TechWorld

 Tinder users have many motives for uploading their likeness to the dating app. But contributing a facial biometric to a downloadable data set for training convolutional neural networks probably wasn’t top of their list when they signed up to swipe. Read More

You know what's universally regarded as un-fun by most programmers? Writing assembly language code . As Steve McConnell said back in 1994 : Programmers working with high-level languages achieve better productivity and quality than those working with lower-level languages. Languages such as C++, Java, Smalltalk, and Visual Basic have been credited with improving productivity, reliability, simplicity, and comprehensibility by factors of 5 to 15 over low-level languages such as assembly and C. You save time when you don't need to have an awards ceremony every time a C statement does what it's supposed to. Assembly is a language where, for performance reasons, every individual command is communicated in excruciating low level detail directly to the CPU. As we've gone from fast CPUs, to faster CPUs, to multiple absurdly fast CPU cores on the same die, to "gee, we kinda stopped caring about CPU performance altogether five years ago", there hasn't been much nee...

Over the last twenty years, I've probably built around a hundred computers. It's not very difficult, and in fact, it's gotten a whole lot easier over the years as computers become more highly integrated. Consider what it would take to build something very modern like the Scooter Computer : Apply a dab of thermal compound to top of case. Place motherboard in case. Screw motherboard into case. Insert SSD stick. Insert RAM stick. Screw case closed. Plug in external power. Boot. Bam done. [youtube https://www.youtube.com/watch?v=PKf1I759PPQ&w=420&h=315] It's stupid easy. My six year old son and I have built Lego kits that were way more complex than this. Even a traditional desktop build is only a few more steps: insert CPU, install heatsink, route cables. And a server build is merely a few additional steps on top of that, maybe with some 1U or 2U space constraints. Scooter, desktop, or server, if you've built one computer, you've basically built them ...

The UK government has complained to the Twitter over a block on the access to data from the social network, they are reportedly using this to track potential terror attacks, said the officials on Wednesday. “The government has protested against the decision and is in an ongoing discussion with the Twitter and trying to get access to this data,” said a Home Office spokesman. The Prime Minister Theresa May’s spokesman have declined to specify exactly what that data was and why it is important, saying just “we wish to have access to that information”. But he told the reporters that: “This fight against terrorism is not just one for the security services and the police.Tech companies and social media have a role to play.” A Daily Telegraph newspaper has reported that the government is tracking terms related to the potential terror attacks using a third-party firm, but this is now blocked. In a blog post in November, the Twitter executive Chris Moody has said their firm encouraged the devel...

Apple’s using a Lexus RX450h SUV for its autonomous vehicle testing program, as revealed by documents filed with the California DMV in accordance with licensing requirements for self-driving tests in the state. Now, Bloomberg has images of the vehicle in action , captured by a chance observer who saw the vehicle pull out of an Apple facility in Silicon Valley. The SUV looks pretty much like similar test cars used by Waymo, the former Google self-driving car company whose headquarters are pretty much just down the road from Apple’s Cupertino HQ. The equipment adorning the SUV include optical cameras, LiDAR, and radar, all of which appear to be off-the-shelf components, including Velodyne’s top-of-the-line LiDAR unit atop a frame that extends a few feet out from the roof of the vehicle. Judging by these spy shots and the information found in the DMV documents made public by a public records request, Apple is very early in its autonomous technology program compared to companies like Waymo...

The new Robert Walters UK Jobs Index reveals that the job vacancies for IT professionals increased by 12% in the first quarter of 2017 when compared to the same time in the last year. Developers and software engineers are particularly sought after, accounting for the 14% of total demand while the vacancies for IT managers made up by 4% of total number of the roles. “The UK IT sector has enjoyed a strong steady growth over past several years and is largely resistant to slowdown in the hiring seen by other sectors in midst of economic and political uncertainty last year.” “However, start of 2017 has nevertheless seen a significant increase in IT hiring, with the developers particularly sought after. The demand from startup firms in the fin-tech has played a major role in this, along with the large established companies investing heavily in the cyber security.” “With many high-profile data breaches over past few years involving in the prominent companies, employers are now increasingly re...

  In an operation targeting cybercrime across Asean, the Interpol says it has identified thousands of compromised systems that included command-and-control (C2) servers infected with malware and websites run by governments. Some 8,800 of the servers across eight countries were found to be infected with various malware codes including those targeting financial institutions and used to launch DDoS (distributed denial-of-service) attacks. Investigations involving these systems were still ongoing, according to a statement released by Interpol, which ran the Asean operation out of its Global Complex for Innovation in Singapore. It added that some 270 websites were found to have been infected with a malware code that exploited a vulnerability in the website design software. These compromised sites included those run by governments, which might contain personal data of their citizens, it said. “A number of phishing website operators were also identified, including one with links to Nigeri...

Performs some of the most famous MITM attack on target addresses located in a local network. Among these, deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a didactic project for learning python language, I decline every responsibility for any abuse, including malevolent or illegal use of this code. Installation  1 2 3 $ git clone https : //github.com/codepr/creak.git $ cd creak $ python setup . py install or simply clone the repository and run the creak.py after all requirements are installed: 1 $ git clone https : //github.com/codepr/creak.git It is required to have installed pcap libraries for raw packet manipulations and dpkt module, for dns spoofing options is required to have installed dnet module from libdnet package, do not confuse it with pydnet (network evaluation tool) module. It can use also scapy if desired, can just be set in the c...

Ken-Pachi / August 12, 2016 / Comments Off on Mara framework v0.2(beta) – Mobile Application Reverse Engineering & Analysis Framework. / Android Tools, Anti Malware/Virus – Malware Analysis, Encryption, Framework, Registry Analysis, Security Tools Changelog v0.2(beta): * Adding Preliminary Analysis (*new Features) * Adding APK Manifest Analysis (*new Features) * Tools Update tools/editors/com.maskyn.fileeditor-59.apk tools/editors/sublime-text_build-3114_amd64.deb * setup.sh * mara.sh Mara Framework v0.2 MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering toolsets, in order to make the task or reverse engineering and analysis easier and friendly to mobile application developers and security professionals. Mara Features supported: * APK Reverse engineering Disassembling Dalvik bytecode to smali bytecode via baksmali and apktool Disassembling Dalvik bytecode to java b...

The U.S. Air Force launched a new bug bounty program dubbed “Hack the Air Force” on Wednesday, continuing a trend within the U.S. military that began last year with Hack the Pentagon and Hack the Army. Before the Pentagon’s bug bounty programs launched, it was illegal to search for vulnerabilities on Defense Department networks. The trend has extended overseas, as well, with the U.K. government’s announcement of its own bug bounty program last month. The Air Force program is directed by HackerOne, the bug bounty platform behind Hack the Pentagon that just raised a $40 million investment in February, and Luta Security, the security consulting firm driving the U.K. program. HackerOne and Luta Security are partnering to deliver up to 20 bug bounty challenges over three years to the Defense Department. “This outside approach — drawing on the talent and expertise of our citizens and partner-nation citizens — in identifying our security vulnerabilities will help bolster our  cybersecurity,”...

Kali Linux is the favorite operating system of ethical hackers. Last year, the developers of this ethical hacking toolset decided to switch to the rolling release model. This means that instead of being based on the standard Debian releases, Kali Linux rolling distro ensures that it’s regularly being updated with latest features and patches. But, in the rolling model, the release of updated images isn’t much important. But, the latest release, i.e., Kali Rolling 2017.1, brings in a bunch of exciting features and updates. So, let’s take a look at the major highlights: Kali Linux 2017.1 new features RTL8812AU Wireless Card Injection support This release brings wireless injection support to 802.11ac standard. This has happened due to the implementation of drivers for RTL8812AU chipsets. For installing the driver, you simply need to run the following command: 1 2 apt – get update apt install realtek – rtl88xxau – dkms CUDA GPU Cracking support Thanks to the improvements in packaging, the u...

 Once derided as a silly novelty, emojis are coming into their own as a communication tool. New app Wemogee uses the ideograms to help people with aphasia, a language-processing disorder that makes it difficult to read, write or talk. Read More

Grocery delivery startup Instacart recently closed a $400 million Series D round of funding at a valuation of $3.4 billion. Now, the company is putting that capital to work by accelerating its expansion across the U.S., and offering free Instacart Express memberships to entice new users wherever it goes. According to the company’s vice president of product, Elliot Shmukler , the company is operating in 41 U.S. markets today and is launching into four new markets this week, including Detroit, Las Vegas, Columbus, Ohio and across Texas’ Rio Grande Valley. New customers in Texas and the Midwest will be able to try its Instacart Express membership free for one year, he said. Typical Instacart Express members use the service 4-5 times per month and spend $450 per month on groceries and deliveries through the platform, the company claims. The geographic push and Instacart Express trials will require the company to hire at least 1,000 more shoppers to fulfill orders in the new markets, Shmuk...

 One of the questions I often get from engineers I mentor is how do you decide on what early stage startup is worth working for? Often, this is long before you have paying customer logos or big name venture funds with substantial commitments as ‘signals’ of potential success. I was a programmer once. And I had to wrestle with this question too. How do I decide? More than a decade… Read More

While the Indian government is trying hard push its Digital India initiative via its new policies, it’s finding it difficult to maintain top-notch security practices. Last month, we told you about an Indian bank’s loss of 25 crores (~ $4 million) due to a flaw in UPI system. Now, an incident in Jharkhand has raised doubts regarding Aadhaar. For those who don’t know, Aadhaar is a 12-digit unique identification number issued by the Indian government to Indian citizens. Due to a programming error in the website maintained by the Jharkhand Directorate of Social Security, Aadhaar data of more than 1.4 million citizens has leaked. The leaked details include names, Aadhaar numbers, addresses, and bank account details of the beneficiaries of the Jharkhand’s old-age pension scheme. The state has 1.6 million pensioners; out of the total, 1.4 million seeded their Aadhaar cards for direct transfer of pensions into their accounts. “We got a call from the UID cell telling us that the Aadhaar numbers...

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India Extreme Hacking | Sadik Shaikh  | Cyber Suraksha Abhiyan I t was known last Friday that an American trading firm KCG Holdings was a victim of an internal data breach, it was brought to fruition by a senior employee named Zhengquan Zhang. Employed since March 2010, the DevOps engineer Zhang was working as a supervisor at the firm when the news about the internal hacking came to light. He was arrested by the FBI on Friday, April 7, and charged with one count of theft of trade secrets. Between the months of December 2016 and March 2017, Zhang had accessed the accounts of various employees to gather the maximum amount of information. He also stole the proprietary source code of KCG’s trading system and transferred to a remote server, all of this totaling to around 3 million files. Zhang’s actions were traced on March 25 when he tried to access the home computer of a quantitive analyst who was trying to acces...

The Russian hacker, Roman Seleznev aka Track2, was arrested in Maldives in 2014. He was caught with more than 1.7 million credit card numbers and large stacks of cash. He was accused of hacking into the computers of businesses. Seleznev was convicted on 38 counts, according to Ars Technica, including the likes of wire fraud, widespread identity theft, damage to protected computers, etc. Recently, Seleznev was sentenced to 27 years in prison and convicted of hacking into point-of-sale PCs and causing more than $169 million in damages. According to the prosecutors, the hacking campaign of Seleznev hit more than 3,700 businesses. The government law enforcement authorities asked for 30 years of prison time, so the awarded sentence is pretty close to that. According to the New York Times, it is the “longest sentence handed down for hacking-related charges in the United States.” It should be noted that Seleznev is the son of Valery Seleznev, a Russian Parliament member and an ally to Russian...

A new kind of attack is targeting unsecured Internet of Things devices by scrambling their code and rendering them useless. Security firm Radware first spotted the newly found “BrickerBot” malware last month after it started hitting its own honeypots, logging hundreds of infection attempts over a few days. When the malware connects to a device with their default usernames and passwords — often easily found on the internet — the malware corrupts the device’s storage, leading to a state of permanent denial-of-service (PDoS) attack, also known as “bricking.” In other words, this attack “damages a system so badly that it requires replacement or reinstallation of hardware,” said Radware. It’s a novel take on an ongoing security problem with Internet of Things devices: Botnets controlled by hackers, like the Mirai malware, typically infect unsecured devices that are enlisted as part of wider bandwidth-stealing attacks to bring down websites and services by overwhelming them with internet tra...

Unlike Facebook, Snapchat is an app that puts camera first. But, CEO Mark Zuckerberg is trying hard to fill that gap and he doesn’t care if copying Snapchat is involved in the process. Now, after replicating Snapchat’s popular AR filters, Facebook is aiming to go one step further and use its army of developers to make this war more vicious. At the F8 developer conference, Zuckerberg said that the first step that made sense was to release products that people already knew about, which sounded like a way to justify the copying. So, what would be the second step? “We’re not just going to build basic cameras, we’re going to build the first mainstream augmented reality platform,” Zuckerberg said. The word “basic camera” is a direct jab at Snapchat. He also added that Facebook is developing Camera (read Facebook Camera) as the first augmented reality platform. “For those of you watching us roll out cameras (read copying Snapchat) across all our platforms, that was act one. This is act two,” ...

In the year 1976, F.A Hayek, in his book “The Denationalisation of Money,”  propagated the establishment of competitively issued private money. In the mid-70s, what seemed like a farfetched idea was conceived by yet another Economist  in the year 1999. Milton Friedman, an American economist who received the 1976 Nobel Memorial Prize in Economic Sciences, predicted of time where the internet, (still in a nascent stage then) would help abolish the role of a government and evolve a currency free from the shackles of the government control. Less than ten years later the prophecy came true when Satoshi Nakamoto, a Japanese, invented a form of cryptocurrency called “Bitcoin.” The origin of Bitcoins can be traced to the aftermath of the global recession and money crisis of 2008 that shook the whole world economy. What is bitcoin?  How does it work? In the simplest form, Bitcoins can be described as a “Peer to Peer Electronic cash system.” Bitcoins can be used as a method of payment for numero...