Breaking News
Loading...
  • New Movies
  • Recent Games
  • Tech Review

Tab 1 Top Area

Tech News

Game Reviews

Recent Post

Monday, January 30, 2012
SP Toolkit - Open Source Phishing Education Toolkit

SP Toolkit - Open Source Phishing Education Toolkit



SP+Toolkit+-+Open+Source+Phishing+Education+Toolkit


A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with most securi
ty tools, this one could be abused by miscreants to launch malicious attacks.


The spt project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Organizations spend billions of dollars annually in an effort to safeguard information systems, but spend little to nothing on the under trained and susceptible minds that operate these systems, thus rendering most technical protections instantly ineffective. A simple, targeted link is all it takes to bypass the most advanced security protections. The link is clicked, the deed is done.spt was developed from the ground up to provide a simple and easy to use framework to identify your weakest links so that you can patch the human vulnerability. If the spt project sounds interesting to you, please consider downloading it for evaluation in your own organization. Feedback is welcomed and always appreciated.

Self-extracting archive (SFX) as Creative Virus Handler

Self-extracting archive (SFX) as Creative Virus Handler



Jack-in-the-box_kookie


Yesterday I Found and interesting article about "Self-extracting archive (SFX)" on Unremote.org by DarkCoderSc. SFX is a little application that contains compressed files. Creating a customized WinRAR SFX archives is a very easy task, but not all people know how to do it.  It is therefore exactly the same as a .ZIP or .RAR archive. The only difference is that, when you execute it, will automatically extract the files. However, if you add some parameters, you can execute them after extraction or execute a shell command before extraction. So this feature can be used as good virus handler. Let's See how?

DarkCoderSc shared his experience with us using a Video Demonstration as shown Below.
  • Start up the WinRAR application; click ‘Browse for folder’ under the ‘File’ menu and browse to the location of the file.
  • With the file highlighted, clicking on the ‘Add’ button will kickoff the archiving process and selecting the ‘Create SFX archive’ option will give the file its self-extracting feature.
  • Under the ‘Advanced’ tab and clicking on the ‘SFX options’ button, where we can now configure our ‘Advanced SFX options’.
  • In the first input field you can add a file name that already exist on the current drive or one of the extracted files to execute after the extraction. 
image008
  • In the second input field you can add a file name that already exist in the current drive to execute before the extraction.
PART 1: Run Basic Windows Shell Commands using SFX:
Example 1: %SYSTEMDRIVE%\windows\system32\cmd.exe /k shutdown -s -f -t 3600
In the first input enter this command if we generate the SFX package and run it after the extraction we see a DOS window and a windows notification saying our computer will shutdown in 1 hour.

Example 2: %SYSTEMDRIVE%\windows\notepad.exe c:\atextfile.txt
You can do this with any other present application on the system such as opening a notepad file.

Example 3: %SYSTEMDRIVE%\Program Files\Internet Explorer\iexplore.exe http://unremote.org/
Opening a webpage using Internet Explorer

PART 2: Run Advance Tricky Commands using SFX
Using only a little .dll in the SFX package attacker can download and execute an application on victim's system that can or cannot be a virus and For this we just required "Rundll32 Microsoft application" and "FASM (Flat Assembler) Compiler".

Now Create a new folder and a new file called ourdll.asm when its done open this file in FASM and pastethis code in the file. Edit the path to Files in sample Code for personal Usage.
Now in the menu bar click on “Run” >> “Compile”. Our dll is ready now, Let's create our SFX file downloader .
Sans-titre-4

You need to follow the next steps:
- Right click on the dll and click on “Add to archive” << WinRAR explorer option
- Choose SFX package in the options list
- Go to Advanced Settings tab
- Click on SFX Settings button
- In extract to input add this line - "%APPDATA%\dcsc\ourdll.dll"
- In the first input parameter enter this line
%SYSTEMDRIVE%\windows\system32\rundll32.exe %APPDATA%\dcsc\ourdll.dll, dcscdownload

Now we can generate our archive, if we have correctly setup the SFX, then it will download and execute the chosen file after the full extractions.

PART 3: SFX as System Killer
The SFX manager includes two other dangerous functions (Run as administrator and Delete files after extraction). The option Run as administrator will ask to run it as admin, so the SFX will have all the rights on the system and, after extraction, the delete files will be usefull to do harmful things in the system.

To Get the Steps of this Method, You should Read the Original Article Written By Unremote.org.
Your Android really needs Antivirus Security ?

Your Android really needs Antivirus Security ?



Untitled-1

Why shouldn't you protect your Android phone? Why to use an Antivirus for your Android? So that users can protect their devices from trojans, viruses, spyware, and other types of malware. Most people carry a lot of sensitive data on their phones. Recently an SMS Trojan horse posing as a media player began infecting Android phones on Russian networks. Once the victim installed the malicious app, it began sending text messages to premium numbers, leaving the user with a huge phone bill.

Also Security researchers from Kaspersky Labs have intercepted a scareware variant targeting Android users, distributed as an Opera Virus Scanner. If the user clicks on the link, they’ll be asked to download VirusScanner.apk, which is currently detected as Trojan-SMS.AndroidOS.Scavir. If the user is using a non-Android device, they’ll be asked to download VirusScanner.jar currently detected as Trojan-SMS.J2ME.Agent.ij.

With this in mind we at The Hacker News have list down the top 5 antivirus apps for Android phones:

1.) Lookout Security & Antivirus: Lookout Security & Antivirus is arguably the most popular security and anti-virus for Android around. A free account lets you scan your phone for malware, back up and restore your data online, and use GPS to locate your phone should it ever get lost or stolen. [Get This]
2.) Avast Free Mobile Security: Avast Free Mobile Security supports a number of features that are usually available only in paid-for Android security software. These include privacy reports, call and SMS filtering, SIM-card change notifications, firewall and application management. [Get This]
3.) Kaspersky Mobile Security: Kaspersky Lab released a free security application to keep your contacts, email and banking information from falling into the wrong hands. Kaspersky Mobile Security Lite can also remotely delete all personal data from the device including contacts, addresses, calendars, text messages and email preventing sensitive information from being illegally used or stolen. [Get This]
4.) Norton Mobile Security Beta: Norton lends its anti-malware, anti virus, and security expertise to mobile. Smartphones hold a lot of valuable data: Text messages, e-mail, and even credit card numbers can reside on the device, where they're easily accessed. [Get This]
5.) Mobile Security 6.0: NQ Mobile released Mobile Security 6.0 for Android as a free download. It etects and deletes viruses, malicious URLs, and other threats before you even know they exist with newly enhanced features including GPS-based anti-loss/theft features, backup and restore tools for your contacts, complete privacy protection, traffic monitoring, and more. [Get This]

Perhaps it’s the 90’s and 80’s mindset that has us still thinking that cell phones are dumb single purpose devices, that causes us to not care about the security of our mobile devices.A wake up call to just how vulnerable cell phones are was recently raised when Google had to remove about 21 malicious apps from the market that were found to be nabbing user’s data. Go ! Get one Best Security Product for your Android from above list, If you really love your Phone ;-) 
Hackers selling cheap BOTNETs and DDOS on forums

Hackers selling cheap BOTNETs and DDOS on forums



Untitled
The Internet has revolutionized shopping around the world. Security researchers F-Secure reported recently in a post that hackers are Selling Cheap DDOS services on Various Forums. Hackers are offering services like distributed denial of service attacks (DDoS), which can be used to knock website offline in just 1 - 2 hours / 2$ per hour. They Posted a Youtube Video in which a young woman advertises DDoS services.

"We are here to provide you a cheap professional ddos service.We can hit most large websites/forums game servers.We will test the website/server before accepting your money.Due to the nature of the business we dont offer refunds." Offer said.
Untitled
There is another Interesting Hacker's Shop ! Moreover, for their assaults, the hackers chiefly utilize botnets, while ignorant operators of computers remain unaware that they've gotten contaminated with malware as also being controlled remotely.

"Do you want to be king of the internet? If your answer is yes, then you are in the true place. All of programs has been made by professional coders." This website selling Local Botnet, Irc Botnet, Web Botnet and Keyloggers at 59$ only. 
FreeDOS 1.1 released after being in development for several years

FreeDOS 1.1 released after being in development for several years



tumblr_lo6jwgMtdD1qk2gno

FreeDOS 1.1 has been released after being in development for several years. FreeDOS is an opensource operating system aiming to provide the same (or better) functionality as Microsoft'sold MS-DOS. Right now the main use is running old games and software, but you might encounter it on somefreshly sold computers, motherboard setup CDs, BIOS flashing diskettes, embedded hardware and other uses.

Bernd Blaauw has been hard at work, updating FreeDOS distribution to include the latest packages. Bernd writes: "In its current form this new distribution is best suited as a CD-ROM disk to install FreeDOS from onto harddisk. Sources are included. It might be considered as replacement for the current 'base-only' 1.0 distributions as created by Blair and Jeremy, however it's less functional as it's missing the Live Environment part (\FDOS directory on CD)."


New Version include the FreeDOS 2040 kernel, a new suite of high-performance TCP/IP x86 applications, initial USB UHCI controller support, a new install menu from the CD, a universal BIOS back-up program (FlashROM), updated memory drivers, limited USB flash disk support, and many program updates.

Hackers leak the Source Code for Symantec Product

Hackers leak the Source Code for Symantec Product



bitpix-symantec-hq1-tmagArticle
A group calling itself the Lords of Dharmaraja posted an Adobe document online Wednesday that it claimed was a glimpse of the source code for the internet security software. But Symantec spokesman Cris Paden said "no source code was disclosed" in the post, which was a 12-year-old document describing how the software worked, but not the code. Paden said Symantec continues to investigate the hackers' claim that they have source code.

But now Symantec, the makers of Norton AntiVirus, has confirmed that a hacking group has gained access to some of the security product's source code.
"Symantec can confirm that a segment of its source code has been accessed. Symantec’s own network was not breached, but rather that of a third party entity.We are still gathering information on the details and are not in a position to provide specifics on the third party involved.Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time."
nav-file-list
In a post to the site Pastebin, the hackers maintain they discovered the information in a hack of India's military computer network. The group claims to have found source code "of a dozen software companies" which have signed agreements to share code with Indian intelligence agencies.

After preliminary analysis appeared to contain source code for the 2006 version of Symantec's Norton antivirus product. Though the code is for an older version of the Norton antivirus product, the impact of the exposure is still as of yet undetermined. Symantec officials have indicated they will be providing more information as they continue their investigation, and certainly more will be known if the entirety of the compromised data YamaTough claims to be in possession of is finally released to the public as has been threatened.
BackBox Linux 2.01 released

BackBox Linux 2.01 released





308702_305023482860797_100000594430765_1102088_1525110580_n
The BackBox team is proud to announce the release 2.01 of BackBox Linux.The new release include features such as Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. The ISO images (32bit & 64bit) can be downloaded from the following location: http://www.backbox.org/downloads
What's new
  • System upgrade
  • Performance boost
  • New look
  • Improved start menu
Bug corrections
  • New sections such as Forensic Analysis, Documentation & Reporting and Reverse Engineering
  • New Hacking tools and updated tools such as dradis 2.8, ettercap 0.7.4.2, john 1.7.8, metasploit 4.2, nmap 5.51, set 2.5.2, sleuthkit 3.2.1, w3af 1.0, weevely 0.5, wireshark 1.6.3, etc.
System requirements
  • 32-bit or 64-bit processor
  • 256 MB of system memory (RAM)
  • 4.4 GB of disk space for installation
  • Graphics card capable of 800×600 resolution
  • DVD-ROM drive or USB port
Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool

Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool



GFI-LG-Main


I’m a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors
I have connected the more things I can do in parallel, and I can bounce back and forth between tasks, given that no one interrupts me. When I find an application that can do more than one thing for me, I become very interested, and when it can do three things well, I have myself a winner! GFI LanGuard is just that; a winner, that multitasks for me by providing patch management, network security, and vulnerability scanning into a unified application which makes my network maintenance tasks quick and easy. The latest version was released just a few weeks ago so I decided to take the app out for a spin, really kick the tires, and see what it has to offer. I’ll rate each area on a ten point scale, where high scores are better. Here’s how my test drive went.

0-60 in an instant
The 124MB download came down in an instant, and my trial key was in my inbox before the download was done. GFI LanGuard uses the .NET Framework 3.5 SP1, which it will prompt you to install (along with the Windows Installer 3.1 and MDAC 2.0) if not already present. Beyond that it’s only a couple of clicks and couple of minutes to have up and running. The trial lets you scan up to five ip.addrs during the 30 day evaluation period. Since scanning for and installing patches are things that require an admin account, you should have a service account with admin rights ready to go before you begin the install. I didn’t, but that was an easy fix. For ease of install and setup I give GFI LanGuard 9 out of 10.

Ride and handling
Post install the product offers to launch the management console, and starts a scan of the local system.
Untitled

As you can see, it offers short cuts to a dashboard, a place to remediate issues, agent management, and scanning. Clicking on View details revealed some surprising information about the host I just built and patched up to host this app, and Windows Updates showed no missing patches.
Untitled

But seeing six missing patches, I reran Windows Updates and sure enough, it found the missing patches. This could have just been a matter of timing, and the server might have updated itself this evening, but I would have signed off that the server was fully patched, and obviously it wasn’t.

The two high-security vulnerabilities flagged were a lack of antivirus software, and Windows Defender was also out of date. I clicked on the scan tab, and chose to let it go out and scan my network for other systems. It found them all within a few seconds. With a total of five machines permitted in the evaluation, I decided to add two servers and two workstations from my network. I went with the manual add since I have many more than that, but options included automatically scanning the network, and importing from a list. It’s good to have options.
Untitled

The scan completed and reported the status on all of the machines, including missing patches, running software, open ports, etc.

GFI LanGuard can assess and remediate machines using an account with administrator privileges, but scans must run each time a machine is checked. You also have the option of deploying agents to managed machines, which run in the background and report system status up to the management console. This is optional, but makes checking the status of a machine faster.

Scanning does take a while. The initial scan of my five machines took almost 30 minutes. While two of the clients were on wireless, and the scanning host is a VM, I think an initial scan of a larger network could be a weekend long event or more. Pushing agents first might have been the better choice. For getting the application up and running, I give it another 9 out of 10.

Performance in the curves
Scans are a great way to go, but the real strengths show in remediation. GFI LanGuard offers several great ways to push out and roll back patches and applications. Check out the list below.
Untitled

Testing patches is critical, but sometime you won’t find an issue until a patch or update has been pushed out to clients. One of the most important parts of any patching application is the ability roll back patches, and GFI LanGuard can uninstall patches, service packs, and applications.

I pushed out patches to the Windows 7 workstations for December’s updates, and then uninstalled two of them just to try it out. Installs and uninstalls both worked smoothly, prompting the user for the required reboots each patch needed but otherwise running behind the scenes and out of sight to the user.

The straightaways
I was delighted to find that GFI LanGuard can deploy software as well. I expected it could push patches and updates, but new apps are like finding a turbo-charged 3 liter when you were expecting only a 4 cylinder 1.6. I tested this out by pushing PSPad to a workstation and it worked flawlessly. Check out the options for deployment.
Untitled
Applications can be deployed with or without switches, but configuration files (called auxiliary files) can be pushed out to clients without installation.
Untitled
Users can be warned before the install begins using custom messages.
Untitled

Post installation requirements are covered too. Letting the user decide includes setting a message.

Overall, the ability to manage software beyond patches and service packs makes GFI LanGuard a very powerful and useful addition to your network management toolset.

What about the data
GFI LanGuard offers full reporting that would satisfy the most data hungry managers. There are reports for vulnerabilities, software audits, baselines, and more. Here’s a quick snap of what you can do.
Untitled

Here’s a peek at the security overview for one of my servers. Notice that all patches and service packs are good to go, but that doesn’t mean there aren’t issues. Looks like my Wireshark install needs some attention.
Untitled

Managers may like reports, but I love data that I can act on, and being able to see out-of-date third party applications gives me something real information so I can start assigning tasks. This earns 10 out of 10 in my book.

In conclusion
GFI LanGuard is a worthy application and deserves a place of honor in your application suite. With the ability to patch software, update applications, generate reports, and run security vulnerability scans, this application has something to offer everyone; network and server admins, workstation support, application support, and information security personnel too. Earning an overall nine out of ten for performance, functionality, and usefulness, GFI LanGuard will be the next software purchase for my network.

Save this Page

Copyright © 2012 Checkzx All Right Reserved
Designed by CBTblogger