Internet Explorer : Vulnerable as always!!!

1.   Microsoft IE vulnerability CVE-2012-1889 is the latest to generate interest amongst avid cyber security readers. The special thing about this vulnerability is that it focusses on users using Gmail, MS Office and Internet Explorer. And the sad thing is that this is still a ZERO day exploit...... Rapid 7,Security software company,explains the vulnerability as follows:

“This is an uninitialized memory bug found in MSXML. According to Microsoft, such a component can be loaded from either Internet Explorer and Microsoft Office. This vulnerability is rumored to be “state-sponsored”, and what makes it really critical is it’s still an 0-day hijacking Gmail accounts. That’s right, that means if you’re using Gmail as well as Internet Explorer or Microsoft Office, you’re at risk. We expect this vulnerability to grow even more dangerous since there’s no patch, and it’s rather easy to trigger.”

2.    Whatever may say...majority of the users still by default keep using IE across the globe....when I see my own blog stats,about 60 % of the visitors use IE...and as we all keep seeing the exponential growth in the users of internet across the globe....but sadly the awareness level of how vulnerable they all are is unknown and is growing at a similar rate!!!

3.    Got the reference from here.Thanks https://community.rapid7.com.

FLAME on way to commit SUICIDE ?

1.    Further to my post on FLAME earlier which made a point wise summary based on my various reads across the web,here is something more interesting.....

2.    The creators of Flame have sent a 'suicide' command that removes it from infected computers ie  it has gotten orders to vanish, leaving no trace.As was mentioned in the post earlier that Flame may delete itself from systems that have been fully exploited without leaving any trace has come true soon......

3.   More on the subject at the link ahead and Thanks THN

 http://thehackernews.com/2012/06/flame-spy-virus-going-to-suicide.html

Zoomit : Incredibly Useful Tool from Microsoft

1.     In any of the presentations or on screen visuals on projections system to a live audience we invariably require sometimes to let the audience get focused on something we would like them to see only on the screen......I mean zooming on a portion of screen without getting into the practise of coming out of ppt or ur application and running magnifier or some similar third party application.....here's what zoomit does free for you without any major installation worries!!!

2.   ZoomIt is screen zoom and annotation tool for technical presentations that include application demonstrations. ZoomIt runs unobtrusively in the tray and activates with customizable hotkeys to zoom in on an area of the screen, move around while zoomed, and draw on the zoomed image. I wrote ZoomIt to fit my specific needs and use it in all my presentations.ZoomIt works on all versions of Windows and you can use pen input for ZoomIt drawing on tablet PCs.

3.  Download and start using it .....from http://technet.microsoft.com/en-us/sysinternals/bb897434.aspx

The Lightest Browser : BROWZAR

1.  In the world of browsers when we have chrome...mozilla...safari...opera..and many others.fight it out at ACID3 benchmarking levels...we have a small browser here....thats only in KBs....by the name of BROWZAR.Few good things and features are mentioned below :

-  Takes seconds to download

-  No installation

-  No registration

-  One of the smallest, fastest browsers in the world

-   Just download and go

-   Doesn't save Cookies, History, Temp files, Passwords, Cache

-   Secure delete

-   Great for Banking and Cloud applications

-   Carry it with you on a USB stick

-   Great for shared computers

-   Use it on a friend's PC, Internet Cafe, Work PC, on Holiday

-   Automatically cleans up when you've finished

-   Only 222Kb...u read that right!!!only 222Kb

2.   Test and Download at http://www.browzar.com/.

YOUTUBE to your TV

1.    With the penetration of LCDs and LEDs in our homes....the desire of DIL MAANGE MORE gets into the business...so u have a internet broadband connection at home and you have a USB enabled LCD/LED....but how to play your youtube videos on your LCD/LED.....there is an easy free way to do it.I will introduce you to two veri nice softwares that I have been using for last 3-4 years now...withouyt any problems....no cracks...no pirated downloads required....

2.   So the first one is Free Studio's DVDVideo Soft at http://www.dvdvideosoft.com/ .Free Studio consists of 47 programs, grouped into eight sections: YouTube, MP3 & Audio, CD-DVD-BD, DVD & Video, Photo & Images, Mobiles, Apple Devices, 3D. The largest group, the Mobiles section contains 12 different applications. DVD & Video section is the second largest group with 10 programs. However, the YouTube section, particularly YouTube downloading programs, has gained more popularity among users.DVDVideoSoft assures that each free program offered is free of spyware and adware. The programs have been tested and endorsed by such reputable sites as Chip Online, Tucows, SnapFiles, Brothersoft and Softonic and have won awards from these sites.[Source Wiki]

3.   So after you have downloaded the video via this DVDSoft software,now u need is a suitable convertor.Although DVDSoft itself offers the conversion...u can also check another free bee at http://www.pazera-software.com/download.php?id=0015&f=Pazera_Free_MOV_to_AVI_Converter.exe

4.   So now u can get ready to watch your you tube videos on ur LED/LCD....

Linkedin Confirms being HACKED

1.    Most of us who surf web regularly do have our identities associated with popular social networking sites...like gmail...orkut...facebook and linkedin etc.So the latest news is that if u have a profile on LInkedin....please change ur password.....the news in brief goes like this....

2.     LinkedIn has confirmed on 6th Jun 12 that at least some passwords have been compromised in a major security breach correspond to LinkedIn accounts. First reported by Norweigan IT website Dagens IT the breach that about 6.5 million encrypted passwords were posted on a Russian hacker site.Thus those most of the users with compromised passwords noticed that their LinkedIn account password are no longer valid.The file uploaded only contains passwords hashed using the SHA-1 algorithm and does not include user names or any other data. However, the breach is so serious that security professionals advise people to change their LinkedIn passwords immediately. An SHA-1 hash is an algorithm that converts your password into a unique set of numbers and letters. If your password is “test_123,” for example, the SHA-1 hex output should always be “ab7a614854d2ef5ee9d9cc30e6f2bdcd19fe49ea.” As we can see that is problematic since if we know the password is hashed with SHA-1, we can quickly uncover some of the more basic passwords that people commonly use.

3.     The most common password used was “123456,” followed by “12345″ and “123456789.” All in all, more than half a million people chose passwords composed of only consecutive numbers. So, if a hacker tried to log in to all RockYou accounts with just one password attempt–123456–every hundred or so attempts would yield a compromised account. Dozens of attempts can be scripted every second, so Imperva estimates that using this technique would only take around 15 minutes to hack 1,000 accounts.

4.    Another site offers you to know if ur linkedin username was actually amongs the hacked lot or not.Not sure about how genuine it is...it is available at

http://venturebeat.com/2012/06/07/was-your-linkedin-password-hacked-heres-how-to-find-out/

5.    Thanks http://thehackernews.com/2012/06/linkedin-confirms-millions-of-account.html

Accessing Blocked Sites

1.    So many times we come across  internet terminals who deny us access to certain pages because of certain customized blocking by the local administrator or at times even the ISP.....so what do u do then...just abuse the ISP or the local admin!!!!no ...till u know few tricks of trade....so for example as a first case we assume that a site like timesofindia or some similar news site is blocked for accessing....so to access this simply go to the following website :

http://archive.org/index.php

2.    After u click this u will come across a webpage similar to the shown below :

(click image to enlarge)

3.   Now go to the bar and type ur site name.....this will give a option to even take you to the cached version of the site at an earlier date.For example I typed http://www.thehindu.com/ and i get the following screen.

(click image to enlarge)

4.     Now click on the date that u desire to see the site on......and u see the cached site like this when i clicked 14tg Feb 2003

(click image to enlarge)

5.    So we see that not only the blocked site is accessed but also we are able to access the site as it was on some past date .......though to access blocked sites there are so many proxies available on the web...thi one has this additional Cache feature..... 

FLAME : The new'EST Threat bigger then STUXNET

1.         Off late there has been the much talked FLAME Virus in the IT Sec community.Few clean shots about FLAME in a point wise crisp format :

 -          Flame was first detected back in 2010 by Kaspersky Labs completely by accident.

-           Flame is terribly complex for a piece of malware. 20 times bigger than Stuxnet.

-           Its about 20MB package and is still being analyzed.

-           The Stuxnet  attack that damaged Iranian nuclear facilities last year is barebones by 

comparison.

-           Kaspersky assumes it was built by government scientists, but no one knows which government.

-           Flame gathers a huge amount of data from infected systems, but it has been hard to sort out where it is all going.

-           Dozens of control servers have been located, but the domains associated with them are registered with fake identities.

-           Flame steals hard drive contents, screenshots, and keystrokes.

-           Can also use the system microphone and Bluetooth radio to suck in more data.

-           To save on bandwidth, Flame may delete itself from systems that have been fully exploited. This is part of what made the infection hard to detect.

-          

-           Has incredible abilities to monitor in-boxes, take screen grabs, even record audio of conversations happening near the computer.

-           The entire virus had been pieced together like a LEGO creation, one part building on another. Things could actually be added onto the spyware after it was already on an infected computer, giving the developer enormous freedom to tinker at will.

-           One specific example is with a Bluetooth module, which allowed the spyware to be spread to other devices.

-           The two most popular ways are to send you an e-mail with an attachment, and a Web-based or drive by download that gets you to a malware website.

-           Another favourite way to get you is through social media websites. Attackers are so savvy that they now troll your "friends" list and generate an e-mail that looks like it's coming from you, so what friend wouldn't click on it, right?

-           Microsoft has revealed that the virus gained a foothold by spoofing one of its own security certificates.

-           The computer virus is on the loose in Iran and other parts of the Middle East, infecting PCs and stealing sensitive data.

-           Flame is basically a backdoor and a Trojan with worm-like features.

-           Consider this: It took several months to analyze the 500K code of Stuxnet. It will probably take year to fully understand the 20MB of code of Flame.

2.Thanks http://news.cnet.com