window , it shows some other file extension but it runs a malware with .EXE extension and the attacker successfully gets access to the victims computer..
Read More

Monday, 31 March 2014

Labels:

Ary Digital official website got hacked

Posted by Surgical Strike at 17:22 No comments :
Official website of Ary Digital (Pakistan famous news channel) have been hacked and defaced by famous Pakistani Hacker group “Pakistan Haxor Crew”
Website was hacked by famous Pakistani Hacker “H4$N4!N H4XOR” . The reason of hacking of website is to give message.
Message :Our fight is not against any individual but the system as a whole.. Should you choose to ignore security, it will reincarnate as your worst nightmare ! We just defaced your website to give you a chance to put your hands on it before others come and destroy it

Hacked website and mirror :
Read More

Friday, 28 March 2014

Labels:

Windows XP open invitation to hacker's

Posted by Surgical Strike at 10:35 No comments :
The death of Windows XP is just days away, and experts say businesses that don’t upgrade are basically sending an open invitation to cybercriminals.
On April 8, Microsoft (MSFT, Fortune 500) will no longer provide security updates, or “patches,” for its Windows XP operating system. This means computers running on XP — and even machines like ATMs — will be largely unprotected against viruses and cyber attacks.
While Microsoft declined to disclose how many small businesses currently use Windows XP, Forrester Research estimates about 6% of companies’ PCs will still be using it by the April deadline. Experts say those are predominately small and medium-sized firms.
“A year ago, 35% of machines for our small business customers [about 1 million machines] were still on XP,” said Sergio Galindo, general manager with GFI Software, which provides IT support to small and mid-sized businesses. “I couldn’t believe it.” (That’s since dropped to about 23%.)
What does this mean for those businesses on April 9? Not a lot — at first, said Galindo. XP will keep working, and businesses that rely on it will keep functioning.
But the risks will compound over time.
It’s like expired milk,” said Galindo. “If you drink it one day after it expires, you’re OK. But after a month, the risk is exponentially greater.
The risk can’t be overstatedsaid Thomas Hansen, vice president of small and medium business at Microsoft (MSFT, Fortune 500). In fact, Microsoft’s own research has shown that Windows XP, released in 2001, is five times more susceptible to viruses and cyberattacks than Windows 8, its newest operating system.
Microsoft announced in September 2007 that it was planning to phase out Windows XP in order to give people plenty of time to prepare.
The world and technology has moved on,” said Hansen. “This is a decade-old technology that doesn’t fit in the modern world.”
Eric Marcus has seen both sides of the issue. His IT firm, Marcus Networking in Tempe, Ariz., caters to small and medium-sized businesses and has updated more than 1,400 workstations in the last five months.
He also spent $20,000 replacing 15 laptops at his own business with machines that run Windows 7.
It’s a cost he budgeted for, but many of his clients have struggled with the expense. “They have to pay for new equipment and our time. It adds up,” he said.
And some businesses, he’s discovered, run proprietary programs that are only compatible with XP.
Microsoft’s Hansen said the company is aware of that problem. “We don’t have the perfect answer yet on how to solve that situation,” he said....
Read More

Wednesday, 26 March 2014

Labels:

CASH! CASH! Hacking ATM Machines with Just a Text Message

Posted by Surgical Strike at 22:11 No comments :
Hacking ATMs with just text message

As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million ATM machines are run on it. Microsoft's decision to withdraw support for Windows XP poses critical security threat to the economic infrastructure worldwide.


MORE REASONS TO UPGRADE!!!
Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs.

"What was interesting about this variant of Ploutus was that it allowed cybercriminals to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time." researchers said.


HARDWIRED Malware for ATMs

According to researchers - In 2013, they detected a malware named Backdoor.Ploutus, installed on ATMs in Mexico, which is designed to rob a certain type of standalone ATM with just the text messages.

To install the malware into ATMs machines, hacker must connect the ATM to a mobile phone via USB tethering and then to initiate a shared Internet connection, which then can be used to send specific SMS commands to the phone attached or hardwired inside the ATM.
"Since the phone is connected to the ATM through the USB port, the phone also draws power from the connection, which charges the phone battery. As a result, the phone will remain powered up indefinitely."

HOW-TO HACK ATMs

  • Connect a mobile phone to the machine with a USB cable and install Ploutus Malware.
  • The attacker sends two SMS messages to the mobile phone inside the ATM.
    • SMS 1 contains a valid activation ID to activate the malware
    • SMS 2 contains a valid dispense command to get the money out
  • Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet.
  • Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus
  • Amount for Cash withdrawal is pre-configured inside the malware
  • Finally, the hacker can collect cash from the hacked ATM machine.
Researchers have detected few more advanced variants of this malware, some attempts to steal customer card and PIN data, while others attempt man-in-the-middle attacks.

This malware is now spreading to other countries, so you are recommended to pay extra attention and remain cautious while using an ATM....
Read More
Subscribe to: Posts ( Atom )