Find out what I'm doing, Follow Me :)

Tuesday, January 31, 2012

How To Deal With Insider Threats?

The biggest threats to IT security don’t originate from outside a company. Employees, contractors, and business partners on the inside pose a far greater security risk. As long as your current or former staff and associates have access to your internal network, you are vulnerable to a security breach.

Here’s how to deal with the real and significant threat of attack from insiders, and avoid the widespread damage they can unleash on your company’s finances and reputation.

First: Assess the Risk

For most firms, implementing full protection against every possible threat is not feasible. It makes more sense to assess the risk, determining which data is critical and which is relatively unimportant. Protect critical resources first.

Next, decide who needs access to the network. Make sure that individuals such as partners, suppliers and contractors have access only to the information they need to serve your company or customers.

The third step in assessing risk is determining who are the potential threats, why they would want access to the network, and how they could gain entry. At this stage, many organizations only consider external threats: competitors, random hackers or former employees. Don’t neglect analyzing your insider threats, as well – including the staffers tasked with protecting the system.

Once you’ve uncovered vulnerabilities, you can take steps to prevent an insider attack.

Implement Preventative Measures

Among the best practices for preventing insider threats are:
  • Institute clear policies and controls; be sure all employees are aware of acceptable network use and what constitutes a breach.
  • Enforce policies consistently; maintain proper paper trails.
  • Implement security awareness training; reinforce its importance.
  • Segregate duties to reduce risk.
  • Encourage employees to come forward and identify suspicious behavior, malicious insiders, threats against the company or attempts at exploitation.
  • Implement proper system administration safeguards on critical servers.
  • Monitor trusted users.
  • Audit access to customer information.
In addition, you’ll want all the usual technical protection against spyware, malware and viruses, firewalls, and regular security patches. Consider securing the physical space as well, with entry and exit controls and badges to monitor employees, delivery people and visitors. You want to hire security personnel to discourage criminal activity.

Finally, Know Whom You’re Hiring

Failing to thoroughly check out a potential hire leaves a company vulnerable to insider threats. It goes without saying that thorough background checks are necessary for any prospective new employee who will have access to sensitive information, from customer credit card numbers to crucial application source codes. But for better protection, extend that practice to all employees and contractors.

Background checks should include a criminal history report, a credentials check and a credit check. Hiring managers should verify past employment and speak to former employers regarding the applicant’s history of dealing with workplace issues. Any information gathered should be part of the decision-making process.

Monitor Employee Behavior

Once an employee is hired, be sure supervisors are tasked with reporting any strange or inappropriate behavior. Compare such incidents to systems logs to determine if anything unusual is happening. And remember to enforce all security policies. If employees learn they can get away with small violations, they may be emboldened to move on to bigger and more lucrative security breaches.

Be Aware and Vigilant When Dealing With Insider Threats

Whether they modify data, steal critical codes, sell company secrets or commit payroll fraud, insiders are the biggest security threats a company will face. While there is always an element of risk, you can decrease information system vulnerability with these common sense steps. Most importantly, by being aware and vigilant, you’ll be better prepared to avoid the losses that far too many organizations suffer at the hands of trusted insiders.

As more companies move more of their businesses online we should expect to see more threats. Formal IT security training can help defend against these threats. Consider Villanova University’s online programs such as their CISSP certification prep courses

How to easily add your app to your page on Facebook

You must be familiar with beautiful landing pages on Facebook. A lot of companies these days have set a default landing page for their Facebook like page that looks beautiful and in most of the cases, very interactive too. You can also create a Facebook landing page by creating a HTML page on a directory within a website and then embed it to a canvas on Facebook. You can then add the canvas to a fan page on Facebook where it appears as a separate tab. If you are a Facebook developer, you must have noticed that recently, the option for adding a canvas to a page on Facebook has disappeared. But don’t worry, there’s a neat little trick for adding a canvas to any Facebook page, even if the option for adding it is missing on the interface.

The option previously used to appear on the Canvas Settings page for an app. You could then add it to any of the pages you admin by going to View App profile page and then to “Add to my page”. But now, the option is completely missing. However, you can do it with a direct link[your-app-ID]&pages=1

Facebook add app to pageYou can find your API key by opening the app settings from Facebook developers page. Replace the your-app-ID above with the app ID you just copied and follow the link. You will see options for adding the app or the canvas to your pages.
This enables you to add any app to a page you admin, even if the option isn’t available in the Facebook Developers section.

Monday, January 30, 2012

How Web giants store big - and we mean big - data
Credit: Arstechnica
Consider the tech it takes to back the search box on Google's home page: behind the algorithms, the cached search terms, and the other features that spring to life as you type in a query sits a data store that essentially contains a full-text snapshot of most of the Web. While you and thousands of other people are simultaneously submitting searches, that snapshot is constantly being updated with a firehose of changes. At the same time, the data is being processed by thousands of individual server processes, each doing everything from figuring out which contextual ads you will be served to determining in what order to cough up search results.
The storage system backing Google's search engine has to be able to serve millions of data reads and writes daily from thousands of individual processes running on thousands of servers, can almost never be down for a backup or maintenance, and has to perpetually grow to accommodate the ever-expanding number of pages added by Google's Web-crawling robots. In total, Google processes over 20 petabytes of data per day.
That's not something that Google could pull off with an off-the-shelf storage architecture. And the same goes for other Web and cloud computing giants running hyper-scale data centers, such as Amazon and Facebook. While most data centers have addressed scaling up storage by adding more disk capacity on a storage area network, more storage servers, and often more database servers, these approaches fail to scale because of performance constraints in a cloud environment. In the cloud, there can be potentially thousands of active users of data at any moment, and the data being read and written at any given moment reaches into the thousands of terabytes.

Malicious MIDI files lead to rootkit malware
A Windows Media remote code execution flaw that has been patched in the last Patch Tuesday is being exploited by attackers in the wild to deliver malware to the targets' computer, warns Trend Micro.
The victims are lured to a malicious web page (http://images.{BLOCKED}, which hosts a specially crafted MIDI file and JavaScript.

The page's HTML file calls upon the MIDI file to trigger the exploit, and the JavaScript decodes shellcode that is already embedded in the HTML file. Upon execution, the shellcode downloads an encrypted binary from another site.

Sunday, January 29, 2012

iPhone 5 release details "leaked"
Credit: Tech Radar
An employee for Foxconn in China has reportedly stated production of a device dubbed the iPhone 5 is about to go into production.

The source also revealed to 9to5Mac there are several sample handsets doing the rounds, but all differ slightly from each other. It is not clear which, if any, is the final device.

Some similarities between all the samples have been noted, including a screen which is 4-inches (or larger) in size, a different form-factor – hinting that Apple is going to move away from the 4/4S design and the devices are longer and wider than previous iPhones.

Computer Coding: Not for Geeks Only
The Web-based backlash against the Stop Online Piracy Act, a bill aimed at taking down overseas distributors of copyrighted movies and music, was much like the Internet itself: decentralized, anarchic, and powerful enough to help persuade Senate Majority Leader Harry Reid (D-Nev.) to shelve the bill on Jan. 20. There was no official slogan for the public pushback against perceived government meddling with the Web, but the unofficial one might have been a headline that appeared on the online magazine Motherboard: “Dear Congress, it’s no longer ok to not know how the Internet works.”

A growing number of people agree that not only should Congress understand how software is made, so should everyone. Designers, economists, doctors, and others with no direct connection to the technology world are embracing coding as a way to advance their careers, automate boring tasks, or just a means of self-improvement, a hobby like learning Spanish or doing crossword puzzles. And they have access to an expanding universe of free online coding tutorials from startups and universities such as Stanford and Massachusetts Institute of Technology. Programming is becoming “a much more fundamental piece of knowledge, similar to reading or writing,” says Andy Weissman, a partner at New York’s Union Square Venures, which led a $2.5 million investment round for Codecademy, a site that teaches people basic programming skills.

Monday, January 23, 2012


Today I’m going to discuss cool and sweet looking chat tweak which you can use to attract the receiver and force him to reply to you so this is known as Colorful Alphabets Emoticons in my language you can call it anything which fits you well the preview is below I just wrote Techruin  in my friends chat window and you can write anything combining codes below.
Now as you can see how beautiful it looks when you will this kind of message to your friends. So now if you like this thing and you wanna start a colorful alphabets emoticon chatting than you wanna use below code for different alphabets mentioned. So whenever you paste code for any alphabet and you hit enter you will get colorful alphabets like above. So copy codes from below and start chatting and enjoy chatting.

[[107015582669715]] = A                                
[[116067591741123]] = B
[[115602405121532]] = C
[[112542438763744]] = D
[[115430438474268]] = E
[[109225112442557]] = F
[[111532845537326]] = G
[[111356865552629]] = H
[[109294689102123]] = I
[[126362660720793]] = J
[[116651741681944]] = K
[[115807951764667]] = L
[[106596672714242]] = M
[[108634132504932]] = N [[116564658357124]] = O
[[111669128857397]] = P
[[107061805996548]] = Q
[[106699962703083]] = R
[[115927268419031]] = S
[[112669162092780]] = T
[[108983579135532]] = U
[[107023745999320]] = V
[[106678406038354]] = W
[[116740548336581]] = X
[[112416755444217]] = Y
[[165724910215]]      = Z

Saturday, January 21, 2012

Fix the Package System is Broken error in Ubuntu 10.04/10.10 Maverick Meerkat

This brief tutorial will show you how to fix ‘The package system is broken’ error in Ubuntu Lucid or Maverick. Sometimes when you’re installing programs in Ubuntu and all dependencies are not installed, your package system would get corrupted and you won’t be able install new programs or packages. This will help you fix that.

Getting started:

Below is the image of the error you’ll get when your package system is broken.


To fix it, go to System –> Administration –> Synaptic Package Manager.


Then select ‘Custom Filters’ on the left menu.


Next select ‘Broken’ on the left and you’ll then notice package(s) with the red exclamation marks.


Right-click each package and select ‘Mark for Complete Removal’.


Then click ‘Apply’ to apply the change. When prompted again, click ‘Apply’ to remove them.




Thanks for reading and please come back soon.

Friday, January 20, 2012

Facebook chat phishing attack impersonates Facebook security team

A new phishing attack that's spreading through Facebook chat modifies hijacked accounts in order to impersonate the social network's security team.

The attackers replace the profile picture of compromised accounts with the Facebook logo and change their names to a variation of "Facebook Security" written with special Unicode characters, said Kaspersky Lab expert David Jacoby in a blog post.

Facebook claims that changing the profile name can take up to 24 hours and is subject to confirmation. However, in Jacoby's tests the change occurred almost instantly and required only the password. This was also confirmed by a victim whose profile name was modified within 5 minutes of their account being compromised, he said.

Monday, January 2, 2012

How To Find Vulnerabilities in PHP Applications - PHP Vulnerability Hunter

PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool that can elicit a wide range of exploitable faults in PHP web applications. Since most of the webapplications now a days are on PHP, therefore PHP applications have been one of the major target of hackers, PHP Vulnerability scanner is the same tool that helped detect most of the web application vulnerabilities listed on the advisories page.

Like all the best tools in the world, this also needs little or no configuration at all, and doesn't require a user specified starting URI. So, you can begin scanning as soon as you download and install this software.

The tool itself runs on a pretty basic mechanism. At the core of the PHP Vulnerability Hunter scan algorithm is dynamic program analysis. It analyzes the program as it’s running to get a clear view of all input vectors ergo better code coverage leading to greater confidence in code security.

This new version brings to us many improvements such as:
  • Added code coverage report
  • Updated GUI validation
  • Several instrumentation fixes
  • Fixed lingering connection issue
  • Fixed GUI and report viewer crashes related to working directory
And its key features include:
  • Automated input vector discovery
  • Integrate fault detection
  • Minimal configuration
  • Proven effective.
Download PHP Vulnerability v1.1.4.6

Unpatched Apache Flaw Allows The Attacker To Access Protected Directories

Today Apache acknowledged another reverse proxy issue (CVE-2011-4317) which I discovered while creating a QualysGuard vulnerability signature for an older problem CVE-2011-3368. Depending on the reverse proxy configuration, the vulnerability could allow access to internal systems from the Internet.

While reviewing the patch for the older issue CVE-2011-3368, it appeared that it was still possible to make use of a crafted request that could exploit a fully patched Apache Web Server (Apache 2.2.21 with CVE-2011-3368 patch applied) to allow access to internal systems if the reverse proxy rules are configured incorrectly. I submitted an advisory and proof of concept to Apache and Apache made the issue public today.

For a good description of the older CVE-2011-3368 issue as well as how a reverse proxy works please check the excellent blog post by Context.

Here is a description of the new issue CVE-2011-4317 and its proof of concept.

Apache’s patch for CVE-2011-3368

The patch for CVE-2011-3368 (see Figure 1) is straight forward and self explanatory. The “server/protocol.c” file was modified. The patch looks at the request being sent and returns a HTTP 400 Response (Bad Request) if the URL does not begin with a forward slash “/”.

--- httpd-2.2.21/server/protocol.c
+++ httpd-2.2.21/server/protocol.c
@@ -640,6 +640,25 @@

     ap_parse_uri(r, uri);

+    /* RFC 2616: +     *   Request-URI    = "*" | absoluteURI | abs_path | authority
+     * +     * authority is a special case for CONNECT.  If the request is not
+     * using CONNECT, and the parsed URI does not have scheme, and
+     * it does not begin with '/', and it is not '*', then, fail
+     * and give a 400 response. */
+    if (r->method_number != M_CONNECT
+        && !r->parsed_uri.scheme    <-- A
+        && uri[0] != '/'
+        && !(uri[0] == '*' && uri[1] == '\0')) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+                      "invalid request-URI %s", uri);
+        r->args = NULL;
+        r->hostname = NULL;
+        r->status = HTTP_BAD_REQUEST;
+        r->uri = apr_pstrdup(r->pool, uri);
+    }
     if (ll[0]) {
         r->assbackwards = 0;
         pro = ll;
Figure 1

This part of the code takes care of the issue for CVE-2011-3368. However; if you carefully look at the patch, it does not process URIs that have a scheme (see Figure 1, A). So, if a malformed URL request with a scheme was constructed, it would still be possible to bypass security and gain access to systems on the internal server provided that the reverse proxy rules were incorrectly configured.

Proof of Concepts

Target: Fully patched Apache Web Server (Version 2.2.21) with CVE-2011-3368 patch applied, with a reverse proxy set up and incorrectly configured RewriteRule/ProxyPassMatch rules.

Rewrite rules in httpd.conf:
RewriteRule ^(.*)$1
ProxyPassMatch ^(.*)$1

Example 1:
GET @localhost:: HTTP/1.0\r\n\r\n
where is any port number being requested.

To demonstrate the proof of concept, Tomcat was set up to run on port 8880 on the internal server. Please note that any application could be running on any port on the internal server and a malicious user could use the PoC to request access to an application running on that port.

Access to internal web server can be possible by using a crafted request like:
GET @localhost::8880 HTTP/1.0\r\n\r\n

The screenshot below shows that a basic query with the crafted request (see Figure 2, B) to the target results in access to the page at 8880 (see Figure 2, C).

Figure 2

Upon receiving the request, Apache translates the URL by applying the rewrite rules. The "uri" extracted is ":8880" which gets appended, resulting in the URL
The "uri" extracted in this case is everything following the first occurrence of the colon (:) in the request. Since the crafted request has 2 colons (::), the second colon is treated as being part of the URI.

To view the URI being extracted based on the rewrite rules, “RewriteLogLevel” was set to 3 in Apache configuration file. The rewrite translation logs get written to the log file. The first step to come up with the crafted request was to review the log file by sending different requests and studying how the rewrite translation was working. In the case of Example 1, since everything following the first colon (:) was being treated as the URI, a second colon was appended with a port number to see the response. The server treated the second “:” as being part of the URI and since there was an application already running on the port, it was possible to gain access to the page.

Example 2:
GET :@ HTTP/1.0\r\n\r\n
where is any string, is the domain of an internal server being requested.

Access to internal web server can be possible by using a crafted request like:
GET HTTP/1.0\r\n\r\n

The screenshot below shows that a basic query with the crafted request to an internal website (see Figure 3, D) allows access to the page remotely (see Figure 3, E).

Figure 3

Upon receiving the request, Apache translates the URL by applying the rewrite rules. The "uri" extracted is "" which gets appended, resulting in the URL
The "uri" extracted in this case is everything following the first occurrence of the colon (:) in the request. This is treated as @ giving access to the internal if no authentication is required.


Apache has not yet released a patch for this issue. Until a patch is release, configuring the reverse proxy rules in the apache configuration file correctly will prevent this issue from occurring. For example, in the above case, if the reverse proxy rules (RewriteRule or ProxyPassMatch directives in httpd.conf) are configured as follows, the proof of concept will not work.

RewriteRule ^(.*)$1
ProxyPassMatch ^(.*)$1


Sunday, January 1, 2012

iOS 5.0.1 up and running

Good News for all iOS 5.0.1 has been jailbroken successfully and that too untethered.....
In this guide i will show you exactly how to do this.

Lets initiate the process.....

  1. iOS 5.0.1 ipsw file (google it and you'll find many there).
  2. Redsnow 0.9.10 b3 (b3 is very important b1 and b2 conatain lots of bugs again google will help).
  3. Requires iTunes 10.5 or later.
  4. iDevice (iPhone above 3G would be required because of speed 3G will hang a lot)
So we are done with the requirements so now this will be it. Here are the Steps......

  1. First of all put your iDevice in DFU mode. You can do it in redsnow itself.
    • Start rednsow -> Click Extras -> Pwned DFU mode -> Follow the instructions on the screen
    • For users who want to know about PWNED DFU mode- it is a deep DFU mode where the device accepts the iPhone for update without checking for many things like custom firmware. For more information just mail me at
  2. After getting into DFU mode screen must be black without anything on it. Then Start iTunes and hit shift+restore (for Windows users) or alt+restore (for Mac Users) and then browse to the ipsw file that you download of iOS 5.0.1
  3. After all the things done your iPhone must come to life with the iPhone setup on the screen. You can do it but i recommend to jailbreak it first.
  4. To jailbreak the device open redsnow 0.9.10 b3 again.
    • goto extras->select ipsw -> browse to the download iOS 5.0.1 ipsw-> hit back.
    • Now you should be on the screen where you selected Extras but this time select jailbreak.
    • Follow the instructions on the screen when you hit next on redsnow
  5. Now you have a jailbroken device in your hand.......  You can try Appsync 5.0+ if you want to install cracked apps just add the repository
    While running cydia keep one thing in mind donot let the the screen get locked as update stops. For more information read step 6.

    (iPod, iPad and iPhone(who have official carrier) people stop here )

  6. Now for those who want to unlock their iPhone for unofficial carriers just go to cydia and wait for the updating to finish ( you can see cydia updating on the top when the black bar is there and update is running. Here donot let the the screen get locked as update stops). Now install ultrasnow 1.2.5. it only supports a few basebands read my previous posts.

    Now you are done with the device go on have fun!!!!!!
    If any problem occurs the mail me at OR just comment here......

Beware! New Picture Worm Hits Facebook Today

From last few months, Facebook has been widely targeted for scam and spreading malware, One of the those spreading worm I discovered recently was when I was chatting with my friend, The following message from the sudden appeared.

hehehI!!! lool
From the above screenshot, you can clearly see that tinyurl has been used to shorten the URL, One more thing to note is that it's not an image file as image files end with .JPG extension then -jpg.

The above screenshot describes a more clear picture of what you are going to download along with the JPG file. The exe is basically a Zeus Trojan, Zeus is one of the most popular botnets used for stealing sensitive information such as passwords, credit card numbers. One of it's popular feature is an Anti VM and Anti Sandbox capability, Making it useless for testing it inside virtual environments. 

A scan at Virus total shows that only 3/18 URL scanners were able to detect it as a malware site, Rest of them failed. 

Kindly spread the news by sharing it with your friends and people you know, So they should not fall for the malware.

Source -

Photojojo Lens Dial Case

The Photojojo lens dial case adds three camera lenses to your iPhone.

The iPhone Lens Dial boasts three optical-quality coated glass lenses: Wide Angle, Fisheye, and Telephoto. All wrapped up in an aircraft-grade aluminum jacket that has two tripod mounts (for portrait or landscape shots). To switch between lenses just rotate the disc! Best part: the lenses never leave your phone, so they’re always at the ready.

Use the 0.7x Wide Angle for sweeping landscapes or get fun warped images with the 0.33x Fisheye. Switch to the 1.5x Telephoto and get nearly two times closer to your subject.

You can purchase the Photojojo Lens Dial case for $249 at the link below…
Read More

Hashing Denial-Of-Service Attack Leaves More Than Half Of The Internet Vulnerable

A recent research Alexander “alech” Klink and Julian “zeri” W√§lde shows that more than half of Internet is vulnerable to Hashing Denial of service vulnerability. The HDOS vulnerability exploits the hash tables consuming more than 99% of the CPU usage hence causing a Denial of service attack.

The security researchers demonstrated the  HDOS vulnerability at 28th Chaos Communication Congress security conference in Berlin, Germany, Earth, Milky Way. The talk was titled as "Efficient Denial of Service Attacks on Web Application Platforms". The reaserch shows that most of the web programming languages including PHP, ASP.NET, Java, Python, Ruby, Apache Tomcat (The list goes on and on) are vulnerable to the HDOS vulnerability

PHP 5, Java, ASP.NET as well as V8 are fully vulnerable to this issue and PHP 4, Python and Ruby are partially vulnerable, depending on version or whether the server running the code is a 32-bit or 64-bit machine. 
 Hash tables are a commonly used data structure in most programming languages," they explained. "Web application servers or platforms commonly parse attacker-controlled POST form data into hash tables automatically, so that they can be accessed by application developers. If the language does not provide a randomized hash function or the application server does not recognize attacks using multi-collisions, an attacker can degenerate the hash table by sending lots of colliding keys.  
The algorithmic complexity of inserting n elements into the table then goes to O(n**2), making it possible to exhaust hours of CPU time using a single HTTP request."


The researchers have also posted a video demonstration as a proof of the vulnerability.


Mircosoft has also provided the workaround for the vulnerability, You can find it here.

PHP advises to limit the number of different http request parameters. For this purpose PHP has added a max_input_vars function which gives the flexibility to limit the number of paramters.

Furthur Resources:

If you would like to learn more about the vulnerability, here are some useful links:

Unlock Your iPhone 4S Without Jailbreaking

A new unlock method has surfaced today which claims to work without the need of any software, hardware or jailbreak.

A bug in iOS 5 discovered by Michael Capozzi theoretically allows any iPhone 4S to be unlocked to any GSM carrier. However, Capozzi says he was only able to test with T-Mobile.
We are currently working towards independent confirmation of his method. It does require you to have an active T-Mobile SIM card (with data working). Remember it must be cut to micro-SIM size to fit the iPhone 4S.

The Steps:
? Insert original carrier AT&T SIM card
? Dial 611 for AT&T customer service hotline and drop the call
? Turn on Airplane Mode
? Take out AT&T SIM card
? Insert T-Mobile SIM card
? Make sure WiFi is off ( also tap on ‘Forget this Network” to make sure it doesn’t connect automatically later)
? Switch off Airplane Mode and iPhone will search for network. This is followed by the Apple splash screen appearing.
? Activation Required will be displayed on the screen
? EDGE network will activate automatically – notice the ‘E’ on the top left corner of the screen
? Wait for about 20-30 seconds and turn off the phone
? Turn on iPhone and the same Activation Required screen will be displayed
? When you see one signal bar, tap on Use Cellular Connection
? Eject SIM card
? Activation Required screen will be displayed the second time
? Insert SIM card
? Unlocked!
We are getting some confirmation reports. If you are able to test this, please let us know your results. Remember this method may unlock your device; however, it will not last through a reboot. So while not practical for day to day use. It may benefit those traveling abroad.

Gizmodo is claiming some confirmation as well.

Update x2:
MuscleNerd notes that while you might be able to successfully get network access, you will lose it once the network is refreshed which makes this procedure even less useful.
“If you are successful at temporarily gaining network access, you’ll lose it as soon as TMSI is refreshed (happens often)”