Little late – still value to it though – Be Safe Online Shopping Checklist

As the most wonderful time of the year has come – Christmas, it has brought with itself the time of online shopping.
According to National Retail Federation, more than 151 million people shopped in store, but more than 100 Million shopped online during Cyber Monday sales and even why wouldn’t it be so given the vast conveniences of online shopping.
It is quite visible in these days that more and more people are heading towards online shopping rather than the malls to purchase gifts for Christmas.
However, the main question arises: Is it safe to do so? Especially with so many users sharing credit card information online.
Here are some tips that you have to keep in mind before providing your credit card number and clicking, ‘BUY

1. DO NOT CLICK On Suspicious Links

Malicious links are sent by scammers who look more real than the original ones. As these links are specifically of the well-known sites like eBay and Flipkart, many online users fall victim.
The safest way of not getting tricked by these would be NOT to open them if provided via social media sites, messages or emails from unknown sources.

2. Keep your Eye on New Vendors

People tend to purchase goods and services from new vendors as they generally give attractive discounts.

However, one should always be safe from such vendors as sometimes the customer is trapped and exploited easily.

One of the main problems is FAKE CUSTOMERS REVIEW. Never rely totally on company or seller review information.
  • Always get a double confirmation of the things that are necessary including product purpose and suitability, materials and construction, quality, and other things like speedy shipping, prompt refunds, and returns.
  • Always try to start from minimum purchases and then shift to the major ones.
  • Always look before you leap.
Search online for other people’s experiences online and also some sites like and others.

3. Always Use Strong Passwords

This tip is one of the most obvious ones, but people do not intend to use it generally.
  • Always try to avoid easy to crack passwords by including a combination of upper and lowercase letters, numbers and special characters in your password.
  • Avoid using the most common passwords like your name, 123456 and password.
  • Most importantly don’t use the same password for multiple sites.

4. Always Use Secured Websites

Before typing your sensitive information online, check to make sure if the website you just visited is a secure site.
Secure sites have a closed padlock in the status bar, and its URL starts with HTTPS, which means:
  • Communication is encrypted
  • SSL verifies authenticity

5. Avoid Using Debit Cards, Instead Use Credit Cards

For online shopping purposes, using a credit card is always considered to be a comparatively better option rather than using a debit card.
In a case, if someone manages to intercept your financial information online, they can do less damage.
  • Credit cards have spending limits but debit cards do not
  • Credit cards should also be used with low credit limits even as other option also given by the bank as “one-time use.”
You can even make use of virtual credit cards that are specifically designed for online shopping only.

6. Important Things to Remember While Shopping

  • Always keep documentation of your online purchases, mostly an email is sent to the customer confirming the order.
  • It is the duty of every customer to print the document or save it somewhere safe till receiving the order.
  • Moreover, it is always suggested to log off from the retailer’s website after making the purchase.
These are always considered to be the smarter options to adapt than to become a victim.

7. Do Not Provide Your Details to Every Website You Visit

Online stores provide an option for the customers to check out as a one time customer.
If you are not shopping regularly from any site, avoid filling unnecessary information, just in case, to be safe.

8. Check Your Bank Statements Regularly

Most of the banks now allow for setting up email notifications of any credit card transaction.
If you see any charges that are unusual, they have to get reported, and suitable actions should be taken that are needed to get a prompt refund.


This was interesting. Turn any screen into a touch-screen.


How to Turn Any Non-Touch Screen PC Into a Touch Screen

“What if I told you that you can turn your existing non-touch-screen laptop into a Touch Screen laptop?
Yes, it’s possible. You can now convert your laptop or PC into a touch screen with the help of a new device called AirBar.
Touch screen has become a popular feature on laptops these days, and many laptops are moving toward having touch screens, but not every laptop or desktop model comes with the feature.
Swedish company Neonode has brought to you a new device, AirBar, that would bring the touch technology to virtually any computer from your non-touch laptops to notebooks.

What is AirBar and How does it Work?

AirBar is a small plug-and-touch bar that attaches magnetically to the bottom of your machine’s display.
When connected to your laptop via an available USB port, AirBar starts emitting a beam of invisible light across your screen that is used to track touchscreen movements and gestures.
The movements and gestures are then translated into corresponding inputs, making you able to use all the gestures including poking, pinching, swiping, zooming and scrolling around with your hand, in the same way, like on a touchscreen PC.
AirBar turns any laptop, computer, or notebook into a touchscreen machine, without making any changes to its hardware.

You can watch the video above to know how really AirBar works.

…it even works if you have worn gloves, and with any other object.
AirBar works well with any device running Windows 8 or Windows 10 or even with a Chromebook, but it still needs to have proper OS X support.
The AirBar is going to retail for $49 next month with its public launch in January 2016 at the CES event in Las Vegas. 15.6-inch screens size at present. Currently, the only size that AirBar accommodates is 15.6-inch screens.

How to build a successful Incident Response Plan!

The fight to protect your company’s data isn’t for the faint of heart.

As an embattled IT warrior, with more systems, apps, and users to support than ever before, keeping everything up and running is a battle in itself.

When it comes to preventing the worst-case scenario from happening, you need all the help you can get, despite your super-hero status.

According to SANS, there are 6 key phases of an incident response plan.
  1. Preparation – Preparing users and IT to handle potential incidents in case they happen
  2. Identification – Figuring out what we mean by a “security incident” (which events can we ignore vs. which we must act on right now?)
  3. Containment – Isolating affected systems to prevent further damage
  4. Eradication – Finding and eliminating the root cause (removing affected systems from production)
  5. Recovery – Permitting affected systems back into the production environment (and watching them closely)
  6. Lessons Learned – Writing everything down and reviewing and analyzing with all team members so you can improve future incident response efforts
Here are three examples from the front lines of incident response that can help you at each phase as you build out your plan.

On Defining Success Incident Response Success

There are many levels of success in defensive work… the common wisdom is that the attacker only has to be right once, but the defender has to be right every time, but that’s not always true.

Attacks are not all-or-nothing affairs – they happen over time, with multiple stages before final success.

To remain undetected against an attentive defender, it is the attacker who must make every move correctly; if an astute defender detects them even once, they have the possibility to locate and stop the whole attack.

You aren’t going to immediately detect everything that happens during an attack – but as long as you detect (and correctly identify) enough of an attack to stop it in its tracks, that’s success.

Don’t Panic. Stay Focused.

Execution is key – the range of ways to attack a target can seem limitless – expecting to be an expert on all of them is pointlessly unrealistic.

The most important part of incident response is to handle every situation in a way that limits damage, and reduces recovery time and costs.

At the end of the day, that’s how you’ll be measured on a job well done… not that you’ve covered every angle of every potential vulnerability.

Start with Simple Steps. Attackers are Lazy.

Attackers have technical and economic imperatives to use the minimum amount of effort and resources to breach their targets – the more you remove the low-hanging fruit on your network, the more you raise the actual level of work an attacker has to expend to successfully infiltrate it.


Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Beware Internet Users!
Cryptowall 4.0 – the newest version of the world’s worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers.
Ransomware threat has emerged as one of the biggest threats to internet users in recent times. Typically, a Ransomware malware encrypts all files on victim’s computer with a strong cryptographic algorithm, then demand a ransom to be paid in Bitcoin (range between $200 and $10,000).
Cryptowall is currently among the most widespread and sophisticated family of Ransomware backed by a very robust back-end infrastructure.
Also Read: Anyone can Now Create their Own Ransomware using This Hacking ToolKit
The recent report dated back to last month suggested that the authors of Cryptowall 3.0 ransomware virus have managed to raise more than $325 Million in revenue in the past year alone.
With the debut of Cryptowall 4.0 at the beginning of this month, ransomware threat has become more sophisticated and advanced as Cryptowall 4.0 is employing “vastly improved” communications as well as better design code so that it can exploit more vulnerabilities.

Cryptowall 4.0 Delivered via Nuclear Exploit Kit

Now less than a month after its release, Cryptowall 4.0 ransomware has been spotted to be delivered as part of a Nuclear Exploit Kit, according to the security researchers at the SANS Internet Storm Center (ISC).
Until recently, Cryptowall 4.0 has been distributed only via malicious spam and phishing emails, but now it has been infecting machines via an Exploit Kit.
SANS security researcher Brad Duncan wrote in a blog post published Tuesday that a cyber criminal working off domains belonging to Chinese registrar BizCN has been spreading the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.
Duncan said the cyber gang, dubbed the “BizCN gate actor” by him, began distributing the ransomware in payloads from the exploit kit as early as November 20.
Also Read: Free Ransomware Decryption and Malware Removal ToolKit
Duncan published a whole technical analysis on the SANS ISC website that shows how Nuclear exploit kit infects a vulnerable Windows host.

“Since this information is now public, the BizCN gate actor may change [their] tactics,” Duncan said in the post. “However, unless this actor initiates a drastic change, it can always be found again.”

Cryptowall 4.0 made its debut earlier this month with upgrades that made it even more challenging for victims to recover files from compromised computers than its predecessor.
Cryptowall 4.0 now not only encrypts the data in your files but also encrypts the file names as well, with vastly improved communication capabilities.

What Should You do if You get Infected by Cryptowall 4.0?

Once your computer is infected by Cryptowall 4.0, unfortunately, there is not much you can do, as the encryption it uses is very strong and almost unbreakable.
The only options you are left with are:
  • Either, Format your computer and restore your data from the backup
  • Or, Pay the Ransom money for decryption key
However, we do not advise you to pay ransom as it does not guarantee that you’ll get the decryption key and paying ransom would encourage criminal activities as well.

Prevention is the Best Practice

As I previously recommended, the best defense measure against Ransomware is creating awareness within the organizations, as well as maintaining backups that are regularly rotated.
Most viruses are introduced by opening infected attachments or clicking on links to malware usually contained in spam emails.
So, DO NOT CLICK on suspicious links provided in emails and attachments from unknown sources.
Also Read: Ransomware Attacks Threaten Wearable Devices and IoTs
Moreover, ensure that your systems are running the latest version of Antivirus software with up to date malware definitions.

Your GPS Location and Calls Can be Spied Using Network Vulnerability

Yes, you heard it right. It’s the dirty truth that’s featuring what is being called the largest privacy breach ever.
Billions of cell phone users are at risk of a vulnerability in the SS7 inter-carrier network that allows hackers and spies agencies to track locations and intercept all voice calls from anywhere in the world.
This is something we already know from the last year’s Snowden leaks that explained the National Security Agency (NSA) capabilities to gather nearly 5 Billion records a day on mobile phone locations around the world.
But, it’s worse than we have thought.
The famous Australian TV programme “60 Minutesdemonstrated that it is possible for anyone to track cell phone location and intercept calls and text messages.
This time, not due to a security vulnerability in the phone’s operating system, but due to a serious flaw in the very system our cell phones use to communicate with each other around the world – The global signaling system, called SS7.

What went Wrong?

Hackers take advantage of the SS7, which is unfortunately vulnerable.
SS7 or Signaling System Number 7 is a protocol suite used by most telecommunications operators throughout the world to communicate with one another when directing calls, texts and Internet data.
SS7 allows cell phone carriers to collect location information from cell phone towers and share it with each other. This means a United States carrier will find its customer, no matter if he or she travels to any other country.

Location Tracking, Calls Listening, Messages Intercepting using SS7

Successful exploitation of the bug in SS7 could let attackers listen to all your voice calls as well as track your exact GPS location.
This technique is commonly known as a Man-in-the-Middle (MitM) attack, where hackers intercept online traffic and then forward it back to the recipient.
Besides tracking cell phone user and intercepting their calls, this critical flaw also allowed hackers to intercept SMS verification used with banking applications.

Really Scary!

Showing in a special report, 60 Minutes shows how German hackers intercepted and recorded a mobile phone conversation of a politician, as well as tracked his movements from Germany, which is situated thousands of miles away.
Since the SS7 network is used worldwide, the vulnerability in it puts Billions of cell phone users in danger.
Unfortunately, there isn’t a fix yet, so the flaws in SS7 protocol will continue to be present even if your telephone carriers upgrade to more advanced technology.

Jailbreakers beware- Apple iOS Jailbreak Tweaks Have Backdoors; 220,000 iCloud Accounts Hacked

Jailbreakers Beware!
Some shady tweaks that you installed on their jailbroken devices are looking to steal your iCloud login credentials, a report said.
The iCloud account details, including email addresses and passwords, of nearly 220,000 jailbreak users have been breached, an online Chinese vulnerability-reporting platform WooYun reported.
WooYun is an information security platform where researchers report vulnerabilities and vendors give their feedbacks.

Backdoor Privacy Attack

The security breach, according to the website, was a result of ‘backdoor privacy attack‘ caused by the installation of a malicious jailbreak tweak.
It appears that Hackers are using a variety of “built-in backdoors” that could be numerous ofmalicious jailbreak tweaks in an effort to acquire victim’s iCloud account information.
Once installed, these malicious tweaks transferred the iCloud login details of the jailbreak users to an unknown remote server.
So far, it is unclear that who is behind the attack, and what are their intentions to do with the stolen iCloud accounts. But, the report states that WooYun has notified the appropriate vendors – apparently Apple – about the issue and are awaiting processing.
Below you can see the (slightly) translated version of the report:
Apple iOS Jailbreak Tweaks Have Backdoors; 220,000 iCloud Accounts Hacked
Considering just one jailbreak tweak, 220,000 seems to be a huge number. Though it is believed that a number of malicious jailbreak tweaks have been used by the criminals, out of which many are posted as free versions of popular paid tweaks.

Who is Affected?

The security flaw has nothing to do with Apple’s security and affects only iOS users who have attempted jailbreak on their devices.
However, with such a large number of compromised Cloud accounts, it appears that such an attack could be the result of a more organized method, which could be due to a pre-installed backdoor.
As pointed out by Reddit user ZippyDan, the Chinese market traders often sell iPhones and iOS devices that are pre-jailbroken. Also, many of these devices may have been passed on with the shady tweaks already installed.

How to Protect Yourself?

It’s unlikely to say not to jailbreak your device, as we can take some necessary steps to tighten up our device security.
Here are some steps that you should implement to help protect yourself:
  • Enable 2 Factor Authentication for your iCloud Account
  • Do not add shady third-party repositories to Cydia
  • Do not install jailbreak tweaks from unknown and untrusted sources
  • Do not pirate tweaks or apps
If you have already enabled two-step authentication, it will prevent someone else from accessing your iCloud account even if they have your email address and password.
, \

(NEW) Android Hacking Tool (LEAKED)

CSAndroid — Advanced Android Hacking Tool Leaked Online


As digging deeper and deeper into the huge Hacking Team data dump, security researchers are finding more and more source code, including an advanced Android Hacking Tool.

Yes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to infect millions of Android devices even when users are running latest versions of the android mobile operating system.
Trend Micro researchers found that the Italian spyware company was selling RCSAndroid (Remote Control System Android), which they says, is one of the “most professionally developed and sophisticated” pieces of Android malware a.k.a Android hacking tool they have ever seen.

RCSAndroid is a sophisticated, real-world surveillance and hacking tool that provides even unskilled hackers to deploy one of the world’s more advanced surveillance suites for Google’s mobile operating system Android.

List of Creepy Features of Android Hacking Tool

Once installed on targets’ devices, RCSAndroid would have helped government and law enforcement agencies around the world to completely compromise and monitor Android devices remotely.
Here are some of the features of RCSAndroid include the ability to:
  • Capture screenshots using the ‘screencap’ command and framebuffer direct reading
  • Collect passwords for Wi-Fi networks and online accounts, including WhatsApp, Facebook, Twitter, Google, Skype, and LinkedIn
  • Collect SMS, MMS, and Gmail messages
  • Capture real-time voice calls in any network or application by hooking into the ‘mediaserver’ system service
  • Capture photos using the front and back cameras
  • Monitor clipboard content
  • Record using the microphone
  • Record location
  • Gather device information
  • Collect contacts and decode messages from IM accounts, including WhatsApp, Telegram, Facebook Messenger, Skype, WeChat, Viber, Line, Hangouts, and BlackBerry Messenger.

RCSAndroid Android hacking tool had been in the wild since 2012 and has been known to Citizen Lab researchers since last year when the security firm detailed a Hacking Team backdoor used against Android users in Saudi Arabia.

How RCSAndroid hacking tool infects a Target?

RCSAndroid uses two different methods to infect targeted Android devices.
1. Hacking Team used text and email messages containing specially crafted URLs that triggered exploits for several vulnerabilities (CVE-2012-2825 and CVE-2012-2871) present in the default browsers of Android 4.0 Ice Cream to 4.3 Jelly Bean, allowing the attacker to gain root privileges, and install the RCSAndroid APK.
2. The company used backdoor apps such as “BeNews” available on the official Google Play Store to take advantage of a local privilege escalation bug to root the device and install the RCSAndroid agent.

RCSAndroid has 4 ‘critical components’:

  • Penetration solutions – Methods to get into the device, either via SMS or email or a legitimate app
  • Low-level native code – Advanced exploits and spy tools beyond Android’s security framework
  • High-level Java agent – The application’s malicious APK
  • Command-and-control (C&C) servers – Servers used to remotely send or receive malicious commands

Given that the source code of RCSAndroid is now available to everybody, it will likely put Android users in danger. So, if you own a smartphone running any Android version from 4.0 Ice Cream to 4.3 Jelly Bean, you need to ‘Get Rid of it Today.’

“The leaked RCSAndroid code is a commercial weapon now in the wild,” security researchers wrote in a blog post. “Mobile users are called on to be on top of this news and be on guard for signs of monitoring. Some indicators may come in the form of peculiar behavior such as unexpected rebooting, finding unfamiliar apps installed, or instant messaging apps suddenly freezing.”

Users of Lollipop may also be in danger of being targeted, as some emails sent among Hacking Team executives indicates that “Hacking Team was in the process of developing exploits for Android 5.0 Lollipop,” but so far there is no such indication.