Skip to main content

Posts

CLOAK AND DAGGER - NEW SECURITY BUG IN ANDROID 7.0-

Researchers have discovered a new attack, dubbed 'Cloak and Dagger', that works against all versions of Android, up to version 7.1.2. Cloak and Dagger attack allows hackers to silently take full control of your device and steal private data, including keystrokes, chats, device PIN, online account passwords, OTP passcode, and contacts. What's interesting about Cloak and Dagger attack? The attack doesn't exploit any vulnerability in Android ecosystem; instead, it abuses a pair of legitimate app permissions that is being widely used in popular applications to access certain features on an Android device. Researchers at Georgia Institute of Technology have  discovered  this attack, who successfully performed it on 20 people and none of them were able to detect any malicious activity. Cloak and Dagger attacks utilise two basic Android permissions: SYSTEM_ALERT_WINDOW ("draw on top")BIND_ACCESSIBILITY_SERVICE ("a11y") The first permission, known as
Recent posts

TERMINAL ON ANDROID- TERMUX

Let Termux be our topic today. It is an Android application which is a Terminal Emulator distributed by Fredrik Fornwall. It creates exactly the same working environment of Linux Terminal on Android. Take a try. It can be installed from Google Play Store. Navigate from here . After the environment is set, go to App settings from the System Settings and give the App Storage permission.  Basic linux command like cd, ls, pwd, cat, touch and many more or almost all can be made here on this prompt. To install packages like Python or Pip type in packages install <packageName> It's that simple.  Similarly, to execute a program or a package, type <packageName> then, the corresponding help will be appear. Rest is with you. This is how an installation screen appears to be.. Now, about storage. As the initial step, type in termux-setup-storage Typing pwd gives the current working directory and it will be something like /data/data/com.termux/files/

MORE ABOUT RANSOMWARES. PART 3

Before we proceed, here is a quick catch-up, in case you've missed the first two articles describing what ransomware is and how it works:  Part I and Part II. By now, it looks like there's no escape from ransomware, especially since it also targets mobile devices, threatening to lock users out of their smartphones or tablets. Remember Koler?Unfortunately, encrypted communications between attackers and elusive infection workflows make it difficult for traditional detection-based security solutions to block ransomware attacks. How to prevent getting infected Because of the technology limitations that prevent users from retrieving the decryption key without paying the ransom, the best way to protect against the effects of ransomware is to not get infected in the first place. Recommendations for users: 1. Regularly backup your data in the cloud or using an external drive. Backups should not be stored on a different partition in your PC, but rather on an external hard-drive th

MORE ABOUT RANSOMWARES. PART 2

Now that we've been introduced to ransomware, let's see how it spreads and infects machines. How does it enter systems? Common penetration techniques include: Spam and social engineering, Direct drive-by-download or malvertising, Malware installation tools and botnets. When ransomware first hit the scene a few years ago, computers predominantly got infected when users opened e-mail attachments containing malware, or were lured to a compromised website by a deceptive e-mail or pop-up window. Newer variants of ransomware have been seen to spread through removable USB drives or Yahoo Messenger, with the payload disguised as an image. CTB Locker, the ransomware making headlines and victims right now, spreads through aggressive spam campaigns. The email poses as a fax message which carries a .zip archive as an attachment. If the executable file inside the zip file is accessed, the data on the system is encrypted and the victim is asked to pay a ransom to receive the decryption

MORE ABOUT RANSOMWARES. PART 1

 Not long ago, a man committed suicide after an automatically generated notice from a computer virus threatened him with jail unless he paid a ransom thousands of dollars. The year was 2014. As incredible as the story seems, it marked the first known time a computer virus actually killed somebody. The next generations stole cash from users around the globe, and Cryptolocker raised the stakes – holding data of hundreds of thousands of users hostage. Despite successive short-lived take downs, the malware has made a comeback as CTB (Curve-Tor-Bitcoin) Locker. This challenging breed of malware is continuously improving, reaching new levels of complexity as smartphones and tablets are increasingly used to store crucial personal and enterprise-level documents. Bitdefender, the anti-malware solutions provider, zooms in on the subject to show how this type of virus works and to tell users how to prevent being locked out and extorted. What is ransomware? Ransomware is a type of malware th

SETTING UP A C IDE

C-Language The C programming language is one of the most popular and widely used programming languages. It is a general-purpose programming language and there are very few computer systems in existence that are not set up for its use (i.e. where a C compiler does not exist). Here will see how to set up a C IDE. ON WINDOWS Dev C++ is an open source C/C++ compiler that is one of the most user friendly and effective development environment and compiler. It can be downloaded from  source forge  or from  bloodshed . • Download the setup file from any of the above links or from somewhere it is feasile. • Install it and open the IDE. Click on 'New project' from the menu File to the top left. •Type in your code. Next comes the task of saving the source code in c source format. Give it a name and from the drop down menu which appeares in the save window select 'c source file' and then click save. •After saving, click on the compile button from the menu or press F9. If t