Windows XP ATM Machine “Hacked” by Simply Pressing Shift Five Times in a Row

We’ve known for a while that ATM machines running Windows XP (Embedded version or not) are exposed to attacks, but when we mix the lack of updates with bad configuration from IT admins what we get is a vulnerability that’s worryingly easy to exploit.


One of the users of Russian blogging platform
Habrahabr discovered that an ATM machine operated by state-owned bank Sberbank runs Windows XP and suffers from a security hole that makes it possible for pretty much anyone to completely hack it.


While it’s not hard to figure out what hacking of an ATM machine means, it appears that the full-screen lock system that prevented the ATM interface from accessing other parts of the operating system could be bypassed by simply invoking Sticky Keys.


This is a feature that’s part of Windows XP and which can be easily enabled by pressing Shift for five times in a row, in its turn providing access to Windows settings and bringing up the taskbar and the Start menu.



Bank not in a rush to fix the problem


As you can see in the video demonstration below, “hackers” could be able to easily reach other parts of the operating system using only the touch screen, which obviously opens the door to a series of malicious activities that can be performed, such as deploying software and modifying boot scripts.


The worst thing is that Sberbank appears to be aware of this problem, but it hasn’t moved a single finger to take care of it. German site
WinFuture writes that the bank was informed of the vulnerability more than two weeks ago, and although it promised an emergency fix to address it, the same exploit still worked earlier this week.



While this isn’t an issue related to Windows XP no longer receiving security updates, it’s also worrying that there still are many banks out there running the operating system launched in 2001.

For what it’s worth, the last updates for Windows XP were shipped in April 2014 (except for one emergency patch blocking the WannaCry ransomware released earlier this year).

Follow -

Facebook Security-Get Back Your hacked facebook Account

New security feature reveals if Facebook mails are legit


By Scott Dickens


We're always looking for new ways to help people take control of the security of their Facebook accounts. That's why today, you'll see in your security settings an option to view “Recent emails about security and login”.

Facebookmail.com is a common domain that Facebook uses to send notifications when we detect an attempt to log in to your account or change a password. If you're unsure if an email you received was from Facebook, you can check its legitimacy by visiting


facebook.com/settings to view a list of security-related emails that have been recently sent.
If you've checked this tool and determined that an email you received is fake, we encourage you to report it to phish@facebook.com, and if you believe your account has been compromised due to a phishing attempt, you may attempt to regain access to your account at:
facebook.com/hacked .

Facebook wants you to know when someone is trying to steal your data. The social network unveiled on Wednesday a security feature that lets you see a list of recent emails sent by Facebook. Hackers often send emails disguised as messages from companies like Facebook to trick users into giving them login and password information. The tactic, called phishing, is common among cybercriminals. Now, if you receive an email from an address that appears to be Facebook (FB) -- but don't recognize the activity or the alert -- a tool in its Security and Login section in Settings will tell you if it's legit. If the email claiming to be from Facebook isn't listed there, you'll know it's fraudulent. Facebook sends security emails from the domain "Facebookmail.com," offering another way to check its authenticity. But if you don't recognize the domain or sender, you can report the issue directly to Facebook. In a blog post, product manager Scott Dickens urged users to report fraudulent emails pretending to be Facebook to "phish@fb.com." Successful phishing campaigns can be costly for consumers and companies. According to security firm Trend Micro, global losses from compromised business email scams, which often originate via phishing, will exceed $9 billion next year.

Edward Snowden’s ‘Haven’ app turns smartphone into surveillance device

Edward Snowden launches anti-espionage smartphone app Haven: Here's where to get it

Edward Snowden, former National Security Agency contractor, known for his explosive disclosure of the US government's citizen surveillance, has come up with an intuitive smartphone app dubbed as Haven that promises to offer ultimate surveillance security from physical espionage.

Introduce haven app by Edward snowden:-

https://youtu.be/x4leeOZfSis


Haven is created by Snowden in collaboration with open-source global security app developers, Freedom of Press Foundation and the Guardian Project with prime focus of protecting human rights activists, investigative journalists and people at risk of forced disappearance to create a new kind of herd immunity, the project team said.




Haven is a simple, but an intelligent app, which makes use of the critical sensors found on all basic Android phones such as accelerometers (detect motion), camera (capture intruder image), microphone (listens change in noise), light (change in light ambience) and power (detect device being unplugged or power loss) and turn it in to an all-in-one surveillance device and if any untoward things get detected, it will register the details and keep it in the phone's secured folder. There is also an option to pass the information to the owner's primary device via encrypted messages.


Pic:-

"By combining the array of sensors found in any smartphone, with the world's most secure communications technologies, like Signal and Tor, Haven prevents the worst kind of people from silencing citizens without getting caught in the act," Project Team states on Google Play store.


Here's how Haven will guard you against espionage:

Once the Haven is installed on your secondary device, be sure to activate it, if you intend to leave the room or go to sleep. Once that is done, the Haven will keep all aforementioned sensors of the phone active and monitors the surroundings for any changes in light, sound, vibrations and movements.
If triggered, it sends an alert to the owners primary device over a secured connection on Telegram or Tor. If anybody touches the phone, it will snap the picture of the intruder and pass on the image to the owner.




As of now, Haven app is available only for Android phones. Interested users can download Haven Beta on Google Play store.

https://play.google.com/store/apps/details?id=org.havenapp.main

System requirements for Haven app:


App Developers OS compatibility 

Haven Freedom of Press Foundation (Edward Snow is also a member) and the Guardian Project Android 4.1 or later Free

Wireless Wi-Fi Hacking Commands in Windows 7 (Part 2)

How to Detect list of available Wireless Networks

Click Start, click Run , type cmd, and then click
OK , to open a command prompt.

At the command prompt, type

   netsh wlan show networks mode=bssid 

  How to Connects to a Wireless Network

netsh wlan connect name=MTNL

Replace MTNL with your own profile name

How to disconnect to a Wireless Network



netsh wlan disconnect

How to show available Wireless Network profiles your PC


netsh wlan show profile

How to Saves wlan profiles as XML files to the specified location


netsh wlan export profile name=MTNL

How to Block a Wireless Connection

netsh wlan add filter permission=block ssid=netgear networktype=infrastructure

If you want to block this computer from accessing all wireless network use denyall option in the command.


netsh wlan add filter permission=denyall networktype=adhoc



How to show the blocked network


      netsh wlan show blockednetworks

How to show the installed Wireless drivers
  
       netsh wlan show drivers

Beware of Cryptocurrency Mining Virus Spreading Through Facebook Messenger

Be Aware!!!


If you receive a video file (packed in zip archive) sent by someone (or your friends ) on your Facebook messenger — just don’t click on it.

Researchers from security firm Trend Micro are warning users of a new cryptocurrency mining bot which is spreading through Facebook Messenger and targeting Google Chrome desktop users to take advantage of the recent surge in cryptocurrency prices.

Dubbed Digmine, the Monero-cryptocurrency mining bot disguises as a non-embedded video file, under the name video_xxxx.zip (as shown in the screenshot), but is actually contains an AutoIt executable script.


Once clicked, the malware infects victim’s computer and downloads its components and related configuration files from a remote command-and-control (C&C) server


Once clicked, the malware infects victim’s computer and downloads its components and related configuration files from a remote command-and-control (C&C) server.


Digimine primarily installs a cryptocurrency miner, i.e. miner.exe—a modified version of an open-source Monero miner known as XMRig —which silently mines the Monero cryptocurrency in the background for hackers using the CPU power of the infected computers.

Besides the cryptocurrency miner, Digimine bot also installs an autostart mechanism and launch Chrome with a malicious extension that allows attackers to access the victims’ Facebook profile and spread the same malware file to their friends' list via Messenger.

Since Chrome extensions can only be installed via official Chrome Web Store, "the attackers bypassed this by launching Chrome (loaded with the malicious extension) via command line."

"The extension will read its own configuration from the C&C server. It can instruct the extension to either proceed with logging in to Facebook or open a fake page that will play a video" Trend Micro researchers say.

"The decoy website that plays the video also serves as part of their C&C structure. This site pretends to be a video streaming site but also holds a lot of the configurations for the malware’s components."

It's noteworthy that users opening the malicious video file through the Messenger app on their mobile devices are not affected.

Since the miner is controlled from a C&C server, the authors behind Digiminer can upgrade their malware to add different functionalities overnight.

Digmine was first spotted infecting users in South Korea and has since spread its activities to Vietnam, Azerbaijan, Ukraine, Philippines, Thailand, and Venezuela. But since Facebook Messenger is used worldwide, there are more chances of the bot being spread globally.

When notified by Researchers, Facebook told it had taken down most of the malware files from the social networking site.

Facebook Spam campaigns are quite common. So users are advised to be vigilant when clicking on links and files provided via the social media site platform.

                                 

                                                                             Hacker news

Detect if your username has been hacked

Every day it seems like another web page or online service has been hacked. If you use the same password on more than one web page, make sure your account details have not been compromised by entering your e-mail address into the breachalarm.com website. This website has a database of several hundred thousand publicly posted hacked accounts and will report if your e-mail address is contained in its database.








2017 worst password    👇👇

https://techgyanmantra007.blogspot.in/2017/12/worst-passwords-of-2017-123456-tops.html?m=1

Worst Passwords of 2017: 123456 Tops Again

Source :getty image.

For 2017, the world's most-hacked password is still "123456," followed by "Password."

Splashdata has released its annual ranking of the worst passwords of 2017, using data from more than 5 million leaked passwords. For 2017, the world's most-hacked password is still "123456," followed by "Password."

Between them, these two passwords have ruled the ranking sine 2011, and that's no surprise, since they're the easiest and most predictable passwords to hack.

Users can improve password security by finding a series of letters, numbers and symbols that's relatively complex, but which can be easily remembered. Try using the first letters of a phrase or a song title, for example. Finally, it's important never to use the same password twice and to make sure you change passwords regularly, once per quarter, for example.

Top 20 most-hacked passwords of 2017:

1. 123456 
2. password 
3. 12345678 
4. qwerty 
5. 12345 
6. 123456789 
7. letmein 
8. 1234567 
9. football 
10. iloveyou 
11. admin 
12. welcome 
13. monkey 
14. login 
15. abc123 
16. starwars 
17. 123123 
18. dragon 
19. passw0rd 
20. master

SESSION HIJACKING ANY ACCOUNT [ANDROID] Login Session Hijacking Of Any Account Using Android Smartphone.

Disclaimer: Login Session Hijacking is illegal without mutual consent. This tutorial is just for educational purposes. Tech gyan will not be responsible for anything you do.



Understanding Session Hijacking/Cookie Hijacking



Session hijacking , sometimes also known as cookie hijacking is the exploitation of a valid account Login session—sometimes also called a session key —to gain access to the account.


What are Cookies? – A cookie is a data packet sent from a website and stored on the web browser while the user is browsing. Cookies store data such as items added in the shopping cart in an online store or to record the user’s browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to store data that the user previously entered such as names, addresses, passwords, and credit card numbers.

Session Side Hijacking – Using packet sniffing to read data between the browser and website to
steal the session cookie . Here in this tutorial, we will use this method to hijack login sessions.


Session Hijacking Using Android Smartphone



Prerequisites: Attacker and Victim Must Be In Same WiFi Network // Prior to anything connect to the WiFi network, on which you want to do session hijacking of other peoples

• First Of All You Will Have To Download A Tool Named “ Interceptor-NG ” (    http://sniff.su/download.html)

• Once you Have installed the app, tap it open and give necessary permissions.

• Once inside the app, Tap on the ” Radar” on top left corner to start scanning all the connected devices in the network.

• After scanning it will show up a list of all connected devices (tap any device you want to hijack and Hit The Arrow on top right)

Scan Devices, Select Device, Hit The Arrow

On the next screen you will see a “Settings Gear” on top right, tap it and tick “Ressurection” and “SSL Strip” (as shown in the image down below)

settings menu

Tap The Nuclear Icon on top left and hit “Play Triangle” Beneath it (This Will Initiate Interception)

initializing the interception

Now Hit The “Shark Fin Icon” on the right of Nuclear icon, inside it Tap the “Play Triangle” To Start Capturing The Data Packets.

start capturing data packets

Let’s Hunt For Session Cookies Now.

Now we are all set to start cookie capturing, For the demonstration purpose, I will show it to you by stealing a session cookie from my Windows PC to Android.

Okay so now I will login into my account in a website in my Windows PC and let’s see how does that work.

Now Head Over To The Globe Icon in Interceptor-NG, there you will the list of captured cookies.. Hit on the Web Link (near the IP Address) to break inside the account using session key.

captured session cookies

Once You have tap on the web link, an in-app web browser will open up and you will be logged in into the victim’s account.