30 Nov

Avoid the 12 Online Scams of Christmas [INFOGRAPHIC]

As you head online to shop for this Christmas season, cyber criminals are readying their scam list to lure unsuspecting victims. The holiday season presents a great opportunity for cyber criminals to lure into their well planned scams.
From fake E-commerce websites to social media phishing scams to malicious mobile applications and dangerous e-cards, here are the 12 holiday scams you would like to stay awayfrom this Christmas season.

Online Scams

Source: McAfee

02 Aug

Dropbox Confirms Hack, Upgrades Security

Dropbox Hacked

Dropbox, the Cloud Data Storage service confirmed that it has been hacked. Hackers used a stolen password to login to a Dropbox employee’s account & gain access to a file containing email addresses for users of the service.

Dropbox Hacked

It all started in mid-July when members of the Dropbox service noticed that they were receiving spam directed to email ac/s they only use to access Dropbox. As a result, users started making complaints on various forums and the company began the investigation.

Aditya Agarwalm, Dropbox VP of Engineering wrote in a blog post:

Dropbox Hack

Now the company confirmed that the security features has been upgraded such as automated mechanism to prevent such events in the future. Dropbox will also launch Two-Factor Authentication in the coming few weeks. Users are also advised to change their password.

See Also: Google Finally Launches Google Drive Cloud Storage Service

Here are Some Tips to Keep your Online Identity Safe:

– Do not use same password on all the websites.
– Use tools like 1Password to manage multiple strong passwords on the Internet.
– Read: How To Customize Strong Passwords For Each Website

26 Mar

How Much You Can Get Paid For Finding Security Vulnerabilities?

hacker

 

Hacking is fun. Hacking is risky. Hacking is a talent.

But If you’re a clever hacker, you can earn lot of money these days by making the right choices.
Find a zero-day exploit in a device like an iPhone/ iPad, for instance, and report it to Apple and present it at a security conference to win fame & lucrative consulting gigs.
Or you can sell the exploits to government agencies via middlemen who charge around 15% commission for setting up the million dollar deal. One of such middlemen is a Bangkok-based security researcher who goes by the name “the Grugq”.

hacker

According to a report on Forbes, these agencies don’t tell the public about the code they are paying for because they use it to gain access to their target’s devices.

Below is the rough price list of selling zero-day exploits to these Government Agencies. The price of finding security vulnerabilities in iOS is the highest, thanks to its stronger security followed by Google Chrome, Internet Explorer, Firefox and Safari.

exploitpricechart

Now the question comes, Who’s paying these prices? Western governments(specifically the U.S.), European Agencies and even the Chinese Government. And the sale depends not just on the ethical concerns but also who pays more.
Sometimes, the buyer are also the private sector clients who merely use the exploits as a proof-of-concept for marketing purposes.

Being a Hacker, you can also sell these exploits to software vendor itself. Firms like Mozilla, Google and Facebook offer a few thousand dollars for reporting bugs. Google typically offers a maximum of $3,133.70 for such information.

27 Sep

Pakistan Supreme Court Website hacked

 

A hacker using the nickname “Zombie_Ksa” hacked the website of Pakistan Supreme Court and claimed that the website is in the “wrong and untalented hands”.

pakistan flag

The unidentified hacker asked the SC Chief Justice Iftikhar Chaudhry to ban all the pornographic websites & do something to help the poor & hungry people.

The website was hacked just to convey message to the SC Chief Justice.

This is not the first instance. The Supreme Court website has been hacked in the past too.