Archive for August 2016
At the Black Hat 2016 hacker conference in Las Vegas, the world saw a variety of cutting-edge cyber security applications. Some of these hacks stood out from the others and gained widespread praises. Here’s a quick recap of the 5 best Black Hat 2016 hacks, including the likes of famous Jeep Cherokee hackers and a hacking laptop that actually flies.
The annual Black Hat USA conference is known to welcome thousands of cyber security experts, hackers, and technology enthusiasts. Every year we get to see and learn about new cyber-exploits and hacking threats.
At this year’s conference, more than 15,000 hackers and security professional gathered in Las Vegas. The Mandalay Bay hotel witnessed some scary and impressive sights. So, here are some of the best hacks that stood out from the rest:
Car hackers were back!
Do you remember the hacker duo of Charlie Miller and Chris Valasek who hacked into a Jeep Cherokee by exploiting a zero-day in the system?
This year, they were back at Black Hat with scarier hacking tricks, showing their ability to affect the safety of critical systems. They controlled a vehicle remotely, slamming the brakes suddenly and speeding ahead without any warning.
Flying laptop hacker!
At Black Hat 2016, we saw Danger Drone, a new laptop that’s designed to fly and launch cyberattacks. This lets a security expert to remain far from the target and bypass the challenging aspects to test the defenses of a system.
Designed by Bishop Fox, this $500 custom-developed Danger Drone also lets you avoid the risk of getting caught.
Your light bulbs are hackable!
Just when you thought that your innocent light bulbs would be the last thing a hacker will target, Black Hat 2016 witnessed the details on Internet of Things security risks.
CTO of NewAE Technology, Colin O’Flynn, and Eyal Ronen, an Israeli student, shared a presentation and a video of hacking office building lights. Later, they even hacked the light at the conference.
Social media addicts, take care!
Very often what you see on social media might not be what it seems. Using deceptive phishing links, hackers easily target social media users to steal their personal information and money.
The same concept was demonstrated by ZeroFOX data scientists Philip Tully and John Seymour. They build a bot that targetted social media users, collected information regarding their interests and penetrated the feed with a catered message. This Twitter bot was a success with a click rate as high as 60%.
Fake airport boarding pass making app!
What happens when an automated boarding pass reader rejects your gold status? Well, if you are Przemek Jaroszewski, you’ll develop an app to hack your way into airport lounges.
Jaroszewski, Poland’s computer emergency response team head, says that it just takes 10 seconds to create a boarding pass that could be used to access the airport lounges. For the security purposes, he has no plans to make this app public.
To Learn Hacking :
Redback IT Academy
#AL 24 TNHB , Phase III,
More than a dozen Telegram accounts were compromised leading to the identification of 15 million users’ cell number. Two researchers were able to point out this mass hacking campaign being carried out and have hinted the involvement of Rocket Kitten group behind this.
The messaging app Telegram is quite popular in the middle-east nations and Latin America. Iran has around 20 million Telegram users which contribute to around 20 percent of the Telegram users. The abundance of users was enough to lure a hacker group. Reports have been floating around that around 15 million Iranian Telegram users’ phone numbers have been compromised.
Two researchers, an independent cyber security expert Collin Anderson and Claudio Guarnieri, were able to detect the security breach which utilized the two-factor SMS verification used by the Telegram app for adding a new device to a user’s account. The hacker, who has access to the SMS data of a device, could add his own device to the account and gain access to the data. Like this, more than two dozen user accounts were hacked.
The berlin-based Telegram stores the data in the cloud. It offers end-to-end encryption the users just like Facebook’s Secret Conversations in Messenger and WhatsApp platform.
Is the politics involved in Telegram hack?
The SMS verification process is a common multi-factor authentication implemented across various apps and services just like Telegram has done.
But, how these messages reach the phone? Through the cell phone company’s servers.
“We have over a dozen cases in which Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company,” said Anderson.
The researchers didn’t rule out the possibility of the government-backed cellphone company acting as the greedy cat in the picture. The cat might be responsible for finding the details of the mice.
“The individuals that are targeted [in these Telegram hacks] are individuals who are human rights activists, they’re opposition figures, they’re individuals tied with people who are currently in jail or under house arrest or these sorts of things,” Anderson said.
“The fact that they’re going after these individuals shows that this is part of a larger understanding of the opposition environment inside of the country.”
A Telegram Spokesperson Markus Ra said that “if you have a strong Telegram password and your recovery email is secure, there’s nothing an attacker can do”.
Maybe the users can add an extra layer of security but in reality, 15 million cell numbers have been exposed.
The tale of the Kitten!
Rocket Kitten is a hacktivist group which is presumed to be behind this mass exposure campaign. The researchers have pointed to the Persian-language references in the code to relate the involvement of the Rocket Kitten group. The hacker group has been linked to the Revolutionary Guards in the past and the researchers have analyzed the similarity in the operations.
Telegram’s API is publically available and researchers said that same was used to identify the people against their cell numbers, whether they exist on Telegram or not. The mass identification carried out by brute forcing the numbers to the API to get the user ID. Telegram has disabled the ability to perform mass checks in the API.
Learn from Digital Marketing Venture. Get Job Ready in 6 weeks. Join Now!
Get Access for 90 Days · OMCA Exam Fee Included · Learn with our Flexi-Pass · 4 Projects
Courses: Social Media, PPC, SEO, Email Marketing, Mobile Marketing, Content Marketing
Join DigtialMarketing Venture Digital Marketing Training institute in vellore,Chennai. Call 8189985559 for details about Digital Marketing Course in Chennai. 100% Placement!
Contact : 8189985559
Friday, 5 August 2016
Posted by Unknown
Certifications play an important part of any IT professional's career, although there will always be some debate on how important. Certifications are, like most things in life: The more you put into them, the more you will get out. While the actual knowledge you gain on the journey is the true reward, certifications also indicate to employers that you take your job seriously and that you are knowledgeable on the respective technology.
With more than 1,700 professional IT certifications running the gamut of IT technologies, knowing which certifications are the most important for your specialty can seem an insurmountable task.
In a competitive market, you've got to do everything you can to distinguish yourself from your peers. Certification is an important part of that process. A recent poll asked users why they choose certification. The number one answer --at 51 percent--was that certification was a way to position themselves for a promotion or potential job.
Knowing Which IT Certification Is Right
Before you jump into a specific certification, there are some important questions that you need to ask yourself about your career goals and objectives:
What demographic of IT do you fall into? (Security, Server, Network, Web Development, Programmer and so on)
What are your career objectives?
What IT career are you most interested in?
What type of resources are needed (i.e. money and time)?
Will this certification have a significant impact on my career?
If your area of expertise is related to a listed certification's focus and you don't have that certification, you will definitely want to delve into it further. Now without further ado, here are our Top IT Certifications.
Project Management Professional (PMP)
Completing the Project Management Professional certification shows employers that you have the necessary skills and resources to get the project done from start to finish, on time and on budget. It's never been more relevant than in today's IT industry where we all have multiple responsibilities.
Certified Information Systems Security Professionals (CISSP)
CISSP is a vendor neutral security certification. People who hold this certification have the skills and knowledge to complete high-level tasks involving architecture, design, management and/or controls that assure the security of business environments.
Red Hat Certified Engineer (RHCE)
RHCE is a Linux Red Hat Enterprise Linux certification and demonstrates that the holder has the skills and knowledge to perform the duties of senior system administrator, responsible for Red Hat systems. Deployments and migrations are second nature to an RHCE.
Linux continues to be adopted by more and more companies in an effort to decrease operating costs. Demand is outpacing supply making this one of the hottest Linux certifications.
VMware Certified Professional (VCP)
VCP VMware's first level of certification that focuses squarely on the vSphere virtualization platform. Recipients should have the skills to install, deploy, scale and manage vSphere environments, as well as general virtualization skills.
A+ from the trade group CompTIA, is another vendor-neutral certification and is considered entry level. It encompasses a number of different foundation level IT skills.
Information Technology Infrastructure Library
The ITIL certification is the basis of the worldwide standard for quality IT Service Management and is considered to have laid the groundwork for effective IT departments. It outlines non-organizational specific "best practices" that are used by companies to establish a level of competency. There are four flavors for this certification: Foundation, Intermediate, Expert and Master.
Cisco Certifications, like Microsoft and others, have been IT industry standards for years and are used to validate knowledge of Cisco products and technologies. So much business passes through Cisco systems that these always seem to be in demand.
Cisco Certified Internet work Expert (CCIE)
CCIE demonstrates that the recipient has all the expert-level skills required to plan, prepare, operate, monitor, and troubleshoot complex data center networks. CCIE is a common goal for network professionals who want to be recognized as experts in their field. Cisco touts this certification as "the most prestigious networking certification in the industry" .
Cisco Certified Network Associate (CCNA)
CCNA certification is a second-level Cisco Career certification. It lets employers know that you have demonstrated the ability "to install, configure, operate and troubleshoot medium-size routed and switched networks, including implementation and verification of connections to remote sites in a WAN". Anyone who wants to work in the networking field or if you happen to work on Cisco hardware on a regular basis should consider adding this certification to their skillset.
Microsoft software and systems are a staple in most IT departments making these and other Microsoft certifications in demand skills. The Microsoft certifications listed below as top needed skills in today's job market.
Microsoft Certified IT Professional (MCITP)
MCITP certifications, one of Microsoft's newer certifications, tests technical proficiency in the Microsoft Certified Technology Specialist (MCTS) certifications. There are many different areas of certification.
Ø MCITP: Enterprise Desktop Support Technician on Windows 7
Ø MCITP: Enterprise Desktop Administrator on Windows 7
Ø MCITP: Consumer Support Technician on Windows Vista
Ø MCITP: Enterprise Support Technician on Windows Vista
Ø MCITP: Enterprise Administrator on Windows Server 2008
Ø MCITP: Server Administrator on Windows Server 2008
Ø MCITP: Virtualization Administrator on Windows Server 2008 R2
Microsoft SQL Server
Ø MCITP: Database Administrator 2008
Ø MCITP: Database Developer 2008
Ø MCITP: Business Intelligence Developer 2008
Ø MCITP: Enterprise Project Management with Microsoft Office Project Server 2007
Microsoft Exchange Server
Ø MCITP: Enterprise Messaging Administrator on Exchange 2010
Ø MCITP: Enterprise Messaging Administrator on Exchange 2007
Microsoft SharePoint Server
Ø MCITP: SharePoint Administrator 2010
Microsoft Lync Server
Ø MCITP: Lync Server Administrator 2010
Microsoft Certified Technology Specialist (MCTS)
MCTS certification validates skills on a particular Microsoft technology. As with MCITP, there are many technologies that you can certify for, for example, Exchange server, Lync Server and Office Communications Server, virtualization and more.
Microsoft's Certified Systems Engineers (MCSE)
An MCSE certification demonstrates that the recipient can design, implement and administer technology infrastructures using Microsoft 2000 Windows Server and other Windows server platforms. This certification is common to systems engineers, tech support engineers, system analysts, network analysts and technical consultants.
Certifications are a great way to break into a new technology, cover gaps in your resume or advance your current position. The best people in the IT business are the ones who are passionate about learning and that is a key to being successful. Technology is evolving at a pace that is difficult to keep up with. As the environment moves forward and changes so must you.