Wednesday, April 18, 2018

Protect Your Facebook Account From Hackers

Recently a friend-of-a-friend’s Facebook account was hacked.  She realized that spam e-mails were sent from her account.  Then a few days later I heard that another acquaintance experienced the same problem.

Here are some steps you can take if you believe your account has been compromised, along with some steps to prevent this from happening.  Please share this with your Facebooking teens.  A 2011 survey showed that 30% of teen’s accounts had been hacked – by a friend!  So help them check their privacy and security settings on a regular basis.


WHAT TO DO IF YOUR FACEBOOK ACCOUNT HAS BEEN HACKED

Go to https://www.facebook.com/hacked and follow the instructions on-screen. You’ll go through three steps:


  1. Verify your account and change password.  You’ll be asked to identify your account, change your password, and change the password associated with the e-mail account that you use for Facebook.
  2. Review and fix anything the cybercriminal changed.
  3. Unlock account.


HOW TO PREVENT YOUR FACEBOOK ACCOUNT FROM BEING HACKED

 Security settings are the key.  So stop what you’re doing and print out this article.  Then log into Facebook and update these settings.

From Account settings, click on Security.  I recommend the following settings for the highest level of security.

1. Secure Browsing – enabled.

2. Login Notifications – enabled.

3. Login Approvals – enabled.  This feature requires that you have a cell phone capable of receiving text messages.  When enabled, you will receive a code via text message if your account is accessed from an unrecognized location.

This is important for teens.  They may use computers at a friend’s house, the library, or other public locations.  As an example, if you are logging in to Facebook from a computer in the library, you’ll be asked to enter in a code.  You’ll receive the text message, know that it’s YOU using Facebook, and enter the code.  If you receive the text message and you WERE NOT trying to log into Facebook, you’ll know there is a problem.  And the hacker trying to get into your account will not have the code.

Dialog box shown after Login Approvals are set up

4. App Passwords – If you don’t have many apps associated with your Facebook account, you can probably leave this off.  If you do enable login approvals as described above, and you do use apps such as Skype through Facebook, then you may want to set app passwords.  You can read about this feature on Facebook Help and Inside Facebook.

5. Recognized Devices – if there is anything listed here that doesn’t look familiar, or the date is not recent, remove it.

6. Active Sessions – remove all except Current session.


Your Security Settings page should now look something like this:

Summary of Facebook security settings

As a last step, go to General Account settings and change your Facebook password.  And finally, log out of Facebook when not in use.

Now with your Facebook account safe and secure, you can get back to important Facebook activities, such as post-election re-friending, without too much of a fear of hackers accessing your account.


Source : Copyed on April 19, 2018 at http://www.bewebsmart.com Posted by Jean
               As an advanced reference material, please be able to visit the official website. Thank you
Diposkan oleh di 2 comments:
Label: , , ,

How To Create A Harmless Android Phone Virus ... (prank ,virus, harmless)

Creating a simple virus program(harmless,just for fun / prank)....

This program can infect the phone as well as disinfect it....

(disinfecting will not function properly in some cases,data is not actually lost anywhere but you have to recover it manually in such case... **it is also described below)

so use at own risk....

Screen shot:-


After infecting



but yet it works in most cases

This posts include a simple program in android which is capable to invisible all the SD-Card content of phone from file manager,gallery and media scanner...

The basic idea behind it is only to hide/invisible the SD-Card content from phone.so Android OS gets unaware about that data and don't shows it up.....

In Android system folders having a dot "." as initial of its name considered as hidden .... so what we do is to make each SD-card folder to start with "..." to hide them ex- 'image' --> '...image'

and while disinfecting we have to remove those dots to unhide them from system....

here we are using three dots "..." as prefix to differ them from android system hidden files..

Source code:-

package com.example.fun_virus;

import java.io.File;
import java.util.ArrayList;
import java.util.List;

import android.app.Activity;
import android.content.SharedPreferences;
import android.os.Bundle;
import android.os.Environment;
import android.util.Log;
import android.view.View;
import android.view.View.OnClickListener;
import android.widget.Button;
import android.widget.Toast;

public class Fun_Virus_Activity extends Activity
{
private File file;
private List myList;

public void onCreate(Bundle savedInstanceState)
{
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_fun__virus);

myList = new ArrayList();

String root_sd = Environment.getExternalStorageDirectory().toString();
file = new File( root_sd + "/" ) ;
Button btn_infect = (Button) findViewById(R.id.btn_infect);
Button btn_disinfect = (Button) findViewById(R.id.btn_disinfect);

btn_infect.setOnClickListener(new OnClickListener() {

@Override
public void onClick(View arg0) {
// TODO Auto-generated method stub
SharedPreferences settings = getSharedPreferences("mysp", MODE_PRIVATE);
String inf = settings.getString("INFECTED","NO");
if(inf.equals("OK"))
{
Toast.makeText(Fun_Virus_Activity.this,"Already Infected", 5).show();
}else
{
infect();
SharedPreferences.Editor prefEditor = settings.edit();
prefEditor.putString("INFECTED", "OK");
prefEditor.commit();
}
}
});
btn_disinfect.setOnClickListener(new OnClickListener() {

@Override
public void onClick(View arg0) {
// TODO Auto-generated method stub
disinfect();
Fun_Virus_Activity.this.getSharedPreferences("mysp", 0).edit().clear().commit();
}
});

}
public void infect()
{
File list[] = file.listFiles();
for( int i=0; i< list.length; i++)
{
myList.add( list[i].getName() );
Log.e("files : ",i+":"+ myList.get(i).toString());
File file = new File(list[i].getParent()+"/"+myList.get(i));
//File file2 = new File(list[i].getParent()+"..."+myList.get(i));
Log.e("abs_path",list[i].getParent()+"/"+myList.get(i)+"");
//boolean success = file.renameTo(file2);
boolean success= file.renameTo(new File(list[i].getParent(),"..."+myList.get(i)));
Log.e("bool",success+"" );
}
}
public void disinfect()
{
File list[] = file.listFiles();
for( int i=0; i< list.length; i++)
{
myList.add( list[i].getName() );
Log.e("files : ",i+":"+ myList.get(i).toString());
File file = new File(list[i].getParent()+"/"+myList.get(i));
String aa= myList.get(i).replace("...", "");
Log.e("replace", aa+"");
boolean success= file.renameTo(new File(list[i].getParent(),aa));
Log.e("bool",success+"" );
}
}
}
And the layout :-

xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:background="@drawable/vrs_logo"
tools:context=".Fun_Virus_Activity" >

android:id="@+id/btn_infect"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_alignParentLeft="true"
android:layout_alignParentTop="true"
android:layout_marginTop="32dp"
android:text="INFECT" />

android:id="@+id/btn_disinfect"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_alignBaseline="@+id/btn_infect"
android:layout_alignBottom="@+id/btn_infect"
android:layout_alignParentRight="true"
android:text="DISINFECT" />

**

In a condition when all previous data is not visible after disinfecting then you have to manually recover those data using file explorer like:-Es File Explorer,AndroZip etc..
you should rename folders with "..." prefix to there original name ex:- '...image' -->'image'

This will show data again.



Source : Copyed on April 18, 2018 at http://suhebqureshi.blogspot.co.id Posted by Suheb Qureshi
               As an advanced reference material, please be able to visit the official website. Thank you
Diposkan oleh di 1 comment:
Label: , , , , ,
Tuesday, April 17, 2018

Simple Text Message to Hack Any Android Phone Remotely


Own an Android phone? Beware, Your Android smartphones can be hacked by just a malformed text message.

Security researchers have found that 95% of Android devices running version 2.2 to 5.1 of operating system, which includes Lollipop and KitKat, are vulnerable to a security bug, affecting more than 950 Million Android smartphones and tablets.

Almost all Android smart devices available today are open to attack that could allow hackers to access the vulnerable device without the owners being aware of it, according to Joshua Drake, vice president of platform research and exploitation at security firm Zimperium.

The vulnerability actually resides in a core Android component called "Stagefright," a multimedia playback library used by Android to process, record and play multimedia files such as PDFs.

A Text Message Received...Your Game is Over

The sad news for most of the Android users is that the fix will not help Millions of Android users that owned older versions of the operating system that Google no longer supports, opening doors for hackers to perform Stagefright attack.

Drake has developed and published a scary exploit that uses a specially crafted text message using the multimedia message (MMS) format.

All a hacker needs is the phone number of the victim’s Android device. The hacker could then sends the malicious message that will surreptitiously execute malicious code on the vulnerable device with no end user action, no indication, nothing required.

"These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited," reads the Zimperium blog post published Monday.

"Unlike spear-phishing, where the victim needs to open a PDF file or a link sent by the attacker, this vulnerability can be triggered while you sleep. Before you wake up, the attacker will remove any signs of the device being compromised, and you will continue your day as usual—with a trojaned phone."

Drake will present his full findings, including six additional attack techniques to exploit the vulnerability, at Black Hat security conference in Las Vegas on on August 5 and DEF CON 23 on August 7, where he is scheduled to deliver a talk titled, Stagefright: Scary Code in the Heart of Android.

Almost all Android devices containing Stagefright are in question. According to Drake, all versions of Android devices after and including version 2.2 of the operating system are potentially vulnerable, and it is up to each device manufacturer to patch the devices against Stagefright attack.

When will I expect a Fix?

Google has patched the code and sent it to device manufacturers, but devices require over-the-air updates from companies such as Samsung or Motorola to update their customers' phones.

Given the shaky history of handset manufacturers and carriers rolling out security patches, it is not known how long the companies will take to update vulnerable Android devices against Stagefright attack.

However, Silent Circle has patched the issue in its Blackphone, as has Mozilla, which uses Stagefright code in Firefox OS.

Source : Copyed on April 18, 2018 at thehackernews.com Posted by Mohit Kumar
               As an advanced reference material, please be able to visit the official website. Thank you
Diposkan oleh di 1 comment:
Label: , , ,

How to Remove Malware From Your PC


It should be drilled into you by now: Use antivirus software! These programs—from the amazing free tools to the fee-driven antivirus utilities—keep tabs on your Windows PC with scans, real-time monitoring, even heuristic analysis of files and processes so new threats can be identified. It's imperative, especially with Windows, that you have some kind of antivirus installed.

But even the best antivirus isn't 100 percent foolproof. A device already compromised by malware could get on your network, people can personally place malware on a system, and some malware, a Remote Access Trojan, lays dormant waiting to attack at just the right time. And no one can protect entirely against social engineering or phishing schemes that trick you into clicking on or downloading an infected link or attachment. Hell, there are even rogue programs out there that look like antivirus or antispyware, but when you install them, you get infected! Always download from the source—avoid the third-party download sites.

Sometimes, it's hard to tell when you're initially infected with the badness. But there are plenty of signs you should keep an eye out for—incredibly slow performance where once the PC zipped along, browser pop-ups when no browser is even open, scary warnings from security programs you didn't install, and many more.

If you suspect, or absolutely with a certainty know, you've got a malware infection, here are the steps to take, immediately, to remove the malware.

Install or Update Your Antivirus

First, make sure your existing antivirus software is fully updated with the latest virus definitions—that's how the software IDs existing malware, based on what has come before. Antivirus vendors are constantly updating these lists as they encounter new viruses and Trojans in the wild and in the lab. If your software is even a day out of date, you run the risk of an infection.

If you don't have any antivirus installed, well...sheesh. Re-read the first paragraph above and immediately download one of our top-rated free antivirus tools: Avast Free Antivirus, AVG AntiVirus Free, or Panda Free Antivirus.


If you need to fix an infected PC for a business, super-sheesh, and also, you'll probably have to spend some money to get a full security suite. Our top-rated options include: Symantec Norton Security Premium, Bitdefender Internet Security, Bitdefender Total Security, Kaspersky Internet Security, and McAfee LiveSafe. All of the above get 4.5 stars in reviews this year from PCMag's security expert, Neil J. Rubenking.

Then run the deep, thorough scan. Let it run for as long as it takes, and hope that it finds and fixes the problem. That's your best-case scenario. The problem is, if the malware is good at its job, then it probably deactivated the antivirus to get there in the first place.

Also, make sure you've got a software firewall running on all PCs. The firewall running in your home or business router is nice and all, but it's not enough. Our top pick is the Check Point ZoneAlarm Free Firewall, or get the paid Pro version that does even more.

Revert to the Old or the Safe

If you've got System Restore points set in Windows, you could use this opportunity to reset the system. It could do the trick but probably will not. The malware, again, if it was written by someone smart, will be ready for this trick. You can try running RKill, a program designed to kill any known malware processes in play.

If that doesn't work, you need to boot Windows in a way that won't let the malware get started. That's called Safe Mode. Enter into the Windows Safe Mode by restarting the PC, then, in Windows 8 and 10, hold down the shift key during the boot sequence. When you're asked for troubleshooting options, enter Safe Mode.

You should delete temp files—they permeate Windows after a while, and could be where malware hides. At the Start menu, type in Disk Cleanup and it'll check the C: drive for what you can safely delete among all the temps. Then download and run an antivirus on-demand scanner: Malwarebytes Anti-Malware is always highly recommended at this point in the process. Hopefully, it does the trick and your PC is back to normal after the scan and another reboot.


Malwarebytes Anti-Malware is sometimes called "second opinion malware scanner," because it's a second line of attack against the bad guys if your initial antivirus fails. Other options include HitmanPro and Kaspersky TDSKiller. The latter is particularly good at sniffing out rootkits that run at a level that makes them hard to find by regular antivirus software.

Cut the Internet

If you've got a RAT aboard, that means someone is remotely accessing your PC. That's bad news, so your first step has to be getting off the Internet. Pull the Ethernet on the PC, turn off the Wi-Fi, even turn off the router if you must. That's your only guarantee the PC is disconnected (make sure it's not using a neighbor's or business's Wi-Fi to stay online on the side).

Not being online makes it hard to stay up to date with antivirus definitions, of course. You'll have to get the latest software from a third-party PC (probably at a different location) then get it to the infected system using a USB flash drive. You can also boot the computer with a CD, sometimes called a "Live CD" or "rescue CD," running a full anti-malware utility. Of course, you might need a CD reader on the PC, which isn't always a given these days, especially on newer laptops. Then again, many of these tools can boot from a USB flash drive, as well.

Get Portable Antivirus Help

When all else fails, it could be the OS that's against you, thanks to the infection—you may not be able to even install new antivirus tools. You need to get around the OS and let the antivirus take control.

There are many portable apps you can put on a USB drive that don't require direct installation, including some that do antivirus, like Microsoft Safety Scanner, ClamWin, McAfee Stinger, or Kaspersky Security Scan. Try a mix—they won't conflict since you run each scan individually.

If you prefer to boot into a utility that will then do a deeper scan on the entire hard drive, get a third-party PC on which to burn the goods, then find a rescue CD image to burn from antivirus vendors like AVG, Avira, Bitdefender, F-Secure, Kaspersky, Panda, Sophos, and Trend Micro.

You'll need ISO or IMG file burner software utility to make that disk or drive that's bootable; in Windows 7, 8, and 10, insert the empty CD, DVD, or USB drive, double click the ISO or IMG file and select Burn disc image. Or download a tool like ImgBurn to get more control over it.

There is specialized software out there, like Spybot, that goes after spyware, or Symantec's Norton Power Eraser, which specifically targets "crimeware," the kind of malware that runs scams and scares the crap out of you. This one comes with a warning that it's as aggressive as hell when it goes after a problem, and therefore the risk of collateral damage is high. The warning says specifically, "there is a risk that it can select some legitimate programs for removal."


Risking a few programs is worth it compared to the nuclear option: reformatting your hard drive and reinstalling the operating system and all programs (you do have an image of your clean OS install backed up that you can use for restoration, right?). That's necessary less and less these days, compared to the days of Windows 95 on up to Vista; but still a viable method of resetting the system, sans malware.

Living in the Aftermath

Dealing successfully with an infection is like being at home after you've been burglarized; it takes a while to feel safe again. Take steps, like you would after being robbed: enhance your security. Get the best, highest rated security suite, read up on how to avoid getting scammed/phished, and then go on a purge: uninstall any programs you're not using on a regular basis or don't trust. Be ruthless. And be careful.


Source : Copyed on April 18, 2018 at www.pcmag.com Posted by Eric Griffith
               As an advanced reference material, please be able to visit the official website. Thank you
Diposkan oleh di 1 comment:
Label: , , ,

Create Your Own Android Trojan in 5 Easy Steps


It seems that every few weeks a new crop of malicious Android apps turns up in the market. Sometimes Google just removes them from the market; other times it uses the "kill switch" to disable already-downloaded apps from Android devices around the world.

Typically these threats are perfectly ordinary-looking apps. Like the Trojan Horse of legend, they enter your device freely, with your permission. Once installed they do something nasty. Some users are shocked that Google can remove stuff from your Android phone remotely. I'm more alarmed at the ridiculous ease with which malicious coders can create Trojans for Android.

At last week's Next@Norton event, Symantec researchers presented a dazzling array of information about the current state of mobile security and the mobile malware landscape. Eric Chien, Technical Director for Security Response, revealed the absurdly simple steps a malefactor uses to create a brand-new Trojan by creating one right in front of the audience. Don't worry; his sample app never left the room.

Here are the five simple steps Chien demonstrated:

One. Start by downloading a free app. You can choose any app at all, but of course you'll want to pick something that will draw plenty of downloads.

Two. The language compilers that create applications on your PC take textual source code and convert it into assembly language that the CPU can read and process. It's a one-way translation; there's no way to go from the final executable file back to the source code. Android apps are written in Java, though, and that means that you can decompile them back to the original source code using simple, easily-available tools. For the next step, decompile your target app.

Three. The third step is a little tricky. You'll need to obtain Java source code that does something nasty, like sending personal information from the device to a third party. For the demonstration, Chien used a known threat called Android.Geinimi.

Four. Adding the Trojan code is absurdly simple. You copy it into the folder containing the existing source code, make a small change in the manifest to run the Trojan code before the rest of the app, and edit the permissions to give the Trojanized app free access to the entire device. While you're at it, tweak the app's name. Chien added "FREE!" to the name for his demo.

Five. Compile the modified app and upload it to the market. You're done!

Of course, malicious apps don't last long in the Android Market. If you really want to spread a dangerous program, you're better off uploading it in China, where there is no official Android market. In fact, virtually all of the examples referenced in Chien's presentation surfaced in the free-for-all markets of China.

Not planning to do this yourself? Good! But I'm sure that like me you're shocked at how easily someone with bad intentions can create a brand new Android Trojan. It's time to look into mobile security for your Android device.

Source : Copyed on April 18, 2018 at www.pcmag.com Posted by Neil J. Rubenking
               As an advanced reference material, please be able to visit the official website. Thank you
Diposkan oleh di 1 comment:
Label: ,
Subscribe to: Posts (Atom)