Information Security Blog | Cyber Security Blog

Sreejith C

Information Security Blog | Cyber Security Blog
Read More

Android's N is in market

Monday, 04 July 2016 05:30

Google usually announces a new version of Android at its annual developer conference called I/O. This year, however, we've already seen two Android N Developer Preview releases, so the search giant doesn't have anything new to announce - or does it?

Today the company is pushing out the third big release of the Android N Developer Preview. According to the company, this is the first "beta quality" iteration of the next OS version, so you may even get away with installing it on your main device without any nastiness (then again, "beta" doesn't mean "bug free", keep that in mind).

Aside from the usual battery of performance improvements and fixes and whatnot, this release brings with it a new update mechanism that emulates the one used in Chrome OS. Basically, whenever a new software update is available, your device will automatically download it in the background, and then automatically install it the next time you restart your phone or tablet.

No more notifications telling you that an update is available, and no need to then confirm that you want to download and install. It will all be a much more seamless process, and booting up after an update is applied should be faster than it used to be too, because the infamous "Android is upgrading" screen is gone.

Read More

The tool purchased from a private party and used to access an iPhone belonging to one of the San Bernardino shooters only works on a "narrow slice" of phones, FBI Director James Comey said Wednesday night.

Speaking to a group at Kenyon College in Gambier, Ohio, Comey said the government is considering whether to share with Apple how officials were able to access an iPhone 5c used by Syed Farook.

"We’re having discussions within the government about, 'OK, so should we tell Apple what the flaw is that was found?'" he said. "That is an interesting conversation because if we tell Apple, then they're going to fix it and we’re back where we started from."

Federal officials announced last month they successfully cracked into an iPhone used by Farook and no longer needed Apple's help in unlocking the device. The Department of Justice and Comey have said all along that the solution they sought in breaking into Farook’s phone would only work on this one phone -- the 5c running iOS 9.

Comey did not reveal the third party that helped the FBI crack into the phone, but said he knows "a fair amount about them" and is confident they'll keep the method used to access the phone private.

"The FBI is very good at keeping secrets and the people we bought this from -- I know a fair amount about them and I have a high degree of confidence that they are very good at protecting it and their motivations align with us," he said.

Apple has been staunch in its position that creating a backdoor for government officials would undermine the security of millions of users. However, Comey said the "slippery slope" argument is a "fallacy."

"The controversy over the Apple case, the challenge of encryption more broadly, has been chock full of slippery slope arguments and absolutist arguments," he said. "Every time you hear someone making a slippery slope argument, an alarm should go off in your head."

"The notion that privacy should be absolute or the government should keep their hands off our phones, to me just makes no sense given our history and our values," he said.

After the Department of Justice dropped its case against Apple last month, the company issued a statement saying legal action should never have been brought.

"From the beginning, we objected to the FBI's demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred," Apple said. "We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated."

"This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion," the company added.

Read More

Encrypt your text and calls with these apps

Monday, 04 July 2016 05:30

Mobile phone users are becoming more savvy to the potential security risks of standard, unencrypted text messaging and wary of government intrusion into everyday communications. Some consumers require encrypted phone calls for information-sensitive business requirements and others just don't like the idea of others prying into their personal lives. Gizmag takes a look at a sampling of the apps available for iOS and Android (and sometimes desktop) to encrypt mobile communications, both text messaging and phone calls.

 TextSecure lets you text everyone in your contact list, not just those who use the app Wickr messages disappear after a configurable amount of time and screenshots are disabled by default CoverMe gives users a vault of secure media to add into texts GliphMe is a feature of Gliph that allows for anonymous conversations over the web to reach ...

These options may not be for running a coup in a war-torn country (though Open Whisper Systems offered its products early to protesters in Egypt), or be compliant with the United States' Health Insurance Portability and Accountability Act (HIPAA) (though some of these apps may be and may specifically claim to be so). There are also separate options more appropriate for businesses, with prices to match, but for the ordinary user who’s concerned about man-in-the-middle attacks in coffee shops, or government intrusion on an "everyday" level, these apps could be enough.

We also don’t claim to evaluate the security algorithms used with each app, though most have fairly detailed FAQs for those wanting more information and many have open source algorithms.

One should also distinguish between secure messages that are archived for users to access later, as you usually expect with texts, and ephemeral messages specifically not stored in the cloud or on servers and that will disappear locally after a set amount of time. Some of these apps offer both, and some have settings to change how long messages last. Most apps specifically only allow you to message or call other users of the app, but even if an app allows you to message or call your whole contact list, the communication will not be secure end-to-end.

Keep in mind that no app can get around physical security. If you choose not to set a passcode, then someone with physical access to your phone can read your messages, or if you send racy photos with an app that disables screenshots, the end party can always circumvent that more clumsily with an ordinary camera. In other words, prudence is still necessary if you’re truly concerned with privacy. That caveat in place, let’s take a look at six text messaging apps and two phone apps that will help you secure your mobile communications.

10 best android hacking tools - 4.3 out of 5 based on 18 reviews
Read More

10 best android hacking tools

Monday, 04 July 2016 05:30

1. WiFi Kill

WiFi Kill is one of the best app for disable other user wifi connection from your android mobile. You just need to download this amazing android app in your phone and you can easily kick off other user from connected wifi . Make sure your phone is rooted and if not follow our guide for rooting android phone.

2. WiFi Inspect

WiFi inspect android app scan your wifi networks for vulnerability. You can see other user ip address from this android app. Basically this android app scan other ip address, mac address and device name.

3. DroidSqli Android App

Droidsqli android app helps you in finding vulnerable websites. You can easily hack websites that vulnerable from sqli with this amazing android app.

4. NMAP for Android

If you run backtrack and kali in pc , you must know about what is the importance of NMAP tools in hacking. You can also download this tools for android mobile. You can scan networks for finding ports open  and system details with NMAP android app.

5. Shark for Root

Like the name this android app work with Wireshark software. If you ever run wireshark software in your pc , you must know about dump files that we created from wifi sniffing. With this tools you can sniff any networks and collect lots of data from any wifi network. Later you can read your data in PC from Wiresharek Software.

6. Fing Networks Tools

Fing is a yet another android apps like wifi inspector but this one is bit different from that. You can scan whole network from various scans with this android hacking app. This app is totally free and come with without ads. You can see every connected user ip , mac, vendor name and lots of info with this android app.

7. inSSIDer

Inssider helps you in finding hidden wifi in your area. If a smart wifi admin lived in your area they set wifi ssid ti hidden, normally you can't see wfi name and signal in your pc and android mobile. But If you download this amazing app , you can see hidden ssid wifi signal and also find low range wifi signal in your area, With this android app you can also see lots of info related to wifi connection.

8. ZAnti Penetration Testing Android Hacking Toolkit

This is one of favourite tools for hacking networks and run security tests on wifi networks. You can find almost all security tools related to hacking any wifi networks from this android app. ZAnti is one of the most impressive android app related to hacking from android phone.

9. Install Backtrek on Android Mobile

Like we all know backtrack is full devoted for security testing and finding out vulnerabilities in system. You can download and install this fully featured hacking os in your mobile from this guide.

10. WPS Connect

If you really want to hack wifi password from android mobile download WPS connect wifi password hacking android app. You can easily connect any wifi  network without password from this wifi hacking apk. But make sure that wifi runs on wps security. This android app has a collection of master key routers that runs in wps security mode. So you can easily hack any wps networks and bypass security and connect your android mobile device with wifi.