Give your Desktop a Mozaic Touch

Experience the Windows 8 Metro Stlye UI on your Computer

Windows 7 God Mode

Get an Advanced Control Panel in Windows7 by enabling God Mode

Download Internet Explorer 9

Enjoy The Internet in a New and Secure Way

Microsoft Office 2010 Professional Activation

Activator for Microsoft Office 2010 Professional 100% Working..!!

Flash Wallpapers for Mobile

More than 175 Flash/SWF wallpapers for Mobile with System Info

Sunday, May 29, 2011

Hackers attack on Norwegian military Computers

          The Norwegian security police is investigating a hacker attack that zoned in on military computers shortly after Norway joined the Libya air campaign in March.

           The army says about a hundred computers were targeted in the attack, where staff received a fake email from a Norwegian government agency containing a malicious code

           The unidentified hackers only managed to access non-classified information from one computer before the security systems fended them off.

           The army would not disclose more details about the type of data the hackers were trying to access.

14 - Yr Old Hacker Hired by MICROSOFT after doing phishing via Call of Duty Server !!

           These are the kinds of things dreams are made of, a 14 year old hacker on Call of Duty was just recruited by Microsoft. You heard me right, Microsoft.
 
          This is exactly what Sony should have done with George Hotz – given him a job as a security specialist, instead of suing him in court and getting its PlayStation Network and other Sony websites hacked day in and out.

           Microsoft is reported to be working with the 14-year-old Irish hacker who managed to stir up a little trouble with his Call of Duty: Modern Warfare 2 phishing scam alert. According to the managing director of Microsoft of Ireland, the company is helping the hacker “develop his talent for legitimate purposes.

           Congrats to that young hacker, whose name was not disclosed. While the new prospect for the Dublin kid is not meant to be an example for other hackers to follow, companies do have to realize that there are many talented people among hackers. Why make an enemy when you can have them on your side?

Group learns email hacking from online tutorials in 15 minutes

          Study finds that people can learn and hack email accounts by watching online tutorial.


          Email accounts face increasing threats from hackers with online tutorials making it possible for people with little technical knowledge to hack in to accounts in less than 15 minutes, according to a new study. A TV producer, a self-employed baker and a retiree learnt hacking from freely available online tutorials and hack into someone's account in about 14 minutes, The Daily Mail reported. Security company CPP conducted the study.

          The three people in the study used an online tutorial using a 'man in the middle' technique to hack into a computer network. They could crack each other's login details within minutes. The group could download hacking software and then learnt to use it to access login details and passwords for email accounts, social networking sites and online shopping accounts.

          There are over 20,000 online tutorials which teach how to hack, says CPP.

Saturday, May 28, 2011

ICC Twenty20 World Cup 2012 website Hacked !


Hacked site link :-  http://twenty20worldcup2012.co.in/

If you are lucky, you can even witness it live..!! Hurry up!!!  :-(

ISI (Pakistan) hack email account of Indian Army Major !!!

          A serving Inter-Services Intelligence (ISI) officer Major Sameer Ali hacked an Indian Army major's e-mail account in 2010 and extracted many sensitive documents, intelligence sources said. Ali has been named by India in the list of 50 'most wanted' terrorists sheltered by Pakistan for involvement in the Mumbai attacks conspiracy,The news of the hacking was given to Indian probe agencies by the FBI, which was then interrogating Mumbai attack accused David Coleman Headley. The US agency told the CBI Ali had been accessing an Indian Army officer's rediffmail account from the ISI headquarters.

          The hacked account was traced to Major Shantanu De of 21 Bihar Regiment, who was at that time posted in the Andamans. De's computer was seized and scrutinised jointly by the Intelligence Bureau, National Investigation Agency and the Military Intelligence.

          What was baffling was that his computer and e-mail had more than 4,000 sensitive documents - some of them marked 'secret' and 'top secret'-which he was not supposed to be in possession of, leading to suspicions of espionage on part of Major De.

          While the joint investigation cleared De, it came to light how an innocuous posting of his own photograph in uniform in the social networking site Orkut with his various details made him the ISI's target.
He had collected the documents out of interest and also to prepare for his departmental exams that were slated for September 2010.

           De has since been demoted after being held guilty of violating the Army's Standard Operating Procedures on cyber security. Another of Ali's colleague in the ISI, Major Iqbal, who also figures in India's "most wanted" list, was Headley's handler for the ISI.

          On April 26, a US court had also chargesheeted Major Iqbal for conspiracy in the 2008 Mumbai terror strike. Iqbal's role has also been confirmed by Headley during his confessions.

Pakistan AirForce Official Server Hacked by Indian Cyber Army

pakistan air force hacked          The server of Pakistan air force has been compromised by hackers from India identifying themselves as indian cyber army. the hackers hacked into the Internal RDP ( Remote Desktop ) of the air force server and gained access to whole LAN of the company.
         
          This is not the first time such incidence took place this silent cyberwar between is going on since few years , where hackers from both the countries hacking into each others Web-servers and sites to showoff their skills, and the latest victim of the cyber war is Pakistan air force, Most of the sensitive Data would have been leeched said by the officials of the web-server, Few hackers from both the countries have been arrested because of these cyberwar and defacement’s below is the screen shot of the Pakistan air force along with the lan computers.

          By Doing Such things Hackers from both the countries Risking their future as well as theirlife, more over the hackers who where included in these cyberwar very young age from 17 to 21.  
We suggest not to spoil their future by doing such things.

Friday, May 27, 2011

IT experts develop 'Decaptcha' to crack Captcha

          Widely used online word test reverse engineered.

          IT experts have developed a new software 'Decaptcha' that cracks 'Captcha', the online word test tool that is used by websites to identify humans.

          A Captcha is a program that protects websites against bots by generating and grading tests, such as distorted tests, that humans can pass but current computer programs cannot. The term Captcha (Completely Automated Public Turing Test To Tell Computers and Humans Apart) was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas Hopper and John Langford of Carnegie Mellon University.

          The IT experts who developed Decaptcha claim that their software beat Captcha on eBay 82% of the time, Microsoft 48.9%, and Yahoo 45.5%, the Daily Mail reported. In tests, Decaptcha beats audio Captchas up to 89% of the time, said the experts. They added that cyber criminals could exploit this vulnerability to breach security walls in websites like Yahoo and eBay, unless the websites upgrade their security features.

          The vulnerability could prove disastrous to e-Commerce websites, such as the ones selling tickets and could lead to identity theft for users. "A computer algorithm that solves one Captcha out of every 100 attempts would allow an attacker to set up enough fraudulent accounts to manipulate user behaviour or achieve other ends on a target site," the researchers from Stanford University and Tulane University said.
Captchas usually come in the form of distorted words, but they also have a feature which reads out the words loud over the computer's speakers. The researchers found that this feature was vulnerable.

          In their study, the researchers found that the Decaptcha could crack around 200 complicated Captchas with just 20 minutes of 'listening' time.

Thursday, May 26, 2011

UK had highest ratio of malicious emails in May: Symantec

           Russia is the most spammed in May with a spam rate of 82.2%; in UK 75.4% of email was spam
The UK had the highest ratio of malicious emails in May, as one in 91.7 emails was blocked as malicious, according to a new report by Symantec.
    
          A new report by the security company said that in May, spam increased by 2.9 percentage points with spammers establishing their own fake URL-shortening services to perform URL redirection.
The MessageLabs Intelligence report identified that shortened links created on the fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites.

          These shortened URLs lead to a shortened-URL on the spammer's fake URL-shortening website, which in turn redirects to the spammer's own website.The unique thing about the new URL-shortening sites is that the spammers are treating them as 'stepping stones' - a link between public URL-shortening services and the spammers' own sites.
    
          "However, as long as new URL-shortening services are being created, we expect spammers to continue abusing them." The report also said that the most frequently blocked malware targeting endpoint devices for the last month was the W32.Ramnit!html, a worm that spreads through removable drives and by infecting executable files.

          Phishing activity decreased by 0.06 percentage points compared to April, with 1 in 286.7 emails registering phishing activity. Analysis of Web security activity showed that approximately 3,142 Web sites each day were harbouring malware and other potentially unwanted programs including spyware and adware, an increase of 30.4% since April 2011.

Insider data theft costs Bank of America $10 million

          A Bank of America insider who sold customer data to criminals cost the bank at least US$10 million in losses.

          Bank of America began notifying customers of the incident recently, but is not providing many details of the case which is still under investigation. The theft, "involved a now former associate who provided customer information to people outside the bank, who then used the information to commit fraud against our customers," said Bank of America spokeswoman Colleen Haggerty, in an email message.
The bank lost at least $10 million to the criminals, said James Kollar, a special agent with U.S. Secret Service in Los Angeles. "There was information that was coming from the bank to the outsiders," he said. "It was basically a check scam."

          About 95 members of the loosely affiliated criminal gang behind the alleged fraud, including the bank employee, were swept up in a February 2011 law enforcement action, James said. However, the names of the accused have not been released, and the court case is under seal as the investigation continues.

          The scammers had stolen, "names, addresses, Social Security numbers, phone numbers, bank account numbers, driver's license numbers, birth dates, email addresses, mother's maiden names, PINs and account balances." It appears that this information was then used for identity theft.

          According to one victim, quoted in the LA Times story, the scammers ordered boxes of checks and had them delivered to a UPS outlet where they would then pick them up. They also allegedly contacted the victim's telephone company and -- to prevent BofA from warning the victim -- rerouted calls to the scammers' mobile phone.
They also allegedly contacted the bank via telephone and moved more of the victim's money into the account they controlled. All told, they stole more than $20,000 from this one victim.

          It's not clear how many bank customers were actually affected by the fraud. There were "about 300" victims, located in the western U.S. But on Wednesday confirmed that this number was accurate, and din't say how many notification letters Bank of America is sending out.

          Customers who were hit by the fraudsters will receive two years of free credit reporting. Companies have taken a special interest in the threat posed by disgruntled insiders, after all of the publicity surrounding WikiLeaks. "We saw a lot of organizations wake up and hear the message that we've been saying for a very long time: That the insider threat is there". Unfortunately, that spike in interest, "seems to be temporary. There's still a ways to go in addressing the insider threat as well as the data leakage problem."

          Often leaks happen in the few months before a disgruntled employee leaves his job.

Hackers dont do different things, they do same things differently... (Part V)

5. Hackers controlling your car

          The age of the connected car is dawning. Vehicles like the Ford Edge now provide 3G network access, a Wi-Fi router in the car, and the ability to tap into your home Wi-Fi network (only while parked). In the next few years, more automakers will provide wireless access for Web browsing and streaming high-def movies. And by 2013, a new FCC-mandated wireless signal called DSRC (dedicated short-range communications) will run at 5.9GHz and provide a vehicle-to-vehicle communication network.

           For anyone who follows network computing or computing in general, adding these new features to a moving vehicle should raise a red flag as yet another way criminal hackers can cause problems. Since these systems often tap into the car diagnostics and safety features, a hacker could potentially interfere with such systems and, for example, cause a car's engine to surge at just the wrong time, says Stephan Tarnutzer, chief operating officer at automotive control console manufacturer DGE.

          While no real-world exploits are known to have happened, security researchers from the University of California, San Diego, and the University of Washington have hacked into the computers of several late-model cars and remotely disabled the brakes, altered the speedometer reading, turned off the engine, locked passengers into the car and more.

          The research team's initial tests relied on plugging a laptop into the car's diagnostic system, but later tests identified other entry points for an attack, including the cars' Bluetooth and cellular connections. More wireless communications in future cars will create even more attack vectors.

          The good news is that, most of the forthcoming wireless technology for cars is for short-range communications -- say, from one lane to another or just as you pass through an intersection. That makes it difficult for hackers because they need to be in close proximity to the car.

          Nevertheless, wireless connections in cars will undoubtedly make a tempting target for hackers. The answer, is for the auto industry to use strong, hardware-based encryption technology.
For example, the OnStar communications and security service offers a theft-recovery feature that makes use of wireless signals. If your car is stolen, you can report the theft to the police, who then contact OnStar, which can transmit a signal over a 3G network to stop the accelerator from working in the stolen car. OnStar's transmissions are encrypted to thwart unauthorized attempts to tap into signals and interfere with vehicle operations.

          Modules like this one that connect to car diagnostics systems are protected by strong encryption technologies. In the future, carmakers and the DOT will need to certify devices that connect to a wireless network.

          Car companies are, of course, aware of the potential for hackers to disrupt in-car wireless services. Representatives from Ford and GM, for instance, said they are developing strong encryption standards for vehicle-to-vehicle and vehicle-to-back-end-infrastructure communications.

          The technology for the connected car is for the most part still in a testing phase. The DSRC network in particular will undergo thorough testing by both the car companies and the U.S. Department of Transportation to make sure it is hacker-resistant and uses strong encryption, he adds. "This is why it takes two to three years for an OEM to qualify a new vehicle, compared to six months for a new smartphone," he says.

Wednesday, May 25, 2011

Add "Open with Notepad" to the Context Menu for All Files

imageHow to open any file using notepad ??
       
           The default method of opening unknown files forces you to go through a list of known applications and is generally a pain to deal with. That’s why I like to have a context menu option for “Open with Notepad” so that I can quickly open up files without having to go through a lot of trouble.

         

  
Manual Registry Hack
Open regedit.exe through the start menu search or run box, and then browse down to the following key:
HKEY_CLASSES_ROOT\*\shell
image
          Right-click on “shell” and choose to create a new key, calling it “Open with Notepad”. Create a new key below that one called “command”. Double-click on the (Default) value in the right-hand pane and enter in the following:
notepad.exe %1
The change should take effect immediately… just right-click on any file and you’ll see the next menu entry.

State highway Police Website hacked!!!

          The state highway police's website was allegedly hacked by an unknown person, who changed the accident figures to show a steep decline in the number of deaths for the year 2010. The changed statistics show the number of fatalities went down by almost 9,000 between 2009 and 2010. In 2009, th e number of deaths was 11,396. The records for 2010 show the number of deaths to be 1,762, even though an earlier table shows the number of deaths between January and June 2010 to be 6,588. The highway police said they are in the process of correcting the data on their website.

           Superintendent of police (state highway) BG Shekhar told the Hindustan Times that the website was hacked some time ago.

          "We are trying to correct the data that appears on the website right now and we hope to put everything in order by Monday," Shekhar said. The police said figures between 2004 and 2008 have shown a consistent rise in fatalities on state highways.

          In 2004 there were 9,822 deaths reported, 12,397 deaths were reported in 2008. Additional director general (state highway) AK Sharma refused to comment, saying he was holding additional charge.

Tuesday, May 24, 2011

Hackers dont do different things, they do same things differently... (Part IV)

4. Cyberstalking

          Social networks like Twitter and Facebook have changed the way we communicate in our personal and work lives, many would say for the better. Yet these useful portals also provide conduits that others can use to make our lives miserable.

          Workplace-related cyberstalking might involve another employee or someone trying to steal company information. A relatively new concept variously called cyberstalking, cyberharassment or cyberbullying involves an individual or a group making repeated personal attacks online, such as posting negative comments on every tweet you make or posting crude altered photos of you on a social network. The perpetrators may hide behind online aliases to hide their identities. By law, cyberbullying becomes a federal crime if a stalker makes any life-threatening comments.

          Most of us have heard of a handful of well-publicized cases of cyberbullying among teens, but it's also on the rise for adults who connect to social networks from their place of employment. These workplace-related attacks might involve another employee, or someone trying to steal company information.

          "Cyberstalking in the workplace has become more and more common and is tough to define because there are so many different forms to threaten or harass in this digital world and so many different motives behind the behavior. It can be anything from a personal/romantic relationship gone bad, to a co-worker/business conflict, to a competitor trying to wreak havoc on a company".

          To keep cyberstalkers off company networks, businesses should implement all the usual corporate security tools, such as firewalls and encryption, Baty says. Additionally, companies should institute a social media policy that outlines clear guidelines for what kinds of information employees should and should not post or discuss on public sites.

          If you do become a victim of cyberstalking or cyberbullying, you report it immediately to local law-enforcement authorities; if it happens at work, report it to your HR department as well. Don't delete harmful posts or other electronic communications, she says, but instead retain all documentation of incidents, mainly as evidence but also because the headers for e-mail and forum postings can be used to track down the offender.

          That said, the best defense is to protect your personal information as carefully as you can. For instance, never reveal online such details as where you live, and don't announce your movements, such as that you are on vacation or home sick and have left your workplace computer open to attack -- which rules out public "check-in" social networks such as Foursquare.

Monday, May 23, 2011

Hackers dont do different things, they do same things differently... (Part III)


3. Social network account spoofing 

          Many of us use Facebook, LinkedIn and other social networks to connect with friends, family and colleagues -- which leaves us vulnerable to a new technique called social network account spoofing. The idea is that a scammer poses as either someone you know or a friend of a friend to get close to you and fool you into revealing personal information. He then uses that information to gain access to your other accounts and eventually steal your identity.
          In a typical exploit, someone contacts you on a service like Facebook or LinkedIn, posing as a friend of a friend or a co-worker of someone you trust. Then, the new "friend" contacts you directly, usually through text message or email. It might seem surprising to have this "friend" contact you outside the social network, but he seems legitimate because you believe he has a connection with someone you trust.
          In another scenario, a scammer might impersonate someone you already know -- claiming to be an old friend from high school, for instance. Spoofers can find out your connections by following your public feeds or looking up the names of co-workers on sites like LinkedIn where you have posted your work info.
          Once the scammer has established a connection with you, he uses devious means to steal personal data, such as chatting to find out the names of family members, favorite bands, hobbies and other seemingly innocuous information -- then trying those as passwords or answers to security questions at banking sites, webmail accounts or other sites.
          The idea behind social network account spoofing is "thousands of years old." Conning you out of your personal information is an age-old trick. Today's social networks just provide a new avenue for con artists and criminals to get close to you.
          "The problem with communication by Facebook or LinkedIn is that you are stuck in a Web interface -- you can't check the IP address or header information. Everything is in a nice friendly world,". Stratum Security's Morehouse says criminals are becoming increasingly crafty on social networks: They first identify a target, then do the research -- what is this person like, whom do they follow, what do they like to do?
          What's more, social network attacks are sometimes combined with email and website spoofing, Morehouse says. You might develop a friendship on LinkedIn and then get an email from that person that looks like it was sent via LinkedIn but is actually a fake. When you click the link to reply to the message, you're taken to a fake LinkedIn site; logging in there reveals your LinkedIn username and password to the spoofer.

The email message above looks like it came from one of your LinkedIn friends, but look closely at the domain name and you'll see it's a fake.

If you click on a fake LinkedIn message, you'll see a fake site -- a ploy to steal your log-in and password



          Another type of attack Morehouse describes targets companies as well as individuals. The spoofer might set up a Facebook page pretending to be the official company page for, say, a retailer like office supply giant Staples. To make it seem credible, the spoofer might claim that the page is a formal method to contact the company or register complaints.
          The page might offer free (but fake) coupons to entice people to join, and it soon goes viral as people share it with their network of friends. Once hundreds or thousands of users have joined the page, says Morehouse, the owner tricks them into giving out personal information, perhaps by signing up to receive additional coupons or special offers.
           This is a double attack: Consumers are damaged because their personal data is compromised, and the company is damaged because its customers associate the fake Facebook page with the real company -- and decide not to buy from that company anymore.
            As with text-message attacks, individuals' best defense against spoofing attacks is to use common sense, Joffe says -- criminals usually do not do a good job of impersonating a person or company, and they tend to send links and phishing scams to con you. They might try to mimic a friend but rarely manage to accurately convey their personality. In some cases, the attacks are traceable through e-mail headers or IP addresses, and most attacks are too general and untargeted to be believable to anyone who's careful.
          Other precautions might seem obvious but are often overlooked. If someone says he's a friend of a friend or co-worker, make sure you confirm his identity with your common connection. And it's a good idea to lock down your privacy settings at social networking sites so that your contact info, posts, photos and more aren't visible to everyone. In Facebook, for example, select Account --> Privacy Settings --> Custom and click the "Customize settings" link at the bottom to gain control over exactly what you want to share with everyone, friends of friends, friends only or no one.
For companies, it's a little trickier. Joffe says there is no way to prevent a criminal from setting up a fake Facebook page initially, but companies can use monitoring tools such as Social Mention to see how the company name is being used online. If an unauthorized page turns up, companies can ask the social network to remove the fake listing.

Sunday, May 22, 2011

Hackers dont do different things, they do same things differently... (Part II)

2. Hacking into smart grids

A common misconception is that only an open network -- say, your corporate wireless LAN for visitor access -- is hackable.
"Stuxnet proved that it is relatively simple to cause potentially catastrophic damage" to an industrial control network, says Neustar's Joffe. 

          Even some nuclear plants and power grids have wireless networks for employees to use. According to Morehouse, another new attack point will be smart grids, which use electronic metering to streamline power management. Utility companies around the world have begun testing and rolling out smart meters to customers' homes and businesses. The technology, which can send data to and receive it from a central system, can also be very helpful for IT: You can open a console to see the power usage for one section of a building, for example.

          But smart grids might be vulnerable to attacks that would allow nefarious hackers to cut off electricity to homes and businesses and create other kinds of havoc. 

1)   One possible attack vector is a smart grid's communications infrastructure. For example, Morehouse says, a German utility company called Yello Strom uses a consumer smart grid system that works like a home automation kit -- the sensors report energy usage back to the central server via the user's home Wi-Fi network.
          Because of this, it is possible for end users to tap into their own networks and gain access to the substation used for delivering power. "Often it's the case that these types of networks are not properly segmented or protected," he says. "Once in, the attacker may be treated as a trusted user and have access to other areas. 
          Is there the potential that they could disrupt the substation or city? Absolutely. They may plant a back door that could allow the grid to be powered down at a particular time."

2)    Another concern is vulnerabilities in the smart meters themselves -- a problem that affects corporate smart grids as well. Researchers from Seattle-based security services vendor IOActive, for instance, discovered several bugs in smart grid devices that criminal hackers could exploit to access the smart grid network and cut power to customers.
          "Hackers use press releases to find out the technologies [used in corporate smart grids] and go back to the infrastructure and find vulnerabilities.

          The most effective preventive measure, is rigid isolation -- a smart grid should not touch any other network, ever. He says there is an urgent need for penetration testing and making sure the firewall in a closed network is secure because of the possible dangers of gaining access to the power grid. He advises using tools such as Core Impact and Metasploit.

          The "rigid isolation" rule applies to home users as well. "Consumers should never bridge smart grid networks with their home networks," says Morehouse. He also advises home users to become familiar with their smart meters so they can recognize whether they have been tampered with, and to ask their utility providers what security measures are in place to protect the meters and network.

Saturday, May 21, 2011

Hackers dont do different things, they do same things differently... (Part I)


          Criminal hackers never sleep, it seems. Just when you think you've battened down the hatches and fully protected yourself or your business from electronic security risks, along comes a new exploit to keep you up at night. There are 6 different vulnerabilities which can be called Generation-Next vulnerabilities which I would be covering in 6 different editorials:-


1. Text-message malware
         
          While smartphone viruses are still fairly rare, text-messaging attacks are becoming more common, PCs are now fairly well protected, he says, so some black-hat hackers have moved on to mobile devices. Symantec confirmed that any employee who falls for a text-message using a company smartphone can jeopardize the business's network and data, and perhaps cause a compliance violation.
          
          "This is a similar type of attack as [is used on] a computer -- an SMS or MMS message that includes an attachment, disguised as a funny or sexy picture, which asks the user to open it," Nguyen explains. "Once they download the picture, it will install malware on the device. Once loaded, it would acquire access privileges, and it spreads through contacts on the phone, [who] would then get a message from that user."

          In this way, says Joffe, hackers create botnets for sending text-message spam with links to a product the hacker is selling, usually charging you per message. In some cases, he adds, the malware even starts buying ring tones that are charged on your wireless bill, lining the pocketbook of the hacker selling the ring tones.

          Another ruse, says Nguyen, is a text-message link to download an app that supposedly allows free Internet access but is actually a Trojan that sends hundreds of thousands of SMS messages (usually at "premium SMS" rates of $2 each) from the phone.

          Wireless carriers say they do try to stave off the attacks. For instance, Verizon spokeswoman Brenda Raney says the company scans for known malware attacks and isolates them on the cellular network, and even engages with federal crime units to block attacks. There is "no defense against being stupid" or against employee errors. For example, many security professionals training corporate employees one-on-one about cell phone dangers would send them messages with a fake worm. And right after the training session, many employees would still click the link.
          
          To keep such malware off users' phones, Joffe recommends that businesses institute strict corporate policies limiting whom employees can text using company networks and phones, and what kind of work can be done via text. Another option is a policy that disallows text messaging entirely, at least until the industry figures out how to deal with the threats.

          For consumers, common sense is the best defense. Avoid clicking on text-message links or attachments from anyone you don't know, and use extreme caution even with messages from known contacts, who might unwittingly be part of a botnet.

Facebook to use Microsoft tech to find child porn

          Facebook will use PhotoDNA, an image analysis technology co-invented by Microsoft, to find child pornography on its site, the company said Thursday.

          The social networking giant will run PhotoDNA on all images uploaded to the site to help find and block images showing child pornography. The technology will also help Facebook report incidents to the National Center for Missing & Exploited Children (NCMEC) and the police, to allow them to take immediate action, according to Chris Sonderby, assistant general counsel at Facebook.

          Microsoft worked with Dartmouth College in New Hampshire to develop PhotoDNA in 2009, and then freely licensed it to NCMEC for use in a program to combat the distribution of online child pornography. Microsoft began implementing PhotoDNA technology on Bing and SkyDrive, including images published to SkyDrive through Hotmail, it said in a blog post.
PhotoDNA works by creating a signature for every image, similar to a fingerprint, and comparing that to signatures of known images. The signature is created by first converting the image to black and white, resizing it and breaking it up into a grid of cells. In each cell, changes in brightness are analyzed, and the signature is created from this information. The amount of data in each signature is small, which makes finding matches easier and "finding the needle in the haystack" possible, according to Microsoft.

          To date, Microsoft has evaluated more than 2 billion images on its services using the PhotoDNA signatures provided by NCMEC, leading to the identification of more than 1,000 matches on SkyDrive and 1,500 matches through Bing's image search indexing.

          Microsoft hopes that Facebook's adoption of PhotoDNA serves as a springboard for other online service providers to join NCMEC's PhotoDNA program, according to the blog post. Others are considering joining, the company said.

          The more companies that discover and start using these kinds of tools the better, according to a spokeswoman at World Childhood Foundation, an organization that works to improve living conditions for vulnerable and exploited children. That Facebook uses it is especially helpful since so many people visit the site, she said.

Over 99% Android phones leak personal data

          German researchers find unencrypted 'token' files moving between phone. Security researchers in Germany have detected a leak in Android phones which can be exploited by criminals to tap information being transmitted between phones.
          The discovery was made by University of Ulm researchers Bastian Konings, Jens Nickels, and Florian Schaub. They detected the risk in Android phones when they were studying the way Android phones handled identification information for Web-based services, such as Google Calendar.
          The researchers found that many of the installed aplications in Android phones worked with Google services through a digital ID in the form of an authentication token. The tokens work like cookies on computers, by storing information so that users do not have to enter details repeatedly.
          The researchers say that the transfer of such tokens is risky as they are sometimes sent in unencrypted form or plain text over wireless networks. Criminals with Wi-Fi network can access these files and steal personal information, say the researchers.
          The researchers also claim that the data leak happens in over 99% Android phones. Google has not commented on the matter so far.
          Concerns about data collection and user privacy have reached an unprecedented high in recent months.
Last month, two British security researchers, Alisdair Allan and Pete Warden, identified that Apple iPhones had secret unencrypted files in them that tracked the movements of users without their knowledge.
          Google also admitted that the company tracked movements of users as well. News that Microsoft phones also did the same followed soon.
          The companies admitted to such practices. However, they said that they were doing so to offer better services to users. Apple issued an update last month that offered users to opt out of location tracking.

Ronaldinho's Website Hacked By Osama Bin Laden Supporters

          Football supremo Ronaldinho has become the latest celebrity to have his website attacked, with the star suffering a somewhat unflattering comparison to a certain Star Wars character at the hands of an unknown pro-terrorism cracker.



One of the most famous athletes in the world had a rough Saturday afternoon. World renown soccer player Ronaldinho has his own website, just like seemingly every big name athlete in 2011, and he uses it for fans to get behind the scenes access on his life.

On Saturday some Internet hackers were able to put multiple images of Osama Bin Laden on the website. 
GloboEsporte.com reports the hacker posted a photo of bin Laden and statements supporting Islam, as well as comments in Arabic attacking Ronaldinho's "hatred" of Islam.

The site was hacked for a few hours on Saturday, according to the GloboEsporte.com website and other local media. Ronaldinho could not be contacted for comment

Wednesday, May 18, 2011

Hackers hit video game developer Square Enix

           Details of 25,000 customers at risk; credit card details safe, says company Japanese video game and publishing company Square Enix has become the latest victim of cyber attacks with hackers breaching into its security.
         
          The second Japanese video game company to be hacked in less than two months, Square Enix is best known for its Final Fantasy, the Dragon Quest, Tomb Raider and Hit Man series. The Tokyo-based company has admitted that hackers have breached the security of its websites, in which they could have accessed e-mail addresses of 25,000 customers and downloaded the CVs of 350 aspirants for jobs in its Canadian offices.

          "Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites," the company said in a statement. However, the company has said that credit card details were safe.

            The company said, "We have also discovered that up to 25,000 email addresses were obtained as a result of this breach. These email addresses are not linked to any additional personal information. They were site registration email addresses provided to us for users to receive product information updates." "We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again."
          
           Last month, a massive cyber attack on Japanese electronics company Sony forced it to shut down its PlayStation Network. The breach is believed to have compromised the details of over 100 million users worldwide. The company has been accused of notifying its customers about the breach late.

SunSpot trojan targets North American banks

          Only 21% of major anti-virus programs can identify the Microsoft Windows malware platform Web security provider Trusteer has said that it has identified a Microsoft Windows malware platform dubbed "Sunspot" that attacks North American financial institutions and their customer accounts. The Trojan has already caused financial losses in the US and has the ability to steal sensitive financial details, including credit card details from infected computers.
       
          The virus can also get access to answers to secret questions and other personal information such as driver license number, mother maiden name and date of birth, which could lead to identity theft. Moreover, the Trojan is hard to detect, said Trusteer Chief Technology Officer Amit Klein.In a test conducted by the company, only nine out of the 42 major anti-virus programs or 21%, could detect the Trojan.
      
          Klein warned that financial institutions and banks are at increasing threats from re-programmed malware. Klein said, "We could be witnessing a sea change in malware development where general purpose and little known malware platforms are re-programmed to carry out financial fraud. This will make it even more difficult to defend against attacks since banks will be ambushed by a growing number of unique financial malware platforms."

Tuesday, May 17, 2011

Zeus leaks give tools to researchers, attackers

        The source code and a manual to the popular crimeware creation kit Zeus has been leaked, perhaps giving defenders additional tools to fight infections but also raising concerns that criminals may use the source code to create a rapidly expanding compendium of variants.
     
        Nearly a week ago, copies of the source code to Zeus appeared on the Internet, according to Danish security firm CSIS. The release comes about the same time that a manual describing Zeus's functionality also appeared on the Web. While having access to the source code could be a boon to researchers, security professionals also worried that having access to the code could result in a spurt of innovation among criminals.
     
        "It remains to be seen whether we see different flavors of Zeus appearing over the next few days, weeks or even months," says Paul Wood, senior analyst with Symantec.cloud. "Of course, the ability then is for the other bad guys to take advantage of some of the technology that they don't have in their tool kit and build that into their own technology, because there are certainly a quite a lot of interesting features in the Zeus toolkit."
In 2004, the creator of the Agobot bot software posted his code to the public. Soon after, Agobot variants skyrocketed, turning the code for the software into one of the largest families of malware detected on the Internet.

        Zeus is already popular and is frequently used as the means to steal money from victims' bank accounts. Yet, the source code could help criminals create more variations on the source code, says Wood.The release of the code comes around the same time as the publication of a manual for the software. In a tweet on Wednesday, Mikko Hyponnen, chief research officer for security firm F-Secure, highlighted the document.
     
        "Gives a good idea on how organized these guys are," he posted.
Yet, the public outing of both the source code and manual can help defenders create better ways of detecting variants of the Zeus code, says Symantec.cloud's Wood. "The other side of the coin really is the ability to understand how these components are generated by looking at the source code, which enables us to put in place better rules to identify that type of malicious activity," Wood says. "If we can understand a bit about how they work, that allows us to build better rules to detect them.
      
        Unfortunately, the code has not yet revealed much about the author or authors. In an analysis posted on Wednesday, Derek M. Jones, a visiting professor at Kingston University focusing on forensics software engineering, concluded that there is a single author who had some professional development experience and had very strong English skills. Extending those conclusions is difficult, he says.
    
        "There has been some research where people have tried to do some author attribution," he says. "But the problem is that people look for patterns, but in code, there is not a lot of patterns."
Or, as F-Secure Hypponen deadpans, " They're Russian. That should help us a lot in finding them."

Monday, May 16, 2011

Unable to hide Menu Bar in Windows Explorer

PROBLEM:-

If you cannot hide the Menu Bar in Windows Vista or Windows 7 Explorer, here are some trouble-shooting steps you may want to try.


SOLUTION:-
1) First Rt click on the menu bas and uncheck Lock the Tool bars. Then, click Organize > Layout > Ensure Menu bar is un checked.

2) Click Organize > Folder Options > General > Tasks > Ensure Show preview and folders is checked > Apply > OK.
Additionally : Rt click Computer > Properties > Advanced System Settings > Performance > Settings > check "Show preview and filters in folder" > Apply/OK.

3)Open regedit and navigate to the following key: 
HKCU\Software\Microsoft\Internet Explorer\Toolbar\
Under this registry key, you will see two sub-keys 'ShellBrowser' & 'WebBrowser'.

4)Go to the first ShellBrowser key and look for 'ITBar7Layout'. Delete this ITBar7Layout key.












 RESULT:-

Sunday, May 15, 2011

Hacker Invites Strangers To Woman's House For "Sex"

Omaha, NE -
An woman's privacy is shattered after someone uses a computer to ruin her reputation.

The woman is too afraid to reveal her identity. But, someone did use her identity to play a vicious prank. She believes an ex-boyfriend stole her password, then posted personal information online. That included an advertisement on Craigslist calling for strangers to come over for sex."I had over 500 text messages. I had over 10 people show up at my house. I had hundreds of phone calls. There are a lot of creeps in Omaha I guess."

She posted a note on her front door threatening to call police if the men knocked on her door. "I had mace and a butcher knife by the door, I was terrified."
The victim told police the messages sounded "as though they had been written by her" but were not. The hacker described her body and offered: "Why don't you come over and...?" The calls and texts continued for five days.

She said she had "dozens of responses and ten different men showed up at her residence, wanting sex."
Some people reading her "propositions" on Facebook called her names. The suspect also reportedly sent e-mails to her friends.

Saturday, May 14, 2011

Facebook inadvertently leaked user data for years: Symantec

Social networking site has 7.5 million underage users in US, finds report IT security company Symantec has said that Facebook could have inadvertently leaked users' personal information to third parties and advertisers over the past few years.

The revelation comes at a time when there are growing privacy and security concerns about the services of some of the biggest IT companies, including Google, Apple and Sony.

Symantec said in its official blog that a programming bug on Facebook's website could have caused the leakage which included details such as profiles, photographs and chats.

"We estimate that as of April 2011, close to 100,000 applications were enabling this leakage," the blog said.
"Third parties, in particular advertisers, have accidentally had access to Facebook users' accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information," it said.
"Symantec has discovered that in certain cases, Facebook IFRAME applications inadvertently leaked access tokens to third parties like advertisers or analytic platforms. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties."

However, the company said that Facebook has patched the bug and the information of users is now safe.
"Fortunately, these third-parties may not have realised their ability to access this information. We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue."
Facebook has not commented on the matter so far.

Meanwhile, a survey by Consumer Reports has found that last year, the social networking site had 7.5 million underage users in the US alone, a violation of the site's policies which require users to be at least 13 years old.
The Consumer Reports "State of the Net" survey found that over five million of the users were under age 11, adding that more than 5 million US households were exposed to threats such as virus infections and identity theft. Facebook also has one million children who have been bullied on the site, Consumer Reports said.

Monday, May 9, 2011

Bin Laden video might contain a malware, warns FBI


          Computer experts warn users of malware scams in the name of bin Laden. The Federal Bureau of investigation (FBI) has issued a warning to computer users across the world to exercise caution while opening emails claiming to carry bin Laden content in them. Malware has been found in on several websites sowing the news of the death of the al-Qaeda leader. Computer security experts have also said that online scammers were quick to exploit the death of bin Laden to spread malware.


          Bin Laden scams are also spreading quickly on Facebook, Hypponen and others said. The latest scam plays on the reputation of Wikileaks, the organization that has leaked thousands of U.S. military and diplomatic messages during the last year. "Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch," claims the Facebook spam. "Leaked by Wikileaks."
        
           Security company Kaspersky Lab has said that at least two domains have been found to be serving up fake antivirus software called "Best Antivirus 2011" when one searched for "Osama bin Laden body" on a Google image search in Spanish. Sophos employee Paul Ducklin said, "Watch out for the links you're likely to come across in email or on social networking sites offering you additional coverage of this newsworthy event."

          "It's not really surprising," said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. "We were expecting to see related malware." The shift to direct attacks follows Monday's campaigns to push fake security software, dubbed "rogueware," to both Windows and Mac users. Earlier today, F-Secure warned users to steer clear of spam that included the "Fotos_Osama_Bin_Laden.zip" archive attachment. Running the resulting Windows executable file doesn't display photographs, but instead launches a new banking Trojan horse belonging to the three-year-old "Banload" line, said Hypponen. The malware sniffs out online banking sessions and then tries to redirect payments to other accounts.

          Symantec said it had found email messages touting photos and videos which so far have been written in French, Portuguese and Spanish, lead users to a fake CNN Web site where they're told to download video. As in the F-Secure instance, the download is, in fact, a "dropper" that in turn downloads malicious code to the Windows PC.
          
          According to U.K.-based Sophos, the Facebook messages don't play video of the al-Qaeda leader's death, but actually dupe users into copying and pasting a line of JavaScript into their browser's address bar.

Friday, May 6, 2011

Firefox 5 beta released... :-)


The Web is all about innovation, and Firefox sets the pace with dozens of new features to deliver a faster, more secure and customizable Web browsing experience for all.

User Experience. The enhancements to Firefox provide the best possible browsing experience on the Web. The new Firefox smart location bar, affectionately known as the "Awesome Bar," learns as people use it, adapting to user preferences and offering better fitting matches over time.

Performance. Firefox is built on top of the powerful new Gecko platform, resulting in a safer, easier to use and more personal product.

Security. Firefox raises the bar for security. The new malware and phishing protection helps protect from viruses, worms, trojans and spyware to keep people safe on the Web.

Customization. Everyone uses the Web differently, and Firefox lets users customize their browser with more than 5,000 add-ons.

Download
password: easyhacks.tk