Mega Telegram Hack: Hackers Attacked 15 Million Telegram Users

More than a dozen Telegram accounts were compromised leading to the identification of 15 million users’ cell number. Two researchers were able to point out this mass hacking campaign being carried out and have hinted the involvement of Rocket Kitten group behind this.


The messaging app Telegram is quite popular in the middle-east nations and Latin America. Iran has around 20 million Telegram users which contribute to around 20 percent of the Telegram users. The abundance of users  was enough to lure a hacker group. Reports have been floating around that around 15 million Iranian Telegram users’ phone numbers have been compromised.

Two researchers, an independent cyber security expert Collin Anderson and Claudio Guarnieri, were able to detect the security breach which utilized the two-factor SMS verification used by the Telegram app for adding a new device to a user’s account. The hacker, who has access to the SMS data of a device, could add his own device to the account and gain access to the data. Like this, more than two dozen user accounts were hacked.

The berlin-based Telegram stores the data in the cloud. It offers end-to-end encryption the users just like Facebook’s Secret Conversations in Messenger and WhatsApp platform.

Is the politics involved in Telegram hack?
The SMS verification process is a common multi-factor authentication implemented across various apps and services just like Telegram has done.

But, how these messages reach the phone? Through the cell phone company’s servers.

“We have over a dozen cases in which Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company,” said Anderson.

The researchers didn’t rule out the possibility of the government-backed cellphone company acting as the greedy cat in the picture. The cat might be responsible for finding the details of the mice.

“The individuals that are targeted [in these Telegram hacks] are individuals who are human rights activists, they’re opposition figures, they’re individuals tied with people who are currently in jail or under house arrest or these sorts of things,” Anderson said.

“The fact that they’re going after these individuals shows that this is part of a larger understanding of the opposition environment inside of the country.”

A Telegram Spokesperson Markus Ra said that “if you have a strong Telegram password and your recovery email is secure, there’s nothing an attacker can do”.

Maybe the users can add an extra layer of security but in reality, 15 million cell numbers have been exposed.

The tale of the Kitten!
Rocket Kitten is a hacktivist group which is presumed to be behind this mass exposure campaign. The researchers have pointed to the Persian-language references in the code to relate the involvement of the Rocket Kitten group. The hacker group has been linked to the Revolutionary Guards in the past and the researchers have analyzed the similarity in the operations.

Telegram’s API is publically available and researchers said that same was used to identify the people against their cell numbers, whether they exist on Telegram or not. The mass identification carried out by brute forcing the numbers to the API to get the user ID. Telegram has disabled the ability to perform mass checks in the API.


Saturday, 6 August 2016
Posted by Sivapriya
0 Comments
Tag : , ,

Digital Marketing Training @ Vellore


Learn from Digital Marketing Venture. Get Job Ready in 6 weeks. Join Now!
Get Access for 90 Days · OMCA Exam Fee Included · Learn with our Flexi-Pass · 4 Projects
Courses: Social Media, PPC, SEO, Email Marketing, Mobile Marketing, Content Marketing

Join DigtialMarketing Venture Digital Marketing Training institute in vellore,Chennai. Call 8189985559 for details about Digital Marketing Course in Chennai. 100% Placement!

Contact : 8189985559
www.redbackacademy.com

Friday, 5 August 2016
Posted by Redback Academy
0 Comments

In-Demand Technical Certifications 2016

Certifications play an important part of any IT professional's career, although there will always be some debate on how important. Certifications are, like most things in life: The more you put into them, the more you will get out. While the actual knowledge you gain on the journey is the true reward, certifications also indicate to employers that you take your job seriously and that you are knowledgeable on the respective technology.
                  
                                                                                      
With more than 1,700 professional IT certifications running the gamut of IT technologies, knowing which certifications are the most important for your specialty can seem an insurmountable task.

In a competitive market, you've got to do everything you can to distinguish yourself from your peers. Certification is an important part of that process. A recent poll asked users why they choose certification. The number one answer --at 51 percent--was that certification was a way to position themselves for a promotion or potential job.

Knowing Which IT Certification Is Right
Before you jump into a specific certification, there are some important questions that you need to ask yourself about your career goals and objectives:

What demographic of IT do you fall into? (Security, Server, Network, Web Development, Programmer and so on)
What are your career objectives?
What IT career are you most interested in?
What type of resources are needed (i.e. money and time)?
Will this certification have a significant impact on my career?

If your area of expertise is related to a listed certification's focus and you don't have that certification, you will definitely want to delve into it further. Now without further ado, here are our Top  IT Certifications.

Project Management Professional (PMP)
Completing the Project Management Professional certification shows employers that you have the necessary skills and resources to get the project done from start to finish, on time and on budget. It's never been more relevant than in today's IT industry where we all have multiple responsibilities.

Certified Information Systems Security Professionals (CISSP)
CISSP is a vendor neutral security certification. People who hold this certification have the skills and knowledge to complete high-level tasks involving architecture, design, management and/or controls that assure the security of business environments.

Red Hat Certified Engineer (RHCE)
RHCE is a Linux Red Hat Enterprise Linux certification and demonstrates that the holder has the skills and knowledge to perform the duties of senior system administrator, responsible for Red Hat systems. Deployments and migrations are second nature to an RHCE.

Linux continues to be adopted by more and more companies in an effort to decrease operating costs. Demand is outpacing supply making this one of the hottest Linux certifications.

VMware Certified Professional (VCP)
VCP VMware's first level of certification that focuses squarely on the vSphere virtualization platform. Recipients should have the skills to install, deploy, scale and manage vSphere environments, as well as general virtualization skills.

CompTIA A+
A+ from the trade group CompTIA, is another vendor-neutral certification and is considered entry level. It encompasses a number of different foundation level IT skills.

Information Technology Infrastructure Library
The ITIL certification is the basis of the worldwide standard for quality IT Service Management and is considered to have laid the groundwork for effective IT departments. It outlines non-organizational specific "best practices" that are used by companies to establish a level of competency. There are four flavors for this certification: Foundation, Intermediate, Expert and Master.

Cisco Certifications                                                                                      
Cisco Certifications, like Microsoft and others, have been IT industry standards for years and are used to validate knowledge of Cisco products and technologies. So much business passes through Cisco systems that these always seem to be in demand.

Cisco Certified Internet work Expert (CCIE)
CCIE demonstrates that the recipient has all the expert-level skills required to plan, prepare, operate, monitor, and troubleshoot complex data center networks. CCIE is a common goal for network professionals who want to be recognized as experts in their field. Cisco touts this certification as "the most prestigious networking certification in the industry" .

Cisco Certified Network Associate (CCNA)
CCNA certification is a second-level Cisco Career certification. It lets employers know that you have demonstrated the ability "to install, configure, operate and troubleshoot medium-size routed and switched networks, including implementation and verification of connections to remote sites in a WAN". Anyone who wants to work in the networking field or if you happen to work on Cisco hardware on a regular basis should consider adding this certification to their skillset.

Microsoft Certifications   
Microsoft software and systems are a staple in most IT departments making these and other Microsoft certifications in demand skills. The Microsoft certifications listed below as top needed skills in today's job market.


Microsoft Certified IT Professional (MCITP)
MCITP certifications, one of Microsoft's newer certifications, tests technical proficiency in the Microsoft Certified Technology Specialist (MCTS) certifications. There are many different areas of certification.

Windows Client                                           
Ø MCITP: Enterprise Desktop Support Technician on Windows 7
Ø MCITP: Enterprise Desktop Administrator on Windows 7
Ø MCITP: Consumer Support Technician on Windows Vista
Ø MCITP: Enterprise Support Technician on Windows Vista

Windows Server       
Ø MCITP: Enterprise Administrator on Windows Server 2008
Ø MCITP: Server Administrator on Windows Server 2008
Ø MCITP: Virtualization Administrator on Windows Server 2008 R2

Microsoft SQL Server
Ø MCITP: Database Administrator 2008
Ø MCITP: Database Developer 2008
Ø MCITP: Business Intelligence Developer 2008
Ø MCITP: Enterprise Project Management with Microsoft Office Project Server 2007

Microsoft Exchange Server
Ø MCITP: Enterprise Messaging Administrator on Exchange 2010
Ø MCITP: Enterprise Messaging Administrator on Exchange 2007

Microsoft SharePoint Server                                
Ø MCITP: SharePoint Administrator 2010

Microsoft Lync Server
Ø MCITP: Lync Server Administrator 2010

Microsoft Certified Technology Specialist (MCTS)
MCTS certification validates skills on a particular Microsoft technology. As with MCITP, there are many technologies that you can certify for, for example, Exchange server, Lync Server and Office Communications Server, virtualization and more.

Microsoft's Certified Systems Engineers (MCSE)                          
An MCSE certification demonstrates that the recipient can design, implement and administer technology infrastructures using Microsoft 2000 Windows Server and other Windows server platforms. This certification is common to systems engineers, tech support engineers, system analysts, network analysts and technical consultants.

Certifications are a great way to break into a new technology, cover gaps in your resume or advance your current position. The best people in the IT business are the ones who are passionate about learning and that is a key to being successful. Technology is evolving at a pace that is difficult to keep up with. As the environment moves forward and changes so must you.

Monday, 1 August 2016
Posted by Sivapriya
3 Comments
Tag : , , ,

Wireshark 2.0.5 Released — World’s Most Popular Network Traffic Analyzer

 Wireshark is widely used as the primary network protocol analyzer by security researchers all across the world. Wireshark 2.0.5, the latest maintenance update, is now available for download with various security fixes and updated network protocols.


If you are into analyzing different network protocols and studying the data packets, then you must have heard about Wireshark. Unlike the other hard-to-operate command line network analyzers, Wireshark comes with a simple graphical interface.
Using Wireshark, one can easily take a look at both wired and wireless network to view the live information. This free and open source tool is available for multiple platforms, including Windows, Linux, and OS X.

Wireshark 2.0.5 released with multiple improvements!

The fifth maintenance update to Wireshark 2.0 series has just been released as the most advanced and stable version of this network protocol analyzer.

The Wireshark 2.0.5 release marks the resolution of more than 20 issues that were reported by the users since the last maintenance release 2.0.4.

Long look problems with RLC and OpenFlow were also fixed along with the infinite problem with WAP, WSP, MMSE, and WBXML.

This release also fixes 9 security flaws and updates the protocol and capture file support. It updates the inbuilt protocol support for 802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge, LDSS, MPTCP, OSPF, PacketBB, PRP, RLC, RMT-FEC, RSVP, RTP MIDI, T.30, TDS, USB, WAP, WBXML, WiMax RNG-RSP, and WSP.

It should be noted that the latest release doesn’t bring any new features, protocols, or file format supports.

If you wish to read the complete Wireshark 2.0.5 changelog, you can read the release notes released by this open source project.

Wireshark source code and latest stable release can be downloaded from their website.
Saturday, 30 July 2016
Posted by Sivapriya
1 Comment
Tag : , ,

How to Start Your Security Specialist Career

Struggles and challenges becomes more difficult if you don’t know where to start. If you graduated from a very promising school, but don’t have the required experience and skills need to land the job, the chances of your resume being viewed by prospective employers might be slim. Information from this article is based from my personal experience and from experiences shared by mentors.


TIME. Time is the most valuable asset you need to spend in order to acquire the necessary learning and skill-sets. Most people I know who got a job spent more than 3 years working in various cyber sectors, which lead them to have the expertise.

MONEY. Yes, money, money and money. Now that you have allotted enough time to learn what it takes, you need decent amount of money to attend a review class then buy your voucher to get certificated.

CERTIFICATION. Why do you need certifications? Your skills will be validated by an institution to accredit your knowledge, experience and expertise.

Below are areas you can start to study and work in/with:
  • CompTIA A+
  • CompTIA Network +
  • MCSA
  • MOUS
  • Python, Java, html, sql, C, C#
  • Linux
Our Institute Location:  
Redback IT Solutions Private Limited,  
#AL 24 TNHB PHASE III, 
Sathuvacheri,( Near Vallalar Water Tank)  
Vellore. 632602 

Contact :  
Training Coordinator  
+91 8189985551 

Wednesday, 20 July 2016
Posted by Sivapriya
0 Comments
Tag : , , , ,

How Do Hackers Easily Crack Your Strongest Passwords — Explained

Apart from knowing the best methods to create a strong password, one should also be aware of the techniques used by hackers to crack them. The recent torrent of massive data breaches has made the jobs of hackers even easier as they are able to access the dumped data easily. In an explainer video, YouTube channel Computerphile explains the process of password cracking and the mistakes one commits while creating a new password.

Password storage and its encryption is a common question that’s often discussed in the cyber security world. At many occasions, when people mention encrypted passwords, they really mean hashed passwords. Unlike encryption, a password that’s undergone the hashing process, can’t be reversed using the same key.

However, thanks to the leaked password hashes on the file-sharing websites and dark web, our passwords are less secure than ever. Some of the latest data breaches affected millions of LinkedIn and TalkTalk users.

For a hacker, getting access to these password hashes, extracting real passwords and using them to compromise the online accounts isn’t a tough task. Using the same technique, the hackers are now increasingly targeting the social media accounts of technology CEOs–Mark Zuckerberg, Jack Dorsey, Marissa Mayer–and Hollywood celebrities.

Well, even if you are using a super safe password that has been created using some advanced techniques, these massive breaches have made them unsafe.

This process has been explained in an exceptional manner by the YouTube channel Computerphile.

https://www.youtube.com/watch?v=7U-RbOKanYs&feature=youtu.be

This cracking video shows a deep learning beast that uses 4 NVIDIA GPUs and a password cracking tool called Hashcat. Hashcat lets you do different types of password cracking. Thanks to these GPUs, Hashcat takes billions of plain-text passwords and hashes them using MD5 at a rate of 40 billion per second.


The presenter explains the process in detail and tells you the best practices that should be adopted while creating a new password. It’s always good to avoid small combinations and dictionary words in your password. I’ll also suggest you to keep changing your passwords from time-to-time.

Tuesday, 19 July 2016
Posted by Sivapriya
0 Comments

Ethical Hacking Course in Vellore

Ethical Hacking Course in Vellore | Kanchipuram | Gudiyatham


hacking course in Chennai
Ethical Hacking! An action performed by a hacker to malfunction a system or an entire network with an intention to interrupt or crash the framework bypassing all the security issues such as a strong password set by the owner of the Network. Whereas a company look into this technique in a different way i.e; the companies uses these strategies in order to increase their security in a hacker point of view. This is what you will be learning at our ethical hacking course in Vellore. The training offered here will make you face the obstacles that are posted in the real time hacking industries.
According to an old saying “Be a roman, when you are in roman”, to become an ethical hacker you should turn in to one. The demand for ethical hacker is increasing worldwide, though it is the highest paid job in India as well as abroad. Unhappily there are less number of ethical hackers are available to fill out the opened positions in leading companies in the world. Our ethical hacking course would act as a gateway for you to enter in to a reputed concern. For this all you have to do is to join Redback Academy and pursue your ethical hacking training.
Our procedure lies in training our students in all the perspective that a professional hacker would thick. Since our trainers are present employees of foremost hacking companies, they would give you real time training on how to hack tiny network. Through which you will be gaining the knowledge of how to face an actual work environment. This includes, understanding the tools required for hacking and pace of environment where all the action will be held. These are our talent that we are implementing in teaching hacking course in Vellore for a long time.
Our teaching would be completely a practical one, with minimal number of theory classes. Students are allowed to take advantage of our Lab facility at the time we are opened. We do provide an International certification to our students on successful completion of the training and that would be from EC council. You can contact us at any time for a free demo class to get an in depth knowledge about the course that you are about to learn. We are ready to help you with all our effort to make you a ethical hacker as soon as possible. Don’t just wait anymore, call us now to enroll for the course.
Ethical Hacking Course Syllabus:
  • Introduction to Ethical Hacking
  • Footprinting and Reconnaissance
  • Scanning Networks
  • Enumeration
  • System Hacking
  • Trojans and Backdoors
  • Viruses and Worms
  • Sniffers
  • Social Engineering
  • Denial of Service
  • Session Hijacking
  • Hacking Webservers
  • Hacking Web Applications
  • SQL Injection
  • Hacking Wireless Networks
  • Hacking Mobile Platforms
  • Evading IDS, Firewalls, and Honeypots
  • Buffer Overflow
  • Cryptography
  • Penetration Testing
Why Ethical Hacking Course in Vellore at Redbakacademy?
  • We provide innovative and practical teaching methods in attempt to make learning more interactive.
  • We are open 7 days a week. You can enjoy the flexibility of weekday and weekend schedules based on your convenience.
  • At the end of the course, each student will be assigned with mini project. In addition, we also give the opportunity of working in real time projects based on their ability.
  • Our training institute is facilitated with high-end infrastructure and lab facility.
  • Intensive training through certified by ethical hackers working in leading MNCs
  • In depth subject coverage and excellent training
  • We also offer 100% placement assistance to our students to make impressive presence in reputed web design industries.
Looking for best Ethical Hacking Training Course in Chennai? Enroll in FITA. Get Trained by Certified Ethical Hacker and become one!
Related search terms: Ethical hacking course in Vellore, kanchipuram, Chittor, Gudiyatham, Chennai, Ethical hacking course, Hacking course in Vellore, kanchipuram, Chittor, Gudiyatham, Chennai, Ethical hacker course in Vellore, kanchipuram, Chittor, Gudiyatham,Chennai, Ethical hacking training in Chennai, Ethical hacker training in Chennai, Ethical hacking course in Vellore, kanchipuram, Chittor, Gudiyatham,Chennai, Best ethical hacking institute in Vellore,kanchipuram, Chittor, Gudiyatham,Chennai, Ethical hacking training center in Vellore, kanchipuram,Chittor, Gudiyatham,Chennai, Ethical hacking training institutes in Vellore,kanchipuram,Chittor,Gudiyatham,Chennai, Ethical Hacking Course in Vellore,kanchipuram,Chittor,Gudiyatham,Chennai, Ethical Hacking Course in Chennai, Ethical Hacking Course in vellore.
Saturday, 16 July 2016
Posted by Sivapriya
1 Comment

widget

Pageviews

Cloud Label

Blogumulus by Roy Tanck and Amanda Fazani

- Copyright © 2013 Redback IT Academy -- Powered by Redback - Designed by @ Redback Studio -