This Is Virus Community

Your Ultimate Destination To The Best Technology Update On The Web.

This Is Virus Community

Your Ultimate Destination To The Best Technology Update On The Web.

This Is Virus Community

Your Ultimate Destination To The Best Technology Update On The Web.

This Is Virus Community

Your Ultimate Destination To The Best Technology Update On The Web.

This Is Virus Community

Your Ultimate Destination To The Best Technology Update On The Web.

Wednesday, 10 January 2018

WhatsApp Flaw Could Allow 'Potential Attackers' to Spy On Encrypted Group Chats

WhatsApp Flaw Could Allow 'Potential Attackers' to Spy On Encrypted Group Chats

A more dramatic revelation of 2018—an outsider can secretly eavesdrop on your private end-to-end encrypted group chats on WhatsApp and Signal messaging apps.

Considering protection against three types of attackers—malicious user, network attacker, and malicious server—an end-to-end encryption protocol plays a vital role in securing instant messaging services.

The primary purpose of having end-to-end encryption is to stop trusting the intermediate servers in such a way that no one, not even the company or the server that transmits the data, can decrypt your messages or abuse its centralized position to manipulate the service.

In order words—assuming the worst-case scenario—a corrupt company employee should not be able to eavesdrop on the end-to-end encrypted communication by any mean.

However, so far even the popular end-to-end encrypted messaging services, like WhatsApp, Threema and Signal, have not entirely achieved zero-knowledge system.

Researchers from Ruhr-Universität Bochum (RUB) in Germany found that anyone who controls WhatsApp/Signal servers can covertly add new members to any private group, allowing them to spy on group conversations, even without the permission of the administrator.

As described by the researchers, in the pairwise communication (when only two users communicate with each other) server plays a limited role, but in case of multi-user chats (group chat where encrypted messages are broadcasted to many users), the role of servers increases to manage the entire process.

That's where the issue resides, i.e. trusting the company's servers to manage group members (who eventually have full access to the group conversation) and their actions.

As explained in the newly published RUB paper, titled "More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema," since both Signal and WhatsApp fail to properly authenticate that who is adding a new member to the group, it is possible for an unauthorized person—not a group administrator or even a member of the group—to add someone to the group chat.

What's more? If you are wondering that adding a new member to the group will show a visual notification to other members, it is not the case.

According to the researchers, a compromised admin or rogue employee with access to the server could manipulate (or block) the group management messages that are supposed to alert group members of a new member.

"The described weaknesses enable attacker A, who controls the WhatsApp server or can break the transport layer security, to take full control over a group. Entering the group, however, leaves traces since this operation is listed in the graphical user interface. The WhatsApp server can therefore use the fact that it can stealthily reorder and drop messages in the group," the paper reads. 
"Thereby it can cache sent messages to the group, read their content first and decide in which order they are delivered to the members. Additionally, the WhatsApp server can forward these messages to the members individually such that a subtly chosen combination of messages can help it to cover the traces."

WhatsApp has acknowledged the issue, but argued that if any new member is added to a group, let's say by anyone, other group members will get notified for sure.

"We've looked at this issue carefully. Existing members are notified when new people are added to a WhatsApp group. We built WhatsApp so group messages cannot be sent to a hidden user," a WhatsApp spokesperson told Wired. 
"The privacy and security of our users is incredibly important to WhatsApp. It's why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted."
But if you are not part of a group with very selected members, I'm sure many of you would relatively ignore such notifications easily.
Researchers also advised companies to fix the issue just by adding an authentication mechanism to make sure that the "signed" group management messages come from the group administrator only.
However, this attack is not easy (exception—services under legal pressure) to execute, so users should not be worried about it.

WPA3 The New Wi-Fi Security Protocol To Be Launched In 2018

WPA3 The New Wi-Fi Security Protocol To Be Launched In 2018

Remember the Krack Wi-Fi vulnerability from October last year that has put all internet users to a dismay? Well, the good news is that it’s very possible we won’t have to go through that risky situation again.

Just a few days ago, during the annual CES event (one of the biggest technology and innovation shows), the Wi-Fi Alliance has announced the launch of a new wireless security protocol—Wi-Fi Protected Access WPA3 this year.

WPA3 will replace the current WPA2—the security protocol that all Wi-Fi networks have been using for over 15 years.

Why is WPA2 considered vulnerable?

The main insecurity issue of WPA2 is given by the “unencrypted” open Wi-Fi networks that makes it incredibly easy for anyone who uses the same network to access other devices.

Secondly, one of the WPA2 protocols is that the same password is used by clients and business owners when joining a Wi-Fi network (for instance the clients of a coffee shop and the owner of the coffee shop).

Due to these vulnerabilities, hackers can intercept Wi-Fi traffic and steal online data quite effortlessly.

In what way is WPA3 going to be safer?

  • Improved user privacy
WPA3 will increase users’ privacy when they connect to open Wi-Fi networks (such as those in cafes, restaurants, etc.) by introducing individualized data encryption.
  • Higher security standard
The future Wi-Fi security protocol will introduce a 192-bit security suite for increased protection; the 192-bitis a security requirement used by governments and big industrial organization.

  • Protection on IoT devices
Wi-Fi Alliance, which is composed of 15 major tech companies (including Apple, Cisco, Dell, Intel, Microsoft, Qualcomm and more) stated that WPA3 will also offer smoother security for IoT devices.

  • New handshake protocol
WPA3 standard will use a new handshake protocol, which will be far less vulnerable to dictionary attacks (the method hackers use of exhausting all possible password possibilities).

Transition from WPA2 to WPA3 could take a while

WPA3 won’t come into force until in a few months. Meanwhile, Wi-Fi Alliance said it will continue to optimize WPA2 since it was the target of severe attacks.

Regardless of WPA2 or WPA3, you should always secure your Wi-Fi network with the help of a VPN, simply to supplement the protection of your data.

Friday, 29 December 2017

Three more Malicious Backdoor plugins with More than 89,000 Active Installs found in WordPress Repository

Three more Malicious Backdoor plugins with More than 89,000 Active Installs found in WordPress Repository

WordPress has such a massive ecosystem consist of a number of plugins and themes, threat actors involved in various malicious activities such as hiding the PHP backdoor scripts into the WordPress Security Plugin.

In this incident, the attackers sell existing unsupported plugins to new authors with backdoor code inserted and their goal is to insert SEO spam to the sites with the plugin installed.

Wordfence uncovers the incident and WordPress security team has closed the plugin from the store which means the plugin not available to download from the repository.

There is too many up’s and down’s in WordPress usage, it requires a security improvement, so the WordPress Penetration testing is essential to find the vulnerabilities and to secure your WordPress powered blog.

Malicious WordPress backdoor Plugins

Duplicate Page and Post

The Functionality of the plugin is to create a cloned post or the page, now the Current Owner of the plugin inserted backdoor scripts which makes a request to and injects cloaked backlinks to the site.

It has more than 50,000+ Active Installs and the plugins Removed from on December 14, 2017.

No Follow All External Links

Behaviour same as like Duplicate Page and Post this backdoor requests to and returns content based URLs and the backdoor used in injecting backlinks for SEO. It has more than 9,000++ Active Installs and the plugins Removed from on December 19, 2017.

WP No External Links

It is same as the previous two backdoors it requests and returns content based on the URL and the backdoor used in injecting backlinks for SEO.

It has more than 30,000+ Active Installs and the plugins Removed from on December 22, 2017.

If you have the plugin installed it is highly recommended to uninstall them immediately and scan the website for infection with sucuri and gravity scan.

Thousands of WordPress websites get hacked every day, so securing your blog must be top of mind. Luckily, it’s not all rocket-science as you need to make most of the tweaks only once.Here you can find Most Important Considerations Check to Setup Your WordPress Security.

Friday, 13 October 2017

Intel Introduced Its First Quantum Processor

Intel Introduced Its First Quantum Processor

The future of computing undoubtedly passes through the quantum computer. So far, research around quantum computers has proved quite promising and Intel has already realized the potential of this area.

Last week, the market leader in the manufacture and marketing of chips and processors for computers announced that it is creating a quantum processor. So, now let’s explore all the details about this new quantum processor.

The World of Qubits

This is yet another major move by Intel, which shows that Intel is committed to being present in the future. This future will certainly not be far behind.

Quantum computers have the power to revolutionize industries and areas of science, for example, in
the area of Artificial Intelligence, making the process of operating neural networks faster or in biology, allowing to analyze in more detail small molecular structures.

While normal computers encode information in bits, quantum computers use quantum bits, that is, Qubits, which take advantage of surprising quantum phenomena and can, therefore, be in 2 different states at the same time.

The new Intel Quantum Processor

This new Intel processor has 17 Qubits and proves to be quite promising. Thus, this is the first processor of the company since the 50 million dollar partnership with QuTech was announced. In addition, the processor has a special protection system that allows it to last longer.

In fact, one of the main difficulties of computer scientists and physicists at this point in terms of the development of quantum computers is related to the life of the processor and to the isolation of the system.

“The new design improves quality, thermal performance and reduces radio frequency interference” stated by the Jim Held, the Director of Technology Research at Intel.

This move from Intel makes perfect sense since the tech giant Google, Microsoft and IBM have also publicly shown the results of their efforts in the field of quantum computing. Being one of the leading processor producers, Intel wants to ensure its influence in the future. However, this does not mean that the current processors will soon become obsolete.

Sunday, 9 July 2017

Top Interview Questions for IT Pro

Top Interview Questions for IT Pro

1. What is the difference between a hub and a switch?
2. What is a network?
3. What is Active Directory?
4. What is TCP/IP and what does it stand for?
5. What is a default gateway?
6. What does DHCP stand for?
7. What is an IP Address?
8. What is the significance of the IP address
9. What are the 3 major classes of an IP network?
10. What is a Class D IP address?
11. What is OSPF?
12. A user is complaining of delays when using the network. What would you do?

Network Administrator Positions

Some of these questions may also be included in the previous category for Help Desk Technician positions. In either case, they’re worth preparing for.

13. What is the difference between layer 2 and layer 3 in the OSI model?
14. What is the difference between a hub, switch, and router?
15. What is a VLAN?
16. What is the difference between TCP and UDP?
17. How do you distinguish a DNS problem from a network problem?
18. What are a runt, Giant, and collision?
19. What is a broadcast storm?
20. What is the purpose of VRRP?
21. What is a VPN?
22. What is a default route?
23. How do you set a default route on an IOS Cisco router?
24. What is a metric?
25. What is a MAC address?
26. What is ARP/RARP?
27. Describe a TCP connection sequence.
28. What is MTU?
29. What other TCP setting can you modify besides MTU to shorten packets?

System Administration Position

Here are a few more questions that are a little bit more difficult. System Admins should know all these answers by heart in addition to the Network Administrator questions.

30. What is the difference between layer 2 and layer 3 devices?
31. What is the subnet for a class C network?
32. Have you configured a NIS server/client before? If so, describe what you did.
33. Have your configured a NFS server?
34. What are RAID 1 and RAID 5?
35. What are the required components of Windows Server 2003 for installing Exchange 2003?
36. What must be done to an AD forest before Exchange can be deployed?
37. What Exchange process is responsible for communication with AD?
38. What connector type would you use to connect to the Internet, and what are the two methods of sending mail over that connector?
39. How would you optimize Exchange 2003 memory usage on Windows Server 2003 with more than 1Gb of memory?
40. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog?
41. Name the process names for the following: System Attendant, Information Store, SMTP/POP/IMAP/OWA.
42. What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise?
43. What are the disadvantages of circular logging?
44. What is Active Directory schema?
45. What are the domain functional levels in Windows Server 2003?
46. What is the default domain functional level in Windows Server 2003?
47. What are the forest functional levels in Windows Server 2003?
48. What is a global catalog server?
49. How can we raise domain functional and forest functional levels in Windows Server 2003?
50. What is the default protocol used in directory services?
51. What is IPv6?
52. What are the physical & logical components of ADS?
53. In which domain functional level, we can rename a domain name?
54. What is multimaster replication?
55. What is a site?
56. Which is the command used to remove active directory from a domain controller?
57. What is the file that’s responsible for keeping all Active Directory databases?

General HR Questions

These general questions can be the toughest ones to get through. They might sound easy, but they require a lot of thought and preparation. I would suggest writing down your answers first, then reading them over a few times so that you’re comfortable in answering them.
Some of these questions are very tricky and can get you in trouble. So if you run into problems finding a good answer, check out these 64 Interview Questions for some help.

58. Tell us a little bit about yourself.
59. What are your greatest strengths?
60. What are your greatest weaknesses?
61. What do you like about your current job or what did you like about your last job?
62. Give us an example of when you handled a stressful situation.
62. Give us an example of one of the toughest problems you had to face, and how did you deal with it?
63. Why do you think you should get this position?
64. Do you think you are the best person for this job? If so, why?
65. Why did you apply for this position?
66. Why did you apply for a position with our company and what do you know about us?
67. Why should we hire you?
68. Tell us about your short and long term goals?
69. Where do you see yourself five years from now?
70. Please explain, what does customer service mean to you?
71. What does being a team player mean to you?
72. Give us an example of how you handled a conflict with another employee?
73. What are your salary expectations?
74. What would you consider your most important accomplishment?
75. How would you define success?
76. At your last review, what improvements did your manager suggest you make?
77. What would your co workers say about you?

Saturday, 17 June 2017

Israeli Spies Hacked ISIS Computers, Exposed Their Plans For “Laptop Bomb”

Israeli Spies Hacked ISIS Computers, Exposed Their Plans For “Laptop Bomb”

Israeli government spies have hacked into the operations of ISIS. The group is inventing a laptop computer bomb that could have blasted the commercial aircraft to the US. However, Israeli cyber researchers have hacked into the operations of ISIS months ago and revealed their plans.

Recently, Israeli government spies have hacked into the operations of ISIS. The group is inventing a laptop computer bomb that could have blasted the commercial aircraft to the US. However, Israeli cyber researchers have hacked into the operations of ISIS months ago and revealed their plans.

Experts David Sanger and Eric Schmitt along with two of the American officials have stated that the process of bomb encryption and protection is what supported them to analyze how such bombs works.

A ban was also executed by the Department of Homeland Security on allowing electronic devices onto aircraft which are larger than the smartphones. The ban was implemented in ten countries in the Middle East and Africa.

After U.S laptop ban, Britain announced a similar prohibition for flights originating from six countries. The reports from The New York Times states that the laptop bomb was developed in such a way that it can cross through airport X-ray machines without detection.

The bomb was intelligently placed in the place of laptop battery which is capable of tricking the X-ray detectors in the airport. The reports also said that Israel had shared this information with U.S. in the past two years. Israel and U.S are working together against cyber terrorism. Most of their cooperating have been against Iran.

President Donald Trump made this information on this bomb attack public, which exposes it to Russia. This event has been the source of a trouble for Israeli officials. Trump had also tweeted that he did share the information with Russia and that he has full right to do so.

Wednesday, 7 June 2017

Intel Core i9 Extreme – Most extreme Desktop Processor Ever

Intel Core i9 Extreme Most Extreme Desktop Processor Ever

The war of processors between AMD and Intel is very well known. This month AMD revealed its first monstrous Ryzen Threadripper processors with up to 16 cores and 32 threads. AMD intended to target the world’s fastest ultra-premium desktop systems. Yesterday, Intel also introduced its new Core X-series, and it’s anchored by the company’s first 18-core CPU, the Core i9 Extreme. The i9 Extreme is a befitting reply to AMD’s 16-core/32-thread Ryzen Threadripper.

Last week, the picture was leaked on a tech forum and it was showing that Intel Likely to Launch a high-end Core i9 CPU with 12 cores. However, the 18 core processor is a good surprise from Intel.
“The Intel Core X-series processor family introduces a series of firsts that reflect the extreme performance we are delivering,”

Intel said today.

“This family includes Intel’s first teraflop desktop CPUs, a prime example of just how much raw compute these processors can handle. We’re also introducing the entirely new Intel Core i9 processor, representing the highest performance for advanced gaming, VR and content creation.”

About the Core i9, these Intel chips feature a base clock speed of 3.3GHz, reaching up to 4.3GHz dual-core speed with Turbo Boost 2.0 and 4.5GHz with Turbo Boost 3.0, which implies that there’s plenty of room for overclocking. At the top of the line-up is the new Intel Core i9 Extreme Edition processor – the first consumer desktop CPU with 18 cores and 36 threads.

All of the latest X-Series chips run on Intel’s new x299 chipset, replacing the x99 platform used by their predecessors. New x299-based motherboards and full desktop systems will be available “in the coming weeks”.
The Core i9 Extreme Edition i9-7980XE, what Intel calls the first teraflop desktop PC processor ever, will be priced at $1,999. The lower-tier Core i9 family: Core i9 X-series chips in 16-core, 14-core, 12-core, and 10-core versions, with prices climbing from $999 to $1,699. If these Core i9 X-series chips are too rich, Intel also introduced three new Core i7 X-series chips, priced from $339 to $599, and a $242 quad-core Core i5. All of the new chips are due “in the coming weeks,” Intel said.

Tuesday, 6 June 2017

Face Swap

Android users there is a good news for you! Microsoft just released an Android app in Google play store. The app had been launched in Play Store and the iOS version is already on its way. The new app launched by Microsoft was called Face Swap.

Android users there is a good news for you! Microsoft just released an Android app in Google play store. The app had been launched in Play Store and the iOS version is already on its way.
The new app launched by Microsoft was called Face Swap. As its name suggests this app does a simple job to put your face on pictures it finds online using Microsoft’s super-advance facial recognition method and Bing image search.
Well, users need to click a selfie which will trigger the facial recognition system. Once the facial recognition system recognizes your face it will let you search online for images or you can even choose pictures from your camera roll for popular faces and displays.
This app has the potential to match skin tones, lighting conditions, head turns and tilts automatically. This app also lets you put multiple faces in a single scene, which is perfect for group shots.

The firm says “Face Swap was developed from conception to app store over 5 months by the small incubation team within the Bing organization. The engineering team included developers in remote locations, allowing us to work around the clock and iterate rapidly on the product. We employed continuous user research studies with external participants, which helped us build a product that is easy and intuitive to use”

For Download Click Here

Saturday, 13 May 2017

Protect Against WannaCry: Microsoft Issues Patch For Unsupported Windows (Xp, Vista, Windows 8 & 8.1 Users)

Protect Against WannaCry: Microsoft Issues Patch For Unsupported Windows (Xp, Vista, Windows 8 & 8.1 Users

Update —  If you are thinking that activating the kill-switch has completely stopped the WannaCry Ransom ware, then you are mistaken. WannaCry 2.0 version has just arrived without any 'kill-switch' function. Get prepared for the next massive wave of ransom ware attacks.

In the wake of the largest ransom ware attack in the history that had already infected over 114,000 Windows systems worldwide since last 24 hours, Microsoft just took an unusual step to protect its customers with out-of-date computers.
Microsoft has just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions.
So, if your organization, for some reason, is still running on Windows XP ,Vista, Windows 8 & 8.1 you are strongly advised to download and Apply The Patch Apply The Patch.

WannaCrypt, or also known as WannaCry, is a new ransom ware that wreaked havoc across the world last night, which spreads like a worm by leveraging a Windows SMB vulnerability (MS17-010) that has been previously fixed by Microsoft in March.

A large number of successful infections of the WannaCry ransom ware at an astonishing pace concludes that either significant number of users have not yet installed the security patch released in March (MS17-010) or they are still running an unsupported version of Windows for which Microsoft is no longer releasing any security update.

So far, Criminals behind WannaCry Ransom ware have received nearly 100 payments from victims, total 15 Bitcoins, equals to USD $26,090.

Moreover, if you are using Windows 10, you are on the safe side.

"The exploit code used by WannaCrypt was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack," Microsoft says.

Once infected, WannaCry locks files on the computers and requires victims to pay $300 in Bitcoins to get back the control of their systems, along with a threat to double the price to $600.
But there's no guarantee of getting your files back even after paying the ransom.

How is WannaCry Spreading?

Such ransom ware infection typically leverages social engineering or spam emails as a primary attack vector, tricking users into downloading and executing a malicious attachment.
WannaCry is also leveraging one such social engineering trick, as FoxIT researchers uncovered one variant of the ransom ware that is initially distributed via an email containing a link or a PDF file with payload, which if clicked, installs WannaCry on the targeted system.
Once executed, the self-spreading WannaCry ransom ware does not infect the targeted computers immediately, as malware reverse engineers found that the dropper first tries to connect the following domain, which was initially unregistered:


If the connection to the above-mentioned unregistered domain fails (which is obvious), the dropper proceeds to infect the system with the ransom ware that would start encrypting files.
But if the connection is successful, the dropper does not infect the system with the WannaCry ransom ware module.
A security researcher, tweeting as MalwareTech, did the same and registered the domain mentioned above, accidentally triggering a "kill switch" that can prevent the spread of the WannaCry ransom ware, at least for now.
Malware Tech registered this domain by spending just £10, which makes the connection logic successful.
"In other words, blocking the domain with firewall either at ISP or enterprise network level will cause the ransom ware to continue spreading and encrypting files," Microsoft warned.
If infected, the malware scans the entire internal network and spread like a worm into all unlatched Windows computers with the help of SMB vulnerability.
The SMB vulnerability has been identified as EternalBlue, a collection of hacking tools allegedly created by the NSA and then subsequently dumped by a hacking group calling itself "The Shadow Brokers" over a month ago.

So Far, Over 114,000 Infections Detected in 99 Countries

WannaCry Ransom ware attack has become the largest ransom ware infection in history within just a few hours.

  • A total of 16 U.K. organizations has been affected by the ongoing attack, including the National Health Service (NHS), which was forced to reject patients, cancel operations, and reschedule appointments due to malware infection.
  • WannaCry also targeted Spanish telecom giant Telef√≥nica infecting by some of its computers on an internal network, but did not affect clients or services.
  • Other victims of the attack include Portugal Telecom and Russia’s MegaFon.
  • Delivery company FedEx was also a victim.
  • Users from Japan, Turkey, and the Philippines were also affected.

7 Easy Steps to Protect Yourself

Currently, there is no WannaCry decryption tool or any other solution available, so users are strongly advised to follow prevention measures in order to protect themselves.

  • Keep your system Up-to-date: First of all, if you are using supported, but older versions of Windows operating system, keep your system up to date, or simply upgrade your system to Windows 10.
  • Using Unsupported Windows OS? If you are using unsupported versions of Windows, including Windows XP, Vista, Server 2003 or 2008, apply the emergency patch released by Microsoft today. (Click Here to Download)
  • Enable Firewall: Enable firewall, and if it is already there, modify your firewall configurations to block access to SMB ports over the network or the Internet. The protocol operates on TCP ports 137, 139, and 445, and over UDP ports 137 and 138.
  • Disable SMB: Follow steps described by Microsoft to disable Server Message Block (SMB).
  • Keep your Antivirus software up-to-date: Virus definitions have already been updated to protect against this latest threat. (KasperSky Internet Security Premium Click Here to Download) 
  • Backup Regularly: To always have a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.
  • Beware of Phishing: Always be suspicious of uninvited documents sent an email and never click on links inside those documents unless verifying the source.

Tuesday, 28 March 2017

Difference Between LAN, WAN, MAN, CAN, VPN, BAN, NAN, SAN.

Difference Between LAN, WAN, MAN, CAN, VPN, BAN, NAN, SAN

A computer network is an interconnection of various devices like laptops, routers, switches, servers, etc. with the help of wired or wireless means. We can differentiate these networks by their reach, i.e., geographical area. For example, we have local area network, wide area network, personal area network, metropolitan area network, near-me network, etc. Whatever connection you use, whether your home WiFi or the office Ethernet, you’re a part of some computer network. A computer network can include devices like routers, hubs, switches, end-user devices, repeaters, network cards, etc. These devices can be arranged in various network topologies as per the requirement.

Local Area Network (LAN)

LAN is a form of a computer network most known to the general public. It has a limited reach, roughly a bunch of closely situated houses or building. And that’s because we typically use the Ethernet technology (IEEE 802.3) to power our local area networks. The ethernet cables we lay across our houses and offices have their practical limitations. Beyond a certain length, the speed gets degraded. The reach of a LAN can be enhanced using repeaters, bridges, etc.

Home Area Network (HAN)

A kind of local area network is the HAN (Home Area Network). All the devices like smartphones, computers, IoT devices, televisions, gaming consoles, etc. connect to a central router (wired or wireless) placed in a home constitute a home area network.

Wireless LAN (WLAN)

This type of computer network is a wireless counterpart of the local area network. It uses the WiFi technology defined as per the IEEE 802.11 standards. If you’re the one who thinks WiFi and WLAN are the same things, then you need to rectify your confusion. They are completely different. WiFi is used to create a wireless local area network.

WiFi networks can reach up to a few hundred meters in a clear line of sight. However, just like wired LAN, its range can be increased using wireless repeaters and bridges.

Personal Area Network (PAN)

As the name suggests, a personal area network is intended for personal use within a range of a few ten meters. Mainly, the technologies used for creating personal area networks are wireless. A notable example of WPAN is the Bluetooth technology, mostly found on portable devices like smartphones, laptops, tablets, wearable, etc. Other PAN technologies are Zigbee, Wireless USB, etc.

Campus Area Network (CAN)

A network infrastructure covering the school, university, or a corporate premises can be dubbed as campus area network. It can comprise of several LANs, a central firewall, and connected to the internet using a leased line or any other means.

Metropolitan Area Network (MAN)

The area covered by a MAN is quite larger in comparison to a LAN and CAN. In fact, a MAN can be used to link several LANs spread across a city or a metro area. A wired backhaul spread across a city is used to powers a metropolitan area network in that place. You might have known about various city-wide WiFi networks in different parts of the world.

Wide Area Network (WAN)

We can think of a WAN as the superset of all the small networks we find in our homes, offices, cities, states, and countries. The router or modem placed at your home is a device used to connect to the WAN. The internet is also a type WAN that spans across the entire earth.

Various technologies like ADSL, 4G LTE, Fiber optic, cable, etc. are used to connect to the internet. However, these technologies mostly confine to a country at max. Cables are laid across countries and continents to establish global connectivity.

Storage Area Network (SAN)

Generally, it is used to connect external storage devices to servers but make them believe that the storage is attached directly. The technology used to accomplish this is known as Fiber Channel.

Body Area Network (BAN)

You can create a body area network by using wearable devices like smartwatches, fitness bands, biometric RFID implants, and medical devices placed inside the body like pacemakers. Wireless BAN is the primary form used to created such networks. It is defined as per the IEEE 802.15.6 standard which describes a short-range, extremely low power wireless communication within or in a vicinity of the human body.

Wireless BAN can work together with PAN technologies. For instance, a Bluetooth-connected smartphone can be used to sync data from wearables and various sensors present in the body.

Near-me Network (NAN)

Although it sounds totally unfamiliar, you use Near-me network almost every day. Remember chatting with your friends on Facebook while all of you were sitting in the same room. You were part of a NAN, even though you might be on the networks of different carriers.

A message from your device would traverse all the way to Facebook servers over the internet come to your friend’s device sitting right next to you. In a logical way, both the device are on some sort of network. Basically, the criteria for the devices is to lie in proximity. They don’t need to be connected to the same network. For instance, they can be connected via WiFi, cellular, etc.

Virtual Private Network (VPN)

VPN is a type of computer network which doesn’t have physical existence. The devices that are part of a VPN could be present anywhere on the earth, connected to each other over the internet. VPNs are used by corporate to interconnect their offices located in different places and give their remote employees access to company’s resources. It has phased out another type of network known as Enterprise Private Network, a physical network created by organizations to link their office locations.

Monday, 14 November 2016

USB Thief This Self Projecting USB Trojan Can Give You Nightmares

USB Thief This Self Projecting USB Trojan Can Give You Nightmares

USB Thief This Self Projecting USB Trojan CanSecurity researchers have identified a new malware named USB Thief that has the ability to steal data from air-gapped computers without leaving its trace. The malware uses a unique method of protecting itself with AES128-encryption and renaming the files in each new instance.

Imagine a malware that spreads through USB drives, steals your computer’s data and goes undetected. Sounds like a bitter pill to swallow? Well, security researchers have spotted this unique data-stealing trojan in the wild that comes with self-protection mechanism that protects it from being reproduced or copied.

The researchers at ESET security firm have unveiled the fact that Win32/PSW.Stealer.NAI malware, or USB Thief, can attack the isolated or air-gapped computers. Each attack of this malware relies on a USB device and it leaves no evidence on its target.

How does USB Thief spread in the wild?

Instead of spreading via the tried-and-tested techniques of autorun files and shortcuts to run itself, USB Thief uses another technique that involves using itself in the portable versions of popular application like NotePad++, Firefox web browser, and TrueCrypt on thumb drives.This queer fish takes advantage of this disguise and finds home in the command chain of such applications in the form of a dynamically linked library or a plugin. As a result, whenever the target runs the applications, the malware also runs in the background.

The protection mechanism of USB Thief.

The USB Thief malware contains six files — four executables and two containing configuration data. Talking about its self-protection techniques, the malware uses two methods:1) Some of the files are protected by AES128-encryption.
2) The filenames are generated with some cryptographic jugglery that makes the filenames different for every instance of malware.The researchers found it very challenging to crack this dish fit for hacking Gods. Here’s is the execution flow of malware explained in a flow-chart. The malware operates with 3 payloads that interact with two configuration files and implements the data stealing functionality with the payload.
At the moment, the USB Thief malware is not widespread but its ability to be used in targeted attacks on isolated computers makes it the black sheep of the malware family. fossBytes advises you to turn of Autorun feature in your computer and do not use USB drive from random sources.