Wednesday, 30 March 2016
A hacker may use an antenna, an invisible chip known as a dongle, both readily available for around $15 (USD), plus an easy brand of code to trick the WiFi chip linked on the target pc into accepting it a mouse.
Wireless mice leave billions at risk of computer hack
Balint Seeber and Marc Newlin are checking how far apart they can be while still have the ability to hack into one another’s computers. It turns out its not a small distance -it’s 180 meters (around 197 yards) – the length of approximately one and a half American football fields.
The pair work for Bastille, a startup cyber security firm that has uncovered a vulnerability they say leaves millions of networks and billions of computers susceptible to attack. They are calling it Mousejack.
Unlike Keyboards, wireless mice from corporations like HP, Lenovo, Amazon, Dell and others use unencrypted signals to communicate with computers.
“They have not encrypted the mouse signals, that makes it possible for the attacker to send unencrypted signals to the WiFi dongle pretending to be a keyboard and have it result as keystrokes in your pc. This could be the same as if the attacker was sitting at your pc typing on the computer,” stated the security researcher, Newlin.
A hacker can use an antenna, a wireless chip referred to as a dongle, both available for around $15 (USD), and an easy line of code to trick the WiFi chip linked to the target pc into accepting it as a mouse.
“So the attacker can ship data to the dongle, fake it as a mouse but say ‘actually I’m a keyboard and please type these letters’,” added Newlin.
“If we send unencrypted keyboard strokes as if we had been a mouse it began typing on the PC, typing at a a thousand words per minute,” stated Chris Rouland, the CTO and Founder of Bastille.
At a 1000 words/minute, the hacker can take over the computer or gain access to a network within a few seconds.
Rouland says that while firms are superb at encrypting and securing their networks and web sites, they don’t compensate for all cyber traffic across the complete radio spectrum. He says it is time to re-think cyber safety, especially in a world where smartphones are capable of transmitting huge quantities of information per second.
“Nobody was looking at the air space. So I wanted to construct this cyber x-ray vision to have the ability to see what was inside an organization’s air space versus what was simply just plugged into the wired network or what was on a WiFi hotspot,” stated Rouland.
Bastille is hoping to cash in on its security flaw findings and provide new forms of sensors that take into consideration more of such threats present in a wireless society.
In the meantime, Bastille is keeping tabs on the wireless mouse problem. They are saying some firms are beginning to supply firmware updates to correct the safety issues. Bluetooth devices aren’t vulnerable to this sort of attack.
See the video below to for more explanation:
The post WiFi mouse leave billions at risk of computer hack: cyber security firm appeared first on GadgTecs.
from GadgTecs http://ift.tt/1q0Rp1z
Friday, 25 March 2016
PubHTML5 is a leading software vendor dedicated in providing online and offline flip book maker for users from all over the world. If you are bored with general digital books and are looking for a creative flipbook tool, PubHTML5 is an ideal choice. With the PubHTML5 flip book maker, you can convert PDF to interactive ebook with realistic page turning animation. The Platinum Plan of PubHTML5 which is worth of $74.75 is now FREE for everyone before March 31, 2016.
Animation Editor is one of the most popular features of PubHTML5 flip book maker. You can enrich your flipbooks with multimedia elements including online YouTube videos, offline video files, audios, images, hyperlinks, photo slideshows, and more. You can use the flip book maker directly online at pubhtml5.com, or install it on your Windows or Mac computer. Please notice that the powerful Animation Editor is available to Desktop version only.
Enjoy the flipbook example created by PubHTML5:
The Main Features of the 3 Months Platinum Plan:
- Unlimited Upload/ Storage/Pages per Book
- Convert PDF/Image/Office Document to Interactive HTML5 Flipbook
- Powerful Animation Editor and Page Editor
- Allow Batch Convert Mode to Increase Efficiency
- All-in-one Online eBook Management with Access Statistics
- Many Free Design Resources such as Online Templates are Available
- Multiple Output Types allow Sharing Flipbook Easily
Watch the video to learn PubHTML5 within 3 minutes:
Take a Look at PubHTML5’s User-Friendly Interface:
Image1: Login your Platinum account
Image2: beautiful pre-designed templates for applying to page flip book directly
Image3: edit page with rich multimedia such as inserting YouTube video
Steps to get the 3 Months Platinum Plan of PubHTML5 flip book maker:
- Copy the CDKey: Plt3m-whKg2-2Pd3N-Mar31
- Get your gift card code at http://ift.tt/1MGSqjZ
- Follow steps in the email you receive and activate the code at http://ift.tt/1VHMvTd
Please activate your account with the gift card code soon! It’s only valid until March 31, 2016.
The post Giveaway for PubHTML5 – Platinum Plan of Flip Book Maker appeared first on GadgTecs.
from GadgTecs http://ift.tt/1MGSqk1
Wednesday, 23 March 2016
A new Indiegogo campaign, which was able to collect 12 times its target caught our eye. It claims to be the world’s first “Artificial Gills Re-breather” and tells us that it has been featured in big websites like Huffington, Yahoo News, RT and Softpedia. What they fail to mention is the fact that all the ‘reputable’ sites that did mention them, were very skeptical of their claims! Ok, for those of you who don’t know what we are talking about, lets first ‘enlighten’ you with their ‘claims’. They say that is the world’s first snorkel like device, with ‘artificial gills’ technology for breathing & swimming in upto 15 feet underwater. The catchy video shows a person in a pool […]
The post New Gadgets: Triton – breath underwater like a fish using ‘gills’ – Real or Scam? appeared first on Latest Gadgets.
from Latest Gadgets http://ift.tt/22GOU2n
Tuesday, 22 March 2016
Having a flashlight handy is always a good idea as you never know what might happen in the middle of the night, especially if you are outdoors. The Tact9000 tactical flashlight may just be the right flashlight for you.
Made from aluminum, the Tact9000 led flashlight is a military grade flashlight that has a range of about 1000m. Moreover the 1000 lumen output is so bright that you are not going to be able to find other flashlights as powerful as that. Therefore you may rest assured that the Tact9000 will give you great visibility in any situation, even if it is literally pitch dark!
In case of emergencies, especially if you are stranded or wounded, the Tact9000 could literally save your life. This is because it has the strobe function which can be activated by pressing the tail button. Thanks to its high range a search party will be able to find you easily.
The Tact9000 LED flashlight is powered by an 18650 Li-ion rechargeable battery, or with 3 AAA batteries. Being made from aluminum the Tact9000 is durable yet lightweight.
The main feature of the Tact9000 is undeniably its powerful output. With 1000 lumens of bright white light one cans safely say that the Tact9000 tactical flashlight is the most powerful portable flashlight on the market. The Tact9000 is probably the smallest survival tool you are ever going to carry around, but it can literally save your life in precarious situations where you will panic without some light. Thus if you love camping, exploration or any other outdoor activity which might result in dangerous situations, the Tact9000 should definitely be a key part of your survival kit. The Tact9000 has been used as a hunting flashlight, as a camping flashlight as well as for emergency purposes. Whoever used it explained how helpful it was and how they could have ended up badly had it not been for the powerful light the Tact9000 provided them with.
The Tact9000 LED flashlight can certainly make a great gift for someone who loves camping and other outdoor activities. It is handy, portable, durable, and very convenient thanks to its powerful and bright light. The Tact9000 could literally save your life, and so it is a must-have if you need a really good flashlight that will light your way and save the day in every possible situation, no matter how precarious it might be.
To get the Tact9000 LED at a discount, visit: http://ift.tt/25kxydX
from GadgTecs http://ift.tt/1o5bYs0
Monday, 21 March 2016
(for details of the giveaway, please see the end of the article)
Let’s be honest. Most of our lives are online these days. All our memories are stored on some kind of digital device in the format of images. Our most important documents like financial statements are stored as excel spreadsheets and word documents. Even our entertainment is digital with movies and music stored anywhere from your laptop and computer to your phone.
But what do you do if you want to change computers, or you get new operating software and it doesn’t fit on your current hard drive? What happens when a virus comes and removes all your precious memories, or deletes all your important documents? What if you drop your phone and all your precious data on it “seems”irretrievable?
Luckily EaseUS has a broad range of products that will suit your needs exactly, whether it’s changing computers, recovering lost data from your phone or laptop, partitioning devices to make space for Windows 10 or more files or just by being safe and backing up all your important information.
EaseUS MobiSaver for iPhone
The EaseUS iPhone Recovery tool, named EaseUS MobiSaver, is definitely a top-of-the-line choice. This software program can work to help all iPhone users worldwide. In fact, this has been considered as the world’s most powerful iOS-based recovery tool. It has several wonderful features as mentioned below.
- Three Recovery Modes: recover from iOS device, recover from iTunes Backup, recover from iCloud Backup.
- Recover all common data including Contacts, SMS, Call log, Notes, photos, videos, MMS, Calendar etc.
- Retrieve all data being deleted or that are lost due to virus.
- Support all kinds of iOS devices, including iPhone/iPad/iPod touch.
EaseUS Data Recovery Wizard
Have you lost data on your pc as a result of accidental deletion or virus attack, or any lost data for that matter? EaseUS Data Recovery Software will recover your lost information for you. It’s as easy as launching the program, scanning your device, and recovering your information. As easy as that. No need to panic when your financial statements are not where you left it, with EaseUS you can recover it in no time.
Do you want to increase or decrease the number partitions you have? Do you want to make a dedicated partitions for your Windows 10 or keep important data separate from your normal files. EaseUS partition software has a feature list too long to mention, but in essence, anything partition related you want to do, EaseUS will be able to it, without any problems or lost data. It just works. Again, this software is extremely user friendly and has step by step guidance to make sure you know exactly what you are doing.
The best prevention is cure. That’s why instead of trying to recover lost data, why not just backup your information regularly so that when something goes missing, you can easily just get it back from your back ups. EaseUS Todo Backup allows you make exact copies of your hard drives, what means if you put that hard drive in a new PC, it will be exactly as your previous one. Even your operating system like Windows 10 will be operational. So when your whole computer decides to let out it smoke, you can just put in your backup hard drive in a new pc and go on as if nothing ever happened.
If you want to take your data needs seriously, be sure to get any of the EaseUS products as soon as possible.
Easter Day Giveaway of EaseUS Software
What you will get from Easter Day Giveaway? (Starts at UTC-5 00:00, Mar. 23, 2016)
- 48-hour unlimited giveaway of EaseUS MobiSaver for iPhone, EaseUS Data Recovery for Mac, EaseUS EverySync, and WinX DVD Ripper Platinum.
- As low as $1.99 to purchase EaseUS best sellers – LIMITED OFFER
- Win $30 Amazon Gift Card (or $30 PayPal Gift Card).
Giveaway page here, http://ift.tt/1nWZYbX
So Hurry Up! (End Date : Mar. 25, 2016)
from GadgTecs http://ift.tt/1XJaCz8
Sunday, 20 March 2016
Note: When the fan repeatedly rotates for about 8 hours, please flip off its energy for maintenance. Its an awesome clock however the numbers are in the wrong locations it glitches when hold the button and overheats from just utilizing it for a few minutes. The USB Message Fan does not need a wall socket; it merely will get its energy out of your computer through the USB port - good in your desk! Once the protecting jacket has been removed, remove some of the shielding such that the four wires which make up the USB cable are uncovered. I went forward and constructed a usb fan and it appeared to work, until the motor burned out. The image of the clock is created from a single strip of LEDs, showing off the facility of science.
If it's a USB - serial driver then figure out what the windows software sends to the fan maybe by looping back the instructions to another serial port. I must say, the truth that it is so low-cost really makes this an even how it works better gadget. One factor is for sure, you will undoubtedly be getting a complete lot of consideration if you are using this USB LED clock and fan to keep you cool.
So whether you need to store wholesale usb led fan clock from Chinese usb led fan clock wholesalers or want to save massive on usb led promotion , kitchen ventilation fan promotion , kitchen hood fan promotion yow will discover it all here. Tape it up if you're all accomplished (taping the wires individually to insulate them) and plug it in to a pc usb port.
If you don't have USB OTG cable ( Buy USB OTG Cable from here ) Still its better to check your Android system's consumer manual or detailed specifications from the device producer, before buying this stunning accent, whether or not your Android system USB clock fan supports USB OTG or not. That mentioned I don't remorse shopping for it. My son will like it and I had to prize it off my desk to put away for Xmas, suppose I may deal with myself to one when they're back in stock!
I could carry the LEDs again to a hundred% service by flicking the highest of the fan hub with a fingernail. There's just a little crimson on/off change on the side, so you don't have to unplug the fan to turn it off. As you might imagine, the subsequent step is to strip the crimson and black wire of the usb. In order to customise the message, you'll need to use a Windows Computer, there is a mini CD that is included within the purchase package, from where it's a must to install the LED Message Customization instrument after which join your fan with USB cable with a purpose to customise the message of your own alternative.
You also can power the sunshine by AC energy w USB port adapter(AC a hundred and ten/220V, DC5V 300mA), however right here the AC energy adapter will not be included. As the fan blades are spinning, the cleverly aligned crimson and inexperienced LED's clearly display the time on an ordinary analog clock face, with moving hour, minute and second fingers. Looks good alongside any pc and in addition can be utilized from a USB plug, most cellphone chargers have one.
Source: Cool Gadget: A Time or Text Printing USB Led Fan - Only $5.41
We recently had the chance to review a really cool USB Led Fan, one that can print a message or time in air! The USB Mini Flexible Time LED Clock Fan retails for around $5.4 and as the name suggests, its very flexible. Not only you can attach it to computer or laptop, but you can also run it with a power bank. Apart from the time (or in this case, temperature), it also gives a decent amount of breeze, enough for 1 person to cool off in hot weather. We tried many versions, one with a red led, blue led or the one with multicolored leds. The multicolored led (green and red) is excellent for time, the blue led […]
from Latest Gadgets http://ift.tt/1UvFDsi
Thursday, 17 March 2016
Once again, more than a billion Android gadgets are vulnerable to a security hole in Qualcomm’s Snapdragon chip that may very well be exploited by any malicious hacker to gain full access on the machine. Trend Micro’s security experts have warned Android users of some severe programming shortcomings in Qualcomm’s kernel-level Snapdragon code that if exploited, can be utilized by attackers for gaining root access, and hence full control of your phone or gadget. Gaining root permissions on a system is a matter of concern, because it grants attackers entry to administrator stage capabilities, permitting them to do almost anything with your device against your will, like accessing your pictures or even taking new ones without your knowledge, or snooping into your private data including emails, accounts’ passwords, emails, messages […]
The post Qualcomm Exposes More Than A Billion Android Devices To Hackers appeared first on Latest Gadgets.
from Latest Gadgets http://ift.tt/1XzsM6x
Once again, more than a billion Android gadgets are vulnerable to a security hole in Qualcomm’s Snapdragon chip that may very well be exploited by any malicious hacker to gain full access on the machine.
Trend Micro’s security experts have warned Android users of some severe programming shortcomings in Qualcomm’s kernel-level Snapdragon code that if exploited, can be utilized by attackers for gaining root access, and hence full control of your phone or gadget.
Gaining root permissions on a system is a matter of concern, because it grants attackers entry to administrator stage capabilities, permitting them to do almost anything with your device against your will, like accessing your pictures or even taking new ones without your knowledge, or snooping into your private data including emails, accounts’ passwords, emails, messages and files.
Qualcomm’s own web site states that their Snapdragon SoCs (techniques on a chip) are used on greater than a billion sensible units, together with many Web of Issues (IoTs) right now. Therefore the problem exposes not only many individuals but also many corporations which might be relying on IoTs or have employees using the vulnerable devices susceptible to being attacked.
Although Google has pushed out security updates after Trend Micro privately reported the issues which will now prevent hackers from gaining root entry with a specifically crafted app, users might not be getting updates anytime soon.
Depending on your device, the security updates that do roll out may do so via a protracted chain:
Trend Micro’s engineer Wish Wu said: “Given that many of these gadgets are either no longer being patched or never received any patches in the first place, they’d essentially be left in an insecure state without any patch forthcoming.”
Unfortunately, what’s more concerning is the fact that the same vulnerable chips are utilized in a lot of IoT devices, that are no longer in line for security updates. This makes it possible for hackers to gain root entry to these connected units, which is more worrying.
“Smartphoness aren’t the only problem here, Qualcomm also sells their SoCs to vendors producing devices considered part of the Internet of Things, which means these devices are just as at risk.”
“If IoT is going to be as widespread as many experts think, there needs to be some kind of system in place ensuring these devices are safe for public use. Security updates are an absolute necessity these days, and users of these connected devices have to know what they’re dealing with.” said Pattern’s Noah Gamer.
No matter what the rationale: if security patches aren’t available for your gadget or take too long to arrive, in both the cases it provides miscreants time to exploit the security holes to get control of your unit.
All the smart devices utilizing the Qualcomm Snapdragon 800 series, including the 800, 805 and 810 and running a 3.10-version kernel are affected by the vulnerabilities.
The susceptible code is present in Android versions 4 to 6. In the tests, researchers found Nexus 5, 6 and 6P, and Samsung Galaxy Note Edge using vulnerable variations of Qualcomm’s code.
Although the researchers don’t have access to every Android phone and tablet to check, the list of vulnerable devices is non-exhaustive.
Since the researchers haven’t disclosed full particulars about the flaws, the short brief concerning the vulnerabilities is as follows:
- Qualcomm-related flaw (CVE-2016-0819): The vulnerability has been described by the researchers as a logic bug that permits a small section of kernel memory to be tampered with after it’s freed, causing a data leakage and a Use After Free issue in Android.
- The flaw (CVE-2016-0805) is in Qualcomm chipset kernel function get_krait_evtinfo: The get_krait_evtinfo function returns an index into an array utilized by other kernel functions. With the help of carefully crafted input data, it’s possible to generate a malicious index, resulting in a buffer overflow.
- Gaining root access: Utilizing both the flaws together on vulnerable units, attackers can acquire root access on the device.
The researchers will be presenting their research of exactly how to leverage these exploits at the upcoming Hack In The Box security convention in the Netherlands to be held at the end of May 2016.
The post Once again, a billion plus android devices vulnerable appeared first on GadgTecs.
from GadgTecs http://ift.tt/1VidNzd
Sunday, 13 March 2016
Our website was crushed due to some heavy load, and bad settings. We have made amendments, got a much better server, and some magic. We were able to restore almost all the data (except page views & some comments). During this time, our giveaway was NOT effected as it is being managed by Gleam.io’s app.
We sincerely apologize for any inconvenience cause to our dear readers. To remain update, please follow our social channels, especially twitter as we never send ANY kinds of emails to our readers (yeah, we hate spam and we know you get a lot of emails anyways).
For any suggestions/criticism/writings/complaints/requests etc, you can send us an email.
from GadgTecs http://ift.tt/1RIdk3T
Sunday, 6 March 2016
Yes, you read it right, a pen that can last for many years. If you keep it in a drawer and forget about it, then take it out after a century, this pen will still write, as there is no ink in it that would have dried or leaked. Some even called this inkless pen the space pen, as it can even write in space (well, so can a pencil, but that’s besides the point). The pen was originally designed in Germany and it comes in 2 sizes. The smaller one, is around the size of a palm (3.3″) and the larger one is the size of a normal pen (6.3″)
It’s official name is ‘The Beta inkless pocket pen’ and it is no ordinary pen. It has a smooth cylindrical stainless steel barrel with a screw cap to protect the nib, which is the extraordinary part of this pen. The nib is made from a special alloy, and as you write it makes a mark by leaving a very small amount of metal on the paper. This is a silvery color and looks a little bit like the mark left by a pencil; however it is a permanent mark that is smudge proof [ideal for left hand users]
This pocket pen can be used to write on virtually any paper surface, at all temperatures and climatic conditions. The tip can be sharpened with a fine sandpaper if required. For writing, the longer pen is better as its easier to grip and comfortable to hold, but the smaller one is more portable and slightly more beautiful.
If you are looking for an unusual item for a geek friend or if you yourself are a nerd, astronaut, or collector, then this Metallic Inkless Pocket Pen would be the ideal gift.
P.S Please note this pen is not suitable for children as there is trace amount of lead in the alloy nib.
from Latest Gadget Shop http://ift.tt/1TAztr7
Thursday, 3 March 2016
New AMKOV OX5 Lens Style WiFi Smart Camera
Ideal for recording videos or taking images lacking an assistant
Don't be fooled because of the picture. Its not as large as it looks
by gadgets March 4, 2016
Once you obtain the AMK-OX5 by AMKOV, you’ll definitely fall madly in love like we did. It is essentially as small as a lens, weighs only 99 grams (excluding the car battery), and may even be that come with a phone. It is especially perfect for people who don’t produce an assistant as it could be controlled remotely via your touch screen phone (as well as android smart watch, though that will be a bit tacky) through WiFi. The advantage of WiFi over Bluetooth would be the increased range and speed.
It incorporates a 20 megapixel sensor for clear and sharp images which enables it to compete with many DSLRs alone. The inbuilt lenses allow upto 5X optical zoom, which enables it to zoom in one more 4X digitally. The images we took in the evening were impressive and far better than the default camera of Samsung Galaxy S6.
This small wonder even includes a 900mah replaceable battery that lasts a long time. It has three shooting modes by itself, single shot / self-timer (2s & 10s) / continuous shooting (3 – 5 photos), though when attached directly using the phone, it's also possible to use the various shooting modes accessible in different phones. The default viewing angle is 74°, with an attachment (within the package), additionally, it can take 120° wide angle photos. The images and videos can directly be transmitted towards the phone or they're able to also be held in the lens itself, within a MicroSD card (not included while using camera).
small lens camera
When launched, it retailed for upwards of $220, but has become on sale (albeit to get a limited time) which enables it to be bought for $114 ($112 if you work with the mobile app) on Aliexpress (includes free freight). The package incorporates:
1 Smart camera
1 Camera bag
1 120° wide angle lens
1 Phone clip (can be attached with almost any smartphone, including iPhone 6S)
1 USB cable
1 900mAh Battery
1 Lens bag
1 User manual (Chinese & English)
Highly appropriate for geeks enthusiastic about pictures and videos, or YouTubers to record themselves using a decent remote control camera that doesn’t cost 1000s of dollars.
Once you get the AMK-OX5 by AMKOV, you’ll definitely fall in love like we did. It is essentially as small as a lens, weighs only 99 grams (excluding the battery), and can even be attached to a phone. It is especially ideal for people who don’t have an assistant as it can be controlled remotely via your smart phone (or even android smart watch, though that would be a bit tacky) through WiFi. The advantage of WiFi over Bluetooth is the increased range and speed.
It features a 20 megapixel sensor for clear and sharp images and can compete with many DSLRs on its own. The built in lenses allow upto 5X optical zoom, and can zoom in an additional 4X digitally. The images we took in the night were impressive and much better than the default camera of Samsung Galaxy S6.
This small wonder even has a 900mah replaceable battery that lasts quite a while. It has three shooting modes on its own, single shot / self-timer (2s & 10s) / continuous shooting (3 – 5 photos), though when attached directly with the phone, you can also use the various shooting modes available in different phones. The default viewing angle is 74°, and with an attachment (included in the package), it can also take 120° wide angle photos. The images and videos can directly be transmitted to the phone or they can also be saved in the lens itself, in a MicroSD card (not included with the camera).
When launched, it retailed for over $220, but is now on sale (albeit for a limited time) and can be bought for $114 ($112 if you are using the mobile app) on Aliexpress (includes free shipping). The package includes:
1 Smart camera
1 Camera bag
1 120° wide angle lens
1 Phone clip (can be attached to almost any smart phone, including iPhone 6S)
1 USB cable
1 900mAh Battery
1 Lens bag
1 User manual (Chinese & English)
Highly recommended for geeks obsessed with pictures and videos, or YouTubers to record themselves via a decent remote controlled camera that doesn’t cost thousands of dollars.
from Latest Gadget Shop http://ift.tt/1QwwV72
Tuesday, 1 March 2016
Despite many major security breaches reported last year, Real Future’s Kevin Roose wished to find out how nicely he would fare in a personal pen-test. Issuing such a “hack me” challenge is never sensible as New York University Professor and PandoDaily editor Adam Penenberg found out a couple of years ago after asking TrustWave to hack him if they could. Kevin posted a video exhibiting what can occur whenever you dare professional hackers to hack you, and the ensuing pwnage was epic!
When Kevin asked to be hacked, social engineering professional Chris Hadnagy replied, “may God have mercy on you ;)”. Kevin stated he’s a “fairly privacy-conscious guy” and believed he maintained good safety precautions, however “HumanHacker” Hadnagy, for instance, pulled up Kevin’s house address by zooming right into a tweeted picture of Kevin’s dog and grabbing his address off the canine’s tag.
And the vishing (aka voice phishing) pulled off by social engineer specialist Jessica Clark was particularly spectacular as she called an unnamed cellular service provider to trick it into handing over Kevin’s e-mail address. Before she called, spoofing his phone number, she started a YouTube video of a baby crying in the background. She pretended to be his (non-existent) spouse. The call begins at 2:29 within the video and by 2:59 Jessica has his e-mail.
Kevin also requested Dan Tentler, pentester and founder of the Phobos Group, to hack him. Though Kevin promised himself he would be “extra-cautious while the hackers were focusing on” him, he fell for a phishing scheme. Dan registered a domain address that was one letter off from Kevin’s web host and sent an e-mail allegedly from the hosting company’s security staff. After Kevin clicked on the link to supposedly install a security certificate on his website, Dan’s shell owned him.
At first Kevin stated he experienced a variety of fake pop-up boxes which gave the impression to be OSX legit, so he entered his admin password. Dan used a keylogger to obtain the password for Kevin’s 1Password manager and used the Dropcam passwords to “monitor” his own home via his own personal security system. Moreover, Dan lodged a software that used Kevin’s Laptops built-in webcam to take pictures every couple of minutes. At one point, Kevin mentioned a “robotic montone” coming from his laptop saying “you look bored.”
Later, when explaining the hack, Dan informed Kevin:
“It’s ridiculous. I’ve control of your digital life in its entirety. I’ve all of your credentials. I’ve all your access to all your financial data, all your work info, all of your private info. I can pay people with your bank or your Amex account.
For all intents and purposes, I’m you.
I could have made you homeless & penniless,”
If that is not bad enough, all this was revealed to Kevin at DefCon where he surely would have been wise to be feeling a bit paranoid at any rate since he was surrounded by digital ninjas normally cloaked in cyber-ether. Although he reportedly wanted to toss his laptop into the sea and go hide on an abandoned island, privacy and security professional Morgan Marquis-Boire injected some sanity into his state of affairs by pointing out that in a normal situation, Kevin wouldn’t be interesting enough to be targeted by expert hackers.
“Do you worry about trained martial artists beating you up on the street?” asked Morgan. To which Kevin admitted that he wasn’t too worried about being attacked by ninjas on the road.
“However you are aware that they exist,” Morgan stated. “You are also aware that you probably could not do anything about it if one of them wanted to beat you up on the street.”
Regular folks might not challenge the hackers or need to fret about the latest strain of “CEO fraud,” aka Business E-mail Compromise (BEC), that was reported by KnowBe4 – an organization so confident that its security awareness coaching works that it will “pay your ransom in the event you get hit with ransomware when you are a buyer.” But regular folks may very well be employees of an organization, the weak links to be targeted and exploited through BEC spear phishing attacks.
During the last year there has been a huge upsurge in BEC, based on a new 2016 report by PhishLabs, and “no security tool or training routine will prevent” individuals from falling for phishing assaults – the toehold Dan used in pwning Kevin. Even when workers are extra cautious and clever about phishing, what about falling for vishing? You may be as security-conscious about social engineering as possible, but when an organization with which you do business is not, then that’s all it takes for an attacker to own you.
We highly recommend that you watch the video posted by Kevin, whether for entertainment or for a gentle reminder that great things hardly ever come to those that ask to be hacked.
The post Overconfident security researchers always lose to hackers appeared first on Latest Gadget Shop.
from Latest Gadget Shop http://ift.tt/1T77uif