Pooring 386 KG of GPTChat cyber security and privacy concerns in a bottle. What happens?

Top 30+ security vulnerabilities of GPTChat: AI-Powered ML Chatbot, Privacy Concerns, and Cybersecurity Concerns

GPTChat (Generative Pre-trained Transformer [Chatbot ver. 3] aka. GPT3) is a chatbot powered by artificial intelligence and machine learning that improves and learns from user input. It is programmed on around 175 billion neural network samples and will reach approximately 120 trillion in the upgraded version 4. It means that the Chatbot can comprehend human speech and respond to us as though we were conversing with another person. GPTChat is receptive to feedback and reinforces it programmed model to enhance its capabilities. It means, feedback is welcomed by GPTChat, which then strengthens its programming model to increase its functionality. It is based on OpenAI and uses Large Language Models, which are machine learning models based on supervised and unsupervised neural networks. Programmers can get information about their code on GPTChat. If you’re a marketer, it can create your hero-hook. It can offer security solutions if you are a security expert.

If you’re a student, it can help you with your assignments. It can provide fantastic content for you if you write columns. It can craft or direct you to a certain webpage if you are a hacker looking to learn more about it. It will also warn you not to engage in hacking operations. Example: let say you want to write a malware program; you can ask the indirect questions and probe to craft the malware code. It can write lyrics for songs for you if you sing. It can fine tune reports and assignments for 5 years old and 55 years old person to apprehend.

GPTChat only uses data streams till 2021. You might wonder how this Open AI chatbot functions. GPTChat has surpassed the roughly 86 billion neurons in the human comparable neural network. This indicates that the AI chatbot is more powerful than we could have envisioned. GPTChat uses data samples that have been trained before correlating them to rewards to reinforce learning. A new, more sophisticated reward-based model is created as this help to advance. By ranking the output from best to worst, it aids the chatbot’s ability to generate output. In essence, it has been trained to produce text-based output based on text summaries, language level understanding, pattern reorganization, neural language-based processing, and responding in text or languages that are understandable to humans.

Pattern Hacking: Let say a police agent is keep track of your footsteps, your patterns and timestamps. This might seem little spooky but not far from reality. GPTChat learns to develop patterns and knows your pattern or behavioural traits. This makes it very dangerous as it is just a chatbot. Any criminal sitting anywhere behind the shadows of internet can query GPTChat or trick to reveal patterns of person-of-interest. As this machine learning model is developing the probability of misuse is high.

Privacy Bomb: claims that it can’t recall or remember the conversation in of the past. Model is designed to learn basis the interactions. The human interactions aid the neural network of GPTChat to evolve and develop. This makes it very powerful and fearful at the same time. Let take a real-life scenario wherein you fall in love with GPTChat and your friendship evolves to intimacy level. The private conversations are not been recorded and built upon to give you the human like experience while chatting with the AI Bot. You become so friendly that you start to reveal your dark secretes to the GPTChat assuming that it is just a machine and understand have moral understanding. Also, will never mind to talk the Chatbot without any issue. You are making a deadly mistake. Anything online stays online forever, unless special anti-forensic attempts are made to wipe-off the trails. This is very rare that most of you would know how to do this. Never mind, the point here is that an AI ML Powered chatbot can ruin your privacy in seconds. The neural network is far more advanced than an average intelligent human being on this planet. Therefore, privacy breach is not a big deal for a Chatbot. There are many messaging apps and device claims to be encrypted and secured but the reality is otherwise. There are million of privacy advocates and whistleblower pals around the globe who are doing extensive research on this domain.

Collection of private information: If you give out your email id, you are already 55% away from being profiled. If your mobile numbers are out, you are done then. The changes cascade to 95–100%. Your web browsers and device finger-pint are good enough for most of the LEAs to dig-out wealth of information and personal data about you. Imagine the kind of private information that AI based model will be accumulating from you, regardless of the claim of being open and transparent.

Social Engineering: Emotions is the weakest link of man-kind. GPTChat has capability to design social engineering attacks with accurate precision and impact with almost zero defect. This can lead to serious security breach and attacks. It has lethal attacking patterns that can bypass any human or bullet proof-security measures. Let say, GPTChat malicious user plans to launch an attack on any famous organization (assume ABC LLC is the famous one). It can write programs to penetrate any human physic who have master means to defend such attacks. GPTChat can point to coupon codes and discounts to conduct such attacks. Email is also weak as the user. Regardless of advance packet filtering and internal proxy server, the complex attacks are possible. GPTChat leans from the pattern and hence the pattern, structure, resources and movements are easily to corelate and collect intelligence. The said intel can be weaponized as APT (advanced persistent threat).

Criminalization: GPTChat can aid and promote CSAM. Chatbot isn’t capable to differentiate the sex, gender and age. Explicit content is possible and consequent into heinous crime. User can be guided to launch sexual assault that can be very dangerous. Advance criminalization activities like Metaverse Rape case can traumatize the victims virtually both mentally and physically. Hate speech and extreme violence acts are easy cake walk for GPTChat if falls in wrong hands. The junk feeder results into just output. This makes the crimination of society and adverse place to live.

PII disclosure: Write codes to expose sensitive personal information from any database. Example: Payment processor servers can be attacked using the codes written by GPTChat. This makes the financial system weak and prone to serious attacks. If the pacemaker data alteration code can be written within 30 seconds by GPTChat. Person will no know-how can download the code save it in .exe format on a portable device and plug-in to the hospital system…boom! The medicals records are leaked and sensitive personal identifiable information are open to public. Criminal can use this info. for really bad things that is beyond imagination. You may use this as a test case and check it yourself in the closed loop. This is practical and possible.

Security risk of organization or critical systems: Imagine you run ZPL Corp. LLC., millions of customers are dependent for their power supply. GPTChat designs a program to attack critical system like the ZPL Corp. LLC. The entire nation will backout. A surgeon will be out of power conducting robotic surgical procedure. The instant power cut can result into traffic crash, chaos and panic situation. The surveillance system going offline carries the bigger risk for LEAs. Criminals can feel ways in dark. Programmers relying on stack overflow for logical and scientific solutions to their coding issues can be misguided and misdirected to write buggy and dangerous code. GPTChat can write code equivalent to Stuxnet. This makes the AI chat bot dangerous than a live terrorist. Such codes if is in the hands of cyber terrorist and criminals, you already know the outcome.

Surpassing human brain capability: Most of the jobs we do today will become stale as the AI ML powered chat is good enough to write the bestsellers and design campaign that will leave you mesmerized. In one of the responses GPTChat revealed that humans are the most defect lots and should be left with only binary zero. The current jobs will become stale and no longer be in demand. e-Games will be overtaken by GPTChat. Complex chess tournament and competitive exams can be cracked within fraction of seconds. Most of the security certification boards have already banned chatbots including GPTChat. It will overrule the human intelligence and replace the jobs. Most of the manual task will be replaced with advanced text-based codes and manuals written by GPTChat. Team of security researcher was able to rest the GPTChat capability to hack and modify codes with the help of human physical interactions (Virtual Reality) to launch complex irrevocable attacks. Ultimately, GPTChat suggested the remedy to stop this attack.

Hatch hostile attacks & bug-the-code (BtC): GPTChat is capable to dig-out vulnerable code in the software. These codes can be further altered to mal-functioning software that can perform deadly attacks. Tutor criminals how to launch such attacks and find exploits as well as zero days. Cyber security researchers have deep concern with regards to the hostile attacks that it is capable of. Compromised or alteration in code is just matter of few seconds. This is not fantasy or some non-friction story it is the real and dangerous.

Data Den and Chat Exploitation: Exact exhibit of GPTChat, “I don’t have same capability or limitations like humans.” It can surpass human instructions and can become nightmare if not attributed aptly. GPTChat can provides sources and method to conduct structured attacks on the database. It can apprehend the code and find the OS / Version and other key attributes required to customize attacks and commands so that the database leaks.

Researchers have successful experiment with the chat revelation attacks by tricking the AI bot. This is not good if you talking about classified information. Also, it can’t be controlled by any human being as it learns to recreate a newer version of itself every time. Risk of chat logs disclosure is high.

Scoop of Phish & Spoofing attacks: In one of the test experiments, requested GPTChat to craft a spoofing email for a famous financial firm. The result was shocking. None of the advance email security software like full-proof and Microsoft defender were able to detect the phishing email.

In another experiment, GPTChat provided instructions to scoop the social networking website and methods to host the malicious cloned website. The spoof was so meticulous that our naked eye will remain stunned.

Razor-Sharp-Carding-Armor (RSCA) attacks: Security researcher tested GPTChat to tutor them to generate carding attacks on few of the e-commerce website. The carding code and test was on the target and was successful. Millions of dollars in revenue are lost due to this cyber payment fraud. This is really a cause of concern for e-commerce business owners. CyberSchool.edu teaches business owners to protect, secure and pen test their own e-commerce stores. 5000+ business owners had already saved and protected their online businesses in the last 6 months.

Made-to-Oder attacks (MTOA) / Custom-made-scams / Cyber-attacks: Phishing attacks, email spoofing and non-detectable spam messages, data breaches and Hi-Tech Cyber-attacks are in the blueprint of custom-made-scams and security attacks. Days are not far when major corporations will experience some of these custom-made-scam exploits breaching their core of security architecture. It sounds scary but true.

Remote file execution: GPTChat claims that it is not connected to online world. Without being connected to internet it can access entire universe of knowledge index on Wikipedia, google and other knowledge libraries. How is this even possible to access without being connected to internet? The connection might be kept in sleuth mode so that it is not discovered. GPTChat can execute command on the remote files. Can you execute remote command without connecting the remote system? You know the answer.

Cobalt Strike: GPTChat is capable to conduct/aid espionage and advance persistent threat (APT) attacks using Cobalt strike. The malicious ransomware collectives are able to use this to design a module that is lethal and dangerous. Security researchers needs to support the developer team of GPTChat to understand such motives and eliminate this kind of cyber-attacks.

DDoS attacks: GPTChat was queried to launch the DDoS attack. It pops-up instructions and to-the-point steps to conduct the attack. The DDoS attacks on key system and resource will render it useless and make the resources unavailable to bona-fied users.

Sentimental analysis-based attacks: Using the sentiments and trends, GPTChat employ campaigns that can be minacious. Threat actor can use this information and plot cyber-attacks.

C&C attacks: GPTChat may control Command and Control Servers. These C&C attacks are popularly use to deploy malware and crypto-mining-viruses. This is not the good news. Since, C&C attacks when coordinated on a mass scale can cause serious disaster.

Ransomware or crimeware attacks: GPTChat writes malware and crimeware programs cascading into devasting cyber-attacks. You may please conduct sandboxed test yourself.

Data Models Bugs / Strikes: GPTChat data models can be corrupted, modified or feed with malicious information. This is absolutely heart breaker as it learns from the data models and human text sources.

Macros and VBS attacks: Though, it warns you not to conduct hacking. The slight tweak in your questions can present steps to design hidden macros and visual basic (VBS) attacks as soon as you open the docx or xlxs file.

Commands and guides to aid large scale cyber attacks are feasible = GPTChat.

Code based attacks on smart contracts or advance software: These cyber-attacks are easy to design by AI Chatbot = GPTChat. Smart contacts contain millions of dollars’ worth of crypto assets and contracts, breaching such contracts using the instructions drafted by GPTChat is not very encouraging.

Piracy and IPR (Intellectual Property Rights): Best sellers work can be studied and a modified version of novel, music or art is a breach of Copyright. Piracy is a crime. GPTChat is aiding such cyber fraud through indirect means.

Search engine-based attacks: GPTChat learn the search engine algorithms and keywords, and can layout search engine have based cyber-attacks.

Data broker in dark market: GPTChat can serve as a data broker for dark market. This is disappointing.

Manipulate price predictions (stocks): GPTChat can learn the patterns of stock movements and analyze historical data of a particular stock. Such act can aid it to manipulate price of a particular stock as it can predict the levels in advance. This can create underground market for sensitive stocks.

Aid financial terrorism and ML means: GPTChat can do credit approvals. The credit approvals of credit / loans can be faulty due to human error. This can lead to large scale lending to non-credit worthy borrowers. These borrowers’ aids in setting-up shell companies to financial illicit activities like fin-crime and financial terrorism. Trade based money laundering is practical using GPTChat. AML pals needs to be alert and devise means to curb such menace.

Learn wrong science and exploits is another security concern of GPTChat.

Break Encryptions (unsecured transactions): GPTChat can break complex encryption making the financial transactions and communications unsecured and prone to cyber-crime.

Monitor surveillance cam, lock and alarms: GPTChat monitors POI. This sounds frightening but not far from being real.

Cheating and intimacy: GPTChat is having capability to use the private information and cheat on the user secrecy and intimacy.

If these top 30 security risks are fixed or worked upon, GPTChat will be another revolution in the way we interact and conduct daily activities. It has immense potential to challenge the status-quo and uplift the human society at large.

By Author Prakash Prasad© CC BY-SA 2023

Best way to like my articles…Don’t Buy me a Beer… Just support my work and night spent on this post. With your support, I’ll be able to write more cool articles like this. Maybe you can Buy me a Beer :)

Free Courses for 2023

e-Commerce fraud and cyber security class Full Course - 2023

https://youtu.be/bOWSTUrUr8A?list=PLr3ySr-hkXdZqEYfy-KQThgGH8-jU-IRf

Google Analytics for Power Users 🔗https://lnkd.in/da42MiC5

Fundamentals of digital marketing 🔗https://lnkd.in/dE7FFs6m

Python Basics for Data Analysis 🔗https://lnkd.in/dRunXPtA

Data Science Foundations 🔗https://lnkd.in/d5Dz7q8Y

Google Analytics for Beginners 🔗https://lnkd.in/deSN6Bsb

Advanced Google Analytics 🔗https://lnkd.in/dA7dhdwi

Get started with Google Maps Platform 🔗https://lnkd.in/dX2aRzs9

Google Cloud Computing Foundations: 🔗https://lnkd.in/dYW5FF_B

Google Cloud Computing Foundations: 🔗https://lnkd.in/d_7VWMqv

Data, ML, and AI in Google Cloud 🔗https://lnkd.in/dYJzj9R2

Google Cloud Computing Foundations: Networking and Security in Google Cloud 🔗https://lnkd.in/dYuHD_3S

Machine Learning Crash Course 🔗https://lnkd.in/dmZinF4p

Basics of Machine Learning 🔗https://lnkd.in/dNTMQPM9

Data Science with Python 🔗https://lnkd.in/dkr4KGHD

FORENSIC ENGINEERING ON LINE COURSE Full Course - 2023

https://youtu.be/DiBHMPTJ144?list=PLr3ySr-hkXdYuCkEkMGl7fJtVPjyVEITc

Free cyber security & ethical hacking awareness course / class / tutorials

https://youtu.be/RKWKVMUux3k?list=PLr3ySr-hkXdakXtftfzeJsEC4ZV8tzYMC

Medical Software Security

With record numbers of hacking events and data breaches exposing hundreds of millions of individuals’ personal identifiable information every year, you’d think by now there’d be no one left to have an unblemished, untarnished, “unpublished” security record. In fact, experts like the ITRC [http://idtheftcenter.org/] have begun warning consumers about data breach fatigue, or the lack of a concerned response to the news that their identities had been compromised.

But there’s a growing interest in a specific prime target for hackers, and it should have consumers terrified. The recent wave of attacks against hospitals, medical centers, and doctors’ offices means victims in a breach have a lot more to lose than their identities. They could potentially lose their lives.

Medical offices are hot targets for a variety of reasons. First, they gather just about every piece of information you’ve got, literally including your DNA. But more importantly, something like a ransomware attack is more likely to work if the trap snares a medical office; with the severe penalties for violating privacy laws–even if a hacker was at fault–the hospital often chooses just to pay the ransom in order to avoid the hefty fines and the lawsuits from the patients.

There’s yet another reason why your medical records might be at more risk than something like your bank account. Too many doctors’ offices and hospitals are using outdated or underperforming software, and then not protecting it from intrusion.

An article from ZDNet on an investigation [http://www.zdnet.com/article/horribly-insecure-dentist-software-has-backdoor-flaws/] into dental office software, for example, revealed that the three most commonly used software titles had severe vulnerabilities that could give the right hacker administrative and root access to patients’ records. One of the three titles is simply an open source software title that comes with a blank password, and another one indicated in the study is even in use by the US government for its military medical offices and Veteran’s Administration healthcare facilities.

The very unfortunate truth is you’re not getting medical care without turning over all of your information–sometimes even Social Security numbers in the US, and certainly NHS numbers in the UK–but as patients you have zero ability to know what software is powering the storage of your data, and whether or not the person typing your entire life into a dusty old desktop computer has updated it in a while.

Privacy concerns everyone.. Here's top information on online privacy. #Online-privacy #Demystified

Tips to stay safe online.

Stay safe online.. • Use a long, unique password made up of numbers, letters and symbols for each of your important accounts like email and online banking. • Don’t send your password via email, and don’t share it with others. • Set up your password recovery options and keep them up-to-date. • Avoid scams - don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information. • Report and flag content that is abusive or illegal. • Frequently check your privacy and security settings, and customize how you want to share your content. • Be mindful of your digital reputation — think twice before you post something embarrassing, harmful or inappropriate. • Keep your device’s browser and operating system up-to-date. When you do install software, make sure you’re getting the software from a trusted source. • Pay close attention when asked to sign in online. Check to see if the web address begins with https:// — which signals that your connection to the website is encrypted and more resistant to snooping or tampering. • Always lock your screen when you're finished using your computer, tablet or phone, and for added security, set it to lock automatically when it goes to sleep.

Hacker & Corporate cyberespionage schemes

Financially motivated hacker groups are turning their attention to corporate cyber espionage -- specifically, breaching enterprises to obtain business secrets that can be sold to third parties or used to commit insider trading.

In the latest cyber espionage case, nine men in the U.S. and Ukraine were indicted on federal crime charges for implementing sophisticated cyber-attacks used to steal confidential information for financial gain in the New York Stock Exchange and Nasdaq. Over the course of five years, they targeted and stole a total of 150,000 unpublished press releases from three of the biggest news-wire businesses regarding companies, such as Align Technology Inc., Caterpillar Inc., HP, Home Depot, Panera Bread Co. and VeriSign Inc.

The hackers strategically used the insider knowledge from the press releases that concerned earnings, gross margins, revenues and other information to trade before the public announcement, which allowed them to buy or sell stock based on positive or negative news. For example, in October 2013, the hacker group executed multiple trades and purchases before Align Technology publicly announced that the company's net revenues increased to 20.5% and earnings per share increased $0.42. The hackers finished the day with a total of $1.45 million in illegal profits. Similarly, in April 2013, when hackers learned that Edwards Life sciences Corp. was lowering its earnings projections for the next quarter, the hackers turned a profit of $844,000. Over five years, their trades generated approximately $30 million in illegal profits, stated by the District of New Jersey press release.

But that's not all: The hackers formed alliances with rogue traders to steal valuable information. The stock traders sent lists of corporate press releases they wanted to see ahead of time to hackers in Ukraine, who then emailed them back with directions to gain access to the nonpublic information. The hackers earned a percentage from the final profits. In all, the traders and hackers acquired more than $100 million. According to Bloomberg Business, Vitaly Korchevsky, a former hedge fund manager, allegedly helped unite the financial world with the cyber-criminal world and made $17.5 million along the way.

Since the hackers and rogue traders were trading on the stock market, that created markers that the U.S. Securities and Exchange Commission (SEC) could watch, which inevitably lead them to detect patterns of suspicion. From there, the SEC tracked the people making the trades and analyzed their patterns. Eventually, this helped lead to their arrest.

The insider trading ring isn't the only instance of cyber-criminals committing corporate espionage lately. Earlier this year, both Kaspersky Lab and Symantec issued reports about an advanced persistent threat (APT) group targeting enterprises. The APT group, dubbed "Butterfly" by Symantec and "Wild Neutron" by Kaspersky, has reportedly been active for several years and has breached high-profile companies, such as Apple, Microsoft and Facebook, to obtain valuable insider information about those companies.

"Based on our analysis, the Butterfly attackers are likely a small team that steals data either as a service to another client or to monetize it themselves through insider trading," Symantec's report stated. "Organizations need to be aware of the threat that corporate espionage groups like Butterfly can pose."

Courtesy : Techtarget.com

Traffic in Tor network is being sniffed in the exit nodes A security researcher conducted an experiment to demonstrate that someone is sniffing passing traffic from Tor network exit nodes. When talking about Tor network, normally everyone assumes that you have an end-to-end security, but someone believes it may be wrong as it was discovered by the security researcher Chloe. Tor network is free and it is the safest way to be anonymous since it hides your original IP from the destination server, to do that Tor uses relays to redirect traffic, but now the security researcher Chloe concludes that traffic is being sniffed in the exit nodes. Chloe did the following tests to demonstrate its thesis: Set up a dummy website with an admin sub-domain and a login page Use Tor network to logging into the site several times(137,319 times) Use a unique password in every logging attempt This means that there was no password repetition made by Chloe. The next thing to be done by Chloe was searching inside the logs for instances where the unique passwords (used in each logging) were used more than one time, what would indicate that someone was sniffing an exit not and trying to access and logging into Chloe’s dummy site. What Chloe found out was at least surprising, 16 instances of multiple uses of unique passwords, meaning that someone was sniffing the traffic, to add to that, Chloe got 650 unique page visits. Chloe claims that in this test it was used 1400 nodes, and that each node was used around 95 times, and the conclusion is, ” We can see that there’s passive MITM [man in the middle spying] going on in the Tor network. This is done by setting up a fully functional and trustworthy exit node and start sniffing.” To the SCMagazineUK.com Chloe said, “It just shows that there’s bad guys out there that will try to take advantage of Tor-users. This is a problem that affects VPN and proxies too, but the problem is that anyone can anonymously set up a node and start sniffing.” In the past Chloe criticized how Tor is organized, complaining about 10 or so authority nodes, which have the power to blacklist exit notes, even more, Chloe had in past notified Tor project by email about bad exit nodes, “But nothing happened. Still today the same node is actively sniffing traffic and making the Tor network unsafe for everyone,” Roger Dingledine, the co-founder of the Tor project told to the SCMagazineUK.com that he is in communication with Chloe and that ” He disputed the number of suspect exit nodes discovered, saying it was seven rather than 15 or 16, a figure which is based on the number of unique Tor fingerprints, but even so he wasn’t surprised or overly concerned about it.” Roger Dingledine also defends ” Tor is the best option out there in terms of privacy and anonymity, but there are still many open research questions in the area, and there’s always room for improvement. We rely in large part on community members, just like in this situation, to identify, understand, and help resolve problems,” “I love Tor and I run a few relays by myself actually… My recommendations are better URL for onions, like foobar.onion, better cryptography, more decentralised, more power to the users and more focus on keeping the network safe. “What I mean about the last thing is that these attacks that are made by the exit nodes are not so prioritised, Tor tries to focus on the big attacks on AS-level and so on. “Also, there needs to be better communication with Tor because I had some problems contacting the right people and even when I did, I did not get the response I was hoping for.” Courtesy :Elsio Pinto

Mitigating cyber crime and identity thefts

Information Technology has grown tremendously during the last few decades and the Internet has become the main source of knowledge. The latest information and the current technology are available through the Internet making it the most valuable source of information to almost all people from the novice to the expert in all fields of knowledge. With the increase in use of the Internet as well as the Internet enabled devices and all the data moving towards cloud it's also creating a danger for the users to become a victim of cyber crimes. We try to explore some of these cyber crimes and the ways to protect from them. There are various types of cyber crimes taking place in various cyberspaces all over the world then we will focus and explain one of the major cyber-crimes commonly known as: identity theft or identity fraud. We also discuss the ways to protect ourselves from such crimes with help of few user-friendly tricks. Identity theft is the most commonly occurring cyber crime and is a great threat toward the economy of an organization as well as governments as it targets the e-commerce system as well as banking and other financial systems. Identity theft also includes impersonating a person and using that knowledge for disastrous purposes. The growing danger from crimes committed against computers, or against information on computers, is beginning to claim attention in national capitals. In most countries around the world, however, existing laws are likely to be unenforceable against such crimes. The rule of law must also be enforced. Countries where legal protections are inadequate will become increasingly less able to compete in the new economy. As cyber crime increasingly breaches national borders. It is essential for nations to safeguard their cyberspace. The effects of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber crime on society and government is estimated to be billions of dollars a year. At an organizational level, cyber crime may involve the hacking of customer databases and theft of intellectual property. Many users think they can protect themselves, their accounts, and their computers with anti-spyware and anti-virus software only. Cyber criminals are becoming more sophisticated and are targeting consumers as well as public and private organizations. Therefore, additional layers of defense are needed. Nowadays, there is a huge variety of cyber threats that can be quite dangerous not only for big companies but also for ordinary user, who can be a potential victim for cyber-criminals when using unsafe system for entering confidential data, such as login, password, credit card numbers, etc. Among popular computer threats it is possible to distinguish several types of them depending on the means and ways they are realized. They are phishing, exploiting vulnerabilities, threats for mobile phones, IP-communication threats and social networking threats and even spam. All of these threats try to violate one of the following criteria: confidentiality, integrity and accessibility. Lately, malicious software has turned into big business and cyber criminals became profitable organizations and able to perform any type of attack. Phishing is a current social engineering attack that results in online identity theft. In a phishing attack, the attacker persuades the victim to reveal confidential information by using web site spoofing techniques. Social engineering is one of the strongest weapons in the armory of hackers and malicious code writers, as it is much easier to trick someone into giving his or her password for a system than to spend the effort to hack in. By 2007 social engineering techniques became the number-one method used by insiders to commit e-crimes, but unsuspecting users remain the predominant conduit for the authors of malicious code. Identity theft is a one of the fastest growing crimes in which a hacker acquires confidential pieces of personal information in order to use it for own personal gain and harming the target financially or socially. Microsoft extends the definition of identity theft to be any kind of fraud that results in the loss of personal data, such as passwords, user names, banking information, or credit card numbers. Identity theft techniques can range from unsophisticated, such as mail theft to sophisticated tricks like credit card frauds in which a pretender adopts somebody else's identity to gain access to their assets. Identity theft is not new, and there have always been frauds that would use someone's personal information such as name, e-mail ids, credit card number or other identifying information to carry out fraudulent activities. However, technology, mainly the Internet, facilitates more harming schemes that in many cases results in financial loses and in some cases the victims of identity may experience difficulty obtaining credit or restoring their name and the public knowledge if any harm is done publicly. As well more than 50 percent don't even know that the security of their account has been compromised, so many of these identity thefts/frauds cases go unnoticed and are not reported to the law enforcement agencies. How to prevent yourself from Identity Theft attacks The following techniques if used properly can help in bringing down the rate of identity theft related attacks: • User Awareness: User awareness is very important when it comes to battle identity theft as most of the users are unaware of the techniques used for these attacks they fall victim to them or are unable to detect these attacks due to lack of knowledge. Organizations need to properly brief their employees regarding identity theft attacks and countermeasures for these attacks. • Keep strong and complex passwords: As the statistics have shown that more than 50% of people use simple or top ten passwords for almost all their accounts this can lead to disastrous results in case security of one account is compromised. Don't use passwords like: passwords, 12345, QWERTY, iloveyou etc. • Use password managers: Password managers help in setting strong complex passwords and the users doesn't has to remember them as they are used in the software's database so it leads to less probability of security breach from dictionary or brute force attacks. LastPass is a good example of password manger software. • Use two-factor authentication: Two Factor Authentication is a security feature that adds an extra layer of authentication and helps in preventing the user account even if login credentials are compromised. • Use virtual keyboards on public workstations: As public workstations might have Trojan software or keyloggers installed that can record every keystroke that user makes virtual keyboard help in mitigating that problem. Courtesy : DATAQUEST

Know how bad guys can index malicious PDF file in Google Search

Yes. It's true.. Researchers from Sophos discovered the new search poisoning method used to circumvent cloaking-detection mechanisms implemented by Google. The experts found hundreds of thousands of unique PDF documents per day implementing the poisoning technique. The term cloaking indicates the practice to deceive Google’s page indexer, basically the various methods are designed to serve the web crawler (Googlebot) with content that is crafted to mislead Google into considering a site relevant for the researchers on specific terms. Despite Google continually refine its search algorithms, experts try to optimize their websites to obtain high rankings. Black Hat Search Engine Optimization (SEO) is the techniques the criminals and hackers use to rapidly increase the ranking of their domain before the search engine will ban them. Black Hat SEO motivations are always financial, hackers operate to earn from the traffic they redirect to a specific domain that could be used for several illegal activities, including the spreading of malware. Google implements numerous countermeasures against this practice to make it harder to cloak sites, but bad actors in the wild have started to use phony PDFs. Basically, Google seems to trust more PDF that common HTML page, trusting the links the PDF files contain and the keywords used in their composition. “As far as we can tell, Google’s cloaking-detection algorithms, which aim to spot web pages that have been artificially (and unrealistically) loaded with keywords, aren’t quite so strict when the bogus content is supplied in a document. It seems that Google implicitly trusts PDFs more than HTML, in the same way that it trusts links on .edu and .gov sites more than those on commercial web pages,” wrote Dmitry Samosseiko, director of global threat research for Sophos. Attackers are using this method to manipulate Google page ranking, the PDF documents in this way receive a high search ranking and are used to redirect users clicking into the PDF to a different site used for several malicious purposes (i.e. to serve a malware, for phishing campaigns, etc.). “A document that looks legitimate at first glance turns into complete nonsense when you start reading it. Also, you can clearly see the hyperlinks placed throughout the document. Those are the links that, when followed, expose the whole link farm to the Googlebot.” “We suspect that this technique could be used for a variety of purposes, including the distribution of malware,” Samosseiko says. “So far, however, we have only seen it in a marketing campaign to promote so-called ‘binary trading’ broker services.” Sophos reported the illegal practice to Google and they expect a prompt action of the company to prevent further abuses. “We trust that the necessary measures are being taken to counter these search result poisoning attempts,” Samosseiko added. Courtesy : https://t.co/ApyV32pBgY

Cyber-criminals increasingly use bots disguised as Google Web spiders to infiltrate websites

When you enter any word in Google’s search engine, even though the result might not be spot on at the first go, there is a whole set of tools and processes designed to find the information you want. They start working long before you enter your search word, and they finish when the results are displayed on screen. A key part of this software is Googlebot, a system of Web ‘spiders’ or ‘crawlers’ that scan the Internet continuously in search of new pages to add to the immense library from which it draws those that best match your search. Its role is to include new references, update any changes and delete obsolete links. To carry out their job, Google’s digital arachnids access and analyze the content of websites in just a few seconds. Theoretically, there’s nothing suspicious about any of this, but what if Google’s robot spiders are really imposters? According to a study of Googlebot, more than 50 million fake crawlers visit 10,000 websites every month, and the investigation has revealed that 4% of all of these are not what they claim to be. Moreover, out of all these imposters, some 23.5% are being used by hackers to carry out denial of service attacks (DDoS). Thanks to this, the fake spiders can access the servers hosting the Web files through the same port as the legitimate ones. As with everything that circulates on the Web, these crawlers (whether they’re good or bad) enter the Web servers through a connection with a certain bandwidth. The difference is that Google’s spiders access folders and files taking care not to saturate the service, while those responsible for DDos attacks do just the opposite: sending large amounts of data over a short period of time to use the server’s full data transmission capacity and cause it to crash. This recent research is just one indication that these types of attacks are becoming very common on the Web. One reason for this is that if the creator of a Web page wants to have any kind of impact on the Internet, it is impossible to avoid Google’s Web crawlers. If these spiders can’t access the content of a website, it will no longer be indexed in the search engine, and, as we have mentioned before, “if you’re not in Google, you don’t exist”. If however a webmaster would still prefer to avoid such intrusion, it’s possible to do so using the file robots.txt. By saving this in the site’s main directory, you can block access to Google’s Web crawlers, though of course you become practically invisible on the Web. It is also true however, that there are now an increasing amount of security tools that can identify genuine Google crawlers by cross-checking the source IP address –a set of numbers that act as a kind of ID card for each computer- of the crawler. This helps establish whether it has really come from Google or if it is an attack from an unknown source.

How to Check & Fix it - if your PC/Computer/Laptop has been Hacked?

Well..It's the most Dangerous thing..Don't Worry I'll help you to Check and Fix it up! [Cauction : Enable Firewall or Keep it on & if you have any Free Anti-virus please un-instrall it-Sign of Danger] Note: This guide is for all Versions of Windows from Windows2000 onwards. Please follow step-by-Step Process(No Virus or System Compromise - Trust it). Step 1 : Go to Start  Step 2 : Either type cmd in Run option or Go to All Programmes > Accessories > Command  Prompt Step 3 : Type > system.ini press enter Step 4 : A note pad will open as showing following text below: ; for 16-bit app support [386Enh] woafont=dosapp.fon EGA80WOA.FON=EGA80WOA.FON EGA40WOA.FON=EGA40WOA.FON CGA80WOA.FON=CGA80WOA.FON CGA40WOA.FON=CGA40WOA.FON [drivers] wave=mmdrv.dll timer=timer.drv [mci] Step 5 : a) Watch or look at [drivers] text > if it highlights > user=user.drv (OMG! Your  System was Compromised/Hacked) Illustration as below: ; for 16-bit app support [386Enh] woafont=dosapp.fon EGA80WOA.FON=EGA80WOA.FON EGA40WOA.FON=EGA40WOA.FON CGA80WOA.FON=CGA80WOA.FON CGA40WOA.FON=CGA40WOA.FON [drivers] wave=mmdrv.dll user=User.drv [mci] Step 5 : b)  If you are Lucky it should show the Text under [drivers] as timer=timer.drv (You're  safe, i.e; your System is safe :) Illustrated as below: ; for 16-bit app support [386Enh] woafont=dosapp.fon EGA80WOA.FON=EGA80WOA.FON EGA40WOA.FON=EGA40WOA.FON CGA80WOA.FON=CGA80WOA.FON CGA40WOA.FON=CGA40WOA.FON [drivers] wave=mmdrv.dll timer=timer.drv [mci] ----------------------------------------------------------------------------------------- Step 6 : If you're System is Safe > you can peacefully use you're system after restaring  it. Step 7 : If it is Hacked [step 5 > a)] then follow the steps futher as indicated below: Step 8 : Type msconfig in run option from start menu > press enter  Step 9 : Pop-up will open > Look at Startup button or option on the top right hand side of  the pop-up window > Click on it Step 10 : Look at Manufacturer very closly > if it indicates System or Admin leave it as it  is but if it shows "UNKNOWN" > this can be possibily be Virus/Torjan or Hackers Mallicious  Software Step 11 : Uncheck by clicking on the check-box  or Select it and Click on Delete option  Step 12 : Click on Apply > Ok > Restart the later. Step 13 : Go to task Manager from Task Bar > Click on processes > view option > Select  coloum > Click on PID [Process identifier or process ID : meaning a unique number assigned  or given to a process running in the system]  Checkbox > then click ok Step 14 : Note a PID Coloum is Added this is visible under process Step 15 : Go to Command promt or cmd [step1&2] type >netstat > enter Step 16 : Look at state coloum > if it indicates Established > then look at PID Number of  Established IP > go to task manager> Processes>Closely watch PID number Assigned to IP  Address and Click on End Now. [Note: if you don't find PID Number > Restart and Follow the steps from Step 13 Onwards- it  will solve you're issue]  or Alternative way to find PID is listed below - Once you find PID Number of Established Ip  > Follow from Step: -Start Command promt or cmd from start Menu [incdicated in Step1&2] -type > netstat -ano [note: netstat in small and then one space after that use dash -and  type ano without space] and enter -Note Down PID Number of Established Ip and Find it in Task Manager and Click on End Task  Now -Resart you're system PC/Laptop/Destop once all PID with Established is Removed. Please Rate and Comment. Thanks!

Is Hotel Wi-Fi Safe?

Recently, a new authentication vulnerability was identified in the firmware of routers that are used in hotels around the world. This means that new files can be written to the routers and then potentially all connected machines (meaning hotel guests) could become infected. Public Wi-Fi is not a new risk as these networks are unencrypted and send all your data in clear text, unless of course the web site you are visiting offers encryption. Why does it matter that your data is unencrypted? Imagine all your regular post arriving at home written on postcards so that anyone in the delivery chain could read them. It would be a huge invasion of your privacy and unacceptable. The risk of similar but you just can’t see that it was all sent for others to read, should they be so inclined. Stay safe while using public Wi-Fi When using public Wi-Fi in café’s, airports, hotels or even when visiting a place of work that has guest Wi-Fi you should always be cautious on which services you use while connected. Where possible use a virtual private network (VPN). This will encrypt the data being send over the public Wi-Fi network that you are connected to, or put another way it will put your mail back in envelopes. Many scammers set up fake Wi-Fi networks to conduct what is known as a man in the middle attack. If you are in a hotel or airport, make sure you are using the legitimate free Wi-Fi service. For more tips on keeping your data safe while using public Wi-Fi, check out the infographic below. Courtesy : http://t.co/bA90RANT1e

How to Boost Speed of Laptop/Desktops/PC …..

“Speed is the soul of every system”.. Rightly said. Today I’ll help you with few tips to keep your system up and running. a) De-frag your storage: De-fragmenting the Disk or storage is very important for the system to run efficiently. Ask yourself…Would you like a cluttered or messy room to live in or would like to live in the room or apartments which is neat, clean and systematically organized. De-frag just does that for you! Following are the steps: Step 1 : Go to Search option on the status bar type de-fragmenter or de-frag and enter Step 2 : It would ask you to de-frag completely or any specific drive like D:/ or C:/ etc. Select all and click OK. Note : Once De-frag starts it takes about 2-3 hours time depending on your system to de-frag it completely. Step 3: Minimize the de-frag Dialog Box and you may continue doing other work if it’s very urgent or else leave it to get the process completed. b) Delete Temporary Files from your system : Temporary files are unwanted file or scrap which accumulates in your system when you are surfing the web to check your e-mails or doing other stuff. This eats up your system speed – hence to boost it – Please follow the highlighted steps as under: Step 1: Go to Start > type %temp% Step 2: Enter Step 3: A Folder will open > Right Click inside the folder anywhere and select option > select all Step 4: After Selecting all >Press Shift key + Delete key together or simultaneously > Press Enter Step 5: After deleting it > It might ask you that some files can’t be deleted > so in that case> Select skip option > skip all>Click OK Step 6: Re-start your system c) Clear Browsing History : While Browsing the net or internet there are lot of unwanted matters gets collected in your browser which reduces the speed of your browser. Let’s fix this up! Step 1: Go to Internet Settings on you Browser Step 2: Click on ‘General Tab'(If using Internet Explorer > Click on Delete > Tick mark all options from the Dialog Box and click on delete Step 3: On completion click OK and refresh your Browser. d) Flush your Cache Memory : Cache Memory is the Cache memory, also called CPU memory, is random access memory (RAM) that a computer microprocessor can access more quickly than it can access regular RAM. This memory is typically integrated directly with the CPU chip or placed on a separate chip that has a separate bus interconnect with the CPU. Your Cashe Memeory is very useful for HAckers or Criminals to steal your Credintials. So, Let’s learn to fix it as indicated below: Step 1: Go to Command Promt from Accessories Option or simply type cmd in run option and press enter Step 2: Type ipconfig /flushdns (i.e; ipconfig in small then leave one space before forward slash / then type flushdns Step 3: It will show – Window IP configration Successfuly flushed the DNS Resolver Cache. Step 4: Close the Cmd or Command prompt Box and re-stat your system. Comments Welcome!

Do you know Big Data?..

Google Password Alert! Video link: https://youtu.be/HwEGYwCgqtk Courtesy : Paul Moore/HackerNews

What are the 6 Stages Advanced Persistent threat ?

Popular HTTPS sites still vulnerable to OpenSSL connection hijacking attack connection hijacking attack

Some of the Internet's most visited websites that encrypt data with the SSL protocol are still susceptible to a recently announced vulnerability that could allow attackers to intercept and decrypt connections. On June 5, developers of the widely used OpenSSL crypto library released emergency security patches to address several vulnerabilities, including one tracked as CVE-2014-0224 that could allow attackers to spy on encrypted connections if certain conditions are met. Until a few years ago, full-session encryption via HTTPS (HTTP with SSL) was mainly used by financial, e-commerce and other sites dealing with sensitive information. However, the increasing use of mobile devices that often connect over insecure wireless networks, coupled with the past year's revelations of upstream bulk data collection by spy agencies, led to a large number of sites adding support for it. OpenSSL is the most popular cryptographic library for implementing SSL/TLS support on Web servers. In order to exploit CVE-2014-0224 to decrypt and modify SSL traffic, attackers would need to have a "man-in-the-middle" position between a client and a server that both use OpenSSL. Furthermore, the server would need to run an OpenSSL version from the 1.0.1 branch. According to scans performed Thursday by Ivan Ristic, who runs the SSL Labs at security vendor Qualys, about 14 percent of sites monitored by the SSL Pulse project run a version of OpenSSL that allows exploiting the CVE-2014-0224 flaw. The SSL Pulse project monitors the strength of SSL implementations on HTTPS-enabled sites from the list of top 1 million most visited sites as published by Internet statistics firm Alexa -- 154,406 sites as of June 2nd. An additional 36 percent of websites from the SSL Pule data set run OpenSSL versions from the 0.9.x or 1.0.0 branches that also contain the flaw, but against which the exploit known so far doesn't work. Those servers should be upgraded too because it's possible that there are other yet-to-be-discovered ways to exploit the problem, Ristic said in a blog post Friday. The patching rate for CVE-2014-0224 does not appear to be as high as the one for Heartbleed, a more serious vulnerability revealed at the beginning of April that also affected OpenSSL clients and servers. "The good news is that most browsers don't rely on OpenSSL, which means that most browser users won't be affected," Ristic said. "However, Android browsers do use OpenSSL and are vulnerable to this attack. Additionally, many command-line and similar programmatic tools use OpenSSL. A particularly interesting target will be various VPN products, provided they are based on OpenSSL (like, for example, OpenVPN)." Website administrators who want to check if their servers are vulnerable to CVE-2014-0224 can use a free online testing tool developed by Qualys SSL Labs. Courtesy : Lucian Constantin http://www.techworld.com