Critical Flaw puts Mobile Networks at risk of complete takeover

Critical Flaw puts Mobile Networks at risk of complete takeover
A newly disclosed vulnerability could allow attackers to seize control of mobile phones and key parts of the world's telecommunications infrastructure and make it possible to eavesdrop or disrupt entire networks.

US-CERT warned yesterday that, a large number of software applications created for managing and interconnecting mobile networks around the world may be vulnerable to a remote code execution (RCE) flaw that can allow attackers to take over crucial equipment.

The vulnerability dubbed as CVE-2016-5080 was discovered following a security audit at Objective Systems, a US-based company that ships the ASN1C code compiler. The bug resides in a code library used in a wide range of telecommunication products, including radios in cell towers, routers, and switches, as well as the baseband chips in individual phones.

Objective Systems says that ASN1C compiles ASN.1 code to C and C++ in a way that introduces a vulnerability in all applications. This vulnerability is a heap-based buffer overflow that allows attackers to execute code on the affected systems, from a remote location and without needing to authentication on the device.

What is ASN1C?
ASN.1 (Abstract Syntax Notation One) is an international standard that describes data structures and transfer protocols used in the telecommunications field.

ASN1C is an application created by Objective Systems that takes ASN.1 data structures, operations, and instructions, and converts them to C, C++, C#, or Java code, which can be embedded into applications or software that runs on mobile equipment deployed with classic GSM or more modern LTE networks.

Types of Vendors affected
According to the investigation, researchers says that only ASN1C's ASN.1-to-C and ASN.1-to C++ functions are vulnerable. But further more investigation is going on for ASN.1-to-C# and ASN.1-to-Java compilation routines.

The company has released a quick fix for the issue in the latest 7.0.1.x branch of ASN1C, with a permanent fix scheduled for 7.0.2 in the coming weeks.
Read More

Verify Your Twitter Account Now

Verify Your Twitter Account Now
Everyone is having social media accounts but there is a difference between basic user accounts and celebrities users accounts, and that difference is blue tick mark beside your user name, which us called Verified Badge.

Earlier its hard to get verified your twitter account, but now you can try to verify it simply by filling a form. Yeah.. You read right you can verify your twitter account.

Twitter has created an official process to have your account verified, proving once and for all that you are who you say you are on the site. It's not a sure thing, but at least there's a way to get your request in front of someone without going through back channels.

Requirements for Verification
There are several account requirements before you can even submit a request. For example, you need to have a profile picture, a verified phone number, a verified email, a birth date (for personal accounts), and so on. When submitting a request, you'll need to supply at least two links that help verify your identity and noteworthiness. You will also be asked to upload a photo ID (Twitter says it may ask for this, but it's on the form).

Step to Verify Twitter account
  • First read the above requirements details for the verification.
  • You should have added your contact number on your twitter account that you want to verify.
  • If you have required details then Fill this Request Form, and complete all the necessary details.
  • After sending the verify request, sit quite and be calm. Twitter team will contact you via email that is been used with your twitter account.
That's it after twitter team verify you as genuine users you will have a verified badge on your account.

Note: You may asked for scan and upload a legible copy of your government-issued ID (such as a passport or driver’s license) to confirm your identity.
Please check all the details for account Verification Here.

Is this article help you? Share in comment.
Read More

Pokémon Go- Hackers Threatening to Take the Game Offline on August 1

Pokémon Go- Hackers Threatening to Take the Game Offline on August 1
Game which is headlines of most of the online media and also on the tongue of millions of user, 'PokémonGo' , is now first target of  cyber criminals.

Group of hackers named 'Poodlecorp' has threatened to take the popular game Pokémon Go server offline on August 1st.
“We take the servers offline because it is popular right now and nobody can stop us,”@xotehpoodle (a member of the Poodlecorp group) said. “We do it because we can, nobody can stop us and we just like to cause chaos. We chose August 1 so we have time to relax and not care about doing anything.”
The group plans to take the servers down for 20-plus hours “basically an entire day” using the same method they’ve used on other attacks Poodlecorp has laid claim to a massive botnet consisting of 600,000 devices ranging from DVRs to dedicated servers.

This is not the first time that hackers are targeting this popular game, Pokemongo. Earlier this week also cyber crooks attacked Pplemon Go server with the DDoS attacks.
Read More

Ubuntu Forum Hacked! Users Data Stolen

Ubuntu Forum Hacked!  Users Data Stolen
Popular Open Source operating system' 'Ubuntu' official online forum site have been hacked and roughly 2 millions user data stolen.

Company mentioned that online forum has been affected by this hack where user IP address, email address and username were stolen.

Conical made an announcement of the hack and says,
“There has been a security breach on the Ubuntu Forums site. We take information security and user privacy very seriously, follow a strict set of security practices and this incident has triggered a thorough investigation. Corrective action has been taken, and full service of the Forums has been restored. In the interest of transparency, we’d like to share the details of the breach and what steps have been taken. We apologize for the breach and ensuing inconvenience”, says Jane Silber, Chief Executive Officer, Canonical Ltd.

Silber further explains, “after some initial investigation, we were able to confirm there had been an exposure of data and shut down the Forums as a precautionary measure. Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched”.

Forum was running on vBulletin CMS and a vulnerable addons was the cause of the hack. Now all the system were cleaned and had installed a new Web Application Firewall “to help prevent similar attacks in the future” and say they will improve monitoring of vBulletin to “ensure that security patches are applied promptly.”

Not the Fist time
This is not the first time that Ubuntu online forum has been compromised, earlier also it was hacked and site was defaced by a hacker name @Sputn1k_. At that time also users data were stolen and appolize for the same.

Read More

Guide: Convert A PDF Document to Excel Online

Guide: Convert A PDF Document to Excel Online
Microsoft Excel is very important software used in companies. More and more professionals rely on this wonderful software for decision making. It is easy to work on Excel due to its simple, easy, and intuitive interface.
As PDF documents are not editable, so to edit them one has to type all the content of the PDF file into an Excel document. This requires so much of time and effort. Now there is a quick, reliable, and convenient alternative that is to convert PDF to Excel online. Lets know more about the features and benefits of this converter in detail.

How does the converter convert a PDF into an Excel document?
To successfully perform the conversion, you need to provide the location of your PDF file. This can be done by pressing the browse button and choose the location where the desired PDF file is present on your computer.
After locating the file, one has to click on the PDF to Excel button present on the screen. If you have several PDF files which you wish to convert to Excel, then click on Add files option. This option lets you choose several PDF files at once and convert them into Excel at one go. This functionality saves time and effort.
When your PDF file (.pdf) is converted into Excel file (.xls), it is stored on the companys server. To access the file, you need to press the button Download. This function helps in saving the file from the companys database to your own computer.  Go to the download folder and view your converted Excel file.

Benefits of using this converter

  • Relieves you from the tedious of retyping text from PDF in a new Excel

PDF to Excel converter eliminates the need to retype the contents of the PDF file into an Excel document. All this can be done in just a few clicks and at absolutely free of cost. The method of conversion comprises of a set of simple and self-explanatory steps. This lets an ordinary user to perform the conversion easily. This is the reason behind the growing demand for this software across companies.

  • Help in reduce file size

With the presence of several graphics in the PDF document, the size of the document would become big. You can reduce the size by converting the PDF into Excel using the converter and then later on delete the unwanted images from the Excel document.

  • Saves time and effort

By choosing to convert several PDF files into Excel document helps in saving time and effort. It also helps in providing accuracy, which is comparatively low when the typing task is done manually.
So, when you need to edit your PDF document, then simply use this powerful handy tool. This tool has got lots of inbuilt functionalities and has been widely used by people throughout the world.  For a secure and easy editing of information, use of this tool is inevitable. 
Read More

Device Getting Android Nougat Updates First

Device Getting Android Nougat Updates First
Yesterday, Google have finally announced the name of its latest Android version, N for Nougat, which can also be called as Android 7.0

Main things that comes in the mind of the consumers is to get the updates for the latest Android version on there handsets. So here first lucky users to have a taste of Android Nougat are HTC users.

Taiwanese tech giants, HTC , just a few hours after the Android Nougat revelation confirmed that the OS version will be arriving on few of its flagship smartphones.

HTC via its Twitter account posted an image showing the three handsets that would be receiving the Android 7.0 Nougat update. The handsets that will be getting the update are HTC 10, HTC One A9, and HTC One M9.

Other HTC have also mentioned that they will pushed updates of Android N later this year, when Google make it available to OEMs.

These are the smartphone that are getting quick Android Nougat update. HTC One M9 was launched with Android 5.1 Lollipop and later got Android 6.0 Marshmallow update, the HTC One A9 and HTC 10 came with Android 6.0 Marshmallow out of the box.


Read More

Twitter Hacked, Million's of Passwords Leaked

Twitter Hacked, Million's of Passwords Leaked
Another day, another Data Breach! Now, micro social networking site Twitter is the latest in the line of historical data breaches targeting social networking websites.

Same hacker linked with MySpace, LinkedIn, and Tumblr data breaches, is claiming another major tech breach -- this time, it's said to be millions of Twitter accounts.

A Russian seller named as Tessa88, claimed to have obtained the database, which includes an email addresses (and sometimes a second email), usernames, and plain-text passwords.
Tessa88 is selling the Twitter dump database for 10 bitcoin, $5820 approx. 

The seller said they obtained 379 million accounts as early as 2015. That would be far more than its 310 million monthly active users, but could account for cumulative accounts, such as inactive users.

After reviewing the portion of leaked, on the blog post LeakedSource says that Twitter was beached. 
"The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter," the blog post said.

A Twitter spokesperson said in a prepared statement:"A number of other online services have seen millions of passwords stolen in the past several weeks. We recommend people use a unique, strong password for Twitter. We detail other steps people can take to keep their accounts secure on our help center."

In a recent tweet, the company also said that it periodically checks its data against recent password leaks to ensure that account stay secure.

Now this probing the worst year for the security. As there are number of organizations database were dumped. Last time utorrent was also got hacked and tons of its users-password got leaked online.
Read More

VK.com Hacked, 1Million Passwords Leaked

VK.com Hacked, 1Million Passwords Leaked
Another data breached of this month and may this year can be called as Data Breached year. This time Russia's biggest social networking site VK.com is in the line of historical breached.

The leaked database contains information like full names of users, email addresses, plain-text passwords, location information, and phone numbers.

The hacked database is selling by same hacker named Peace, who have sold the dump data of LinkedIn, MySpace, Tumblr etc. All the database were sold on Dark web and again Vk.com database were on sell for 1 BTC i.e. $580 approx.

Hackers says that all the passwords of VK.com were in plaintext when its was hacked.  Its is being says the data have been stolen in late-2012 or early 2013 when VK.com had just under 190 Million users.

This leaked data were first reported by leakedsource which have got the portion of database. Company VK.com have already analyzed the content of dump database.

LeakedSource mentioned that the most common passwords used by VK users were 123456, QWERTY, 123123 etc, and all these were very easy to guess.

We again recommending our users to change there online accounts passwords and also to follow strong password practices. Don't use same passwords for there accounts and change them in a regular basis.
Read More

Zuckerberg’s Twitter and Pinterest accounts hacked

Zuckerberg’s Twitter and Pinterest accounts hacked
Facebook CEO's Mark Zuckerberg's other social accounts has been hacked last day by a hacking team called "OurMine Team". Concerntrating on Facebook, it seems that he forgot his other social media's accounts.

This week, Zuckerberg's twitter and Pinterest showing a tag line written "Hacked by OurMine Team ".
Hacker's group says that they have got the logins of Zuckerberg's account's from the LinkedIn Database dump, which was leaked few weeks ago.

We don’t know for sure how OurMine Team pulled off the hacks, but the group is claiming it was all thanks to the LinkedIn password dump from a few weeks ago. Millions of LinkedIn user account details leaked online last month, with the company reacting by invalidating the credentials and contacting affected members to reset their passwords. But the story doesn’t end there, because as we all know, many people like to reuse the same password on different online services.

Same thing done by Zuckerberg- " Used Same Passwords for other accounts too".

At the mean time Twitter account of Zuckerberg @finkdaccount had been suspended, and tweets were deleted.

This is the best reminder yet that if you have a LinkedIn account, you should go ahead and change your password there, and everywhere else. In fact, you should make it a habit to regularly change your passwords on all your online accounts. And if that is too much of a pain, at the very least make a habit of using different passwords.

Image: Engadget
Read More