Showing posts with label ethical hacking. Show all posts
Showing posts with label ethical hacking. Show all posts

Top 10 Worst Passwords Of 2016 You Should Never Keep, Else You’re A Dumbo

The year 2016 was rough regarding data security and the thing that enhances the frustration of the advocates of cyber security is the pathetic choice of passwords people have on the internet. Keeper Security has released the list of the most popular (worst) passwords used in 2016. It is highly recommended to set a password that is strong and can’t be guessed easily.
Apassword is used to protect people’s devices and online accounts from unauthorized access. But some people just don’t get it and make sure that their password is the dumbest of all. Seriously, it’s 2017 now. Your internet life is as important as your real one unless you’re some wannabe cave dweller hiding somewhere in the forests of Amazon.
Keeper Security has released the list of the most common passwords for 2016, but I would like to call them the ‘worst passwords’ and people should avoid using passwords which are guessable.
THE AWARD FOR THE MOST POPULAR PASSWORD FOR 2016 GOES TO 123456.
Last year was full of different data breaches. Yahoo Inc. (Altaba Inc. in the future) announced their huge data leak involving 1 billion accounts. The research team at Keeper Security was able to harvest and analyze 10 million publicly available passwords that resulted from various data breaches last year.

Top 10 Worst Passwords You Should Never Keep

RankString
1.123456
2.123456789
3.qwerty
4.12345678
5.111111
6.1234567890
7.1234567
8.password
9.123123
10.987654321
The actual list includes 25 passwords which account for around 50% of the 10 million passwords. Most of these passwords are predictable as hell, even if they’re long. An interesting thing is the password 18atcskd2w0, which is assumed to be used by internet bots which create online accounts and spread spam messages.
It has been advised to keep a secure password with alphabets, numbers, and special characters. Cracking a simple password is a child’s play for password cracking software which use brute-force technique to guess it. And the people who think, Why would anyone hack me?”, won’t even get a chance to regret after their details get compromised.

Debian GNU/Linux 8.7 Released (Update: ISOs Now Available)

The Debian Project has released the seventh update of Debian 8 Jessie. This release ships with tons of security updates, bug fixes, and updated packages. The existing users of Debian 8 need to point the apt package tool to one of the updated Debian mirrors and get the update. The new installation media and ISO images are yet to be published.
Update: Debian 8.7’s ISO images are now available for download. It can be grabbed via these mirrors or download the installation images from here.
Back in early 2015, Debian 8.0 Jessie was released after spending two years in development. This release switched back to GNOME as the default desktop environment choice. Now, the Debian Project is here with the latest update to this long-standing Linux distribution.
The seventh update of Debian 8, i.e. Debian GNU/Linux 8.7, has just been released. As expected, this release fixes tons of existing security issues. Notably, many of the included security advisories were already published and referenced.
Long time Linux users must be knowing that security is one of the primary concern of the Debian Project. The project handles all security-related issues brought to their attention and ensures their fixes in a reasonable time limit.
The release notes for Debian 8.7 include many bug fixes and security updates, which you can find here. The release has 80+ bugfixes and 80+ security patches.
One should also note that Debian GNU/Linux 8.7 isn’t a new version of Debian. Instead, it includes security updates and updated packages. So, if you’re already running Debian 8 Jessie, you don’t need to perform a fresh install. Just update via an updated Debian mirror to get all the new packages.
At the moment, new installation media and CD/DVD images are yet to be published. We’ll be updating the article when the ISO images will be available.
Did you find the Debian GNU/Linux 8.7 release exciting? Don’t forget to share your feedback.

How to become an ethical hacker | Padsa Information

An essential guide to becoming an ethical hacker

I often get a number of people ask for guidance  about how they can become an ethical hacker. I also receive even more requests about how to become a black hat hacker. The latter requests are ignored. below is a definition of an ethical hacker

Ethical hacker

  1. A person who hacks into a computer network in order to test or evaluate its security, rather than with malicious or criminal intent.
So if you want to be an ethical hacker the truth is there is no easy method to become a skilled hacker…… it’s easy to be a script kiddie and load up Armitage or Fast-track and fire every exploit known to man at a target. But what’s the point at firing Linux exploits at a Windows box!.

You need essential prerequisite knowledge

If you want to get into the IT  security world as a white hat you must be competent in the following areas:
  • Networking
  • Programming
  • Databases
  • Operating systems (Linux and Windows)
Once you have a fairly good knowledge of the above points THEN it would a good idea to learn about hacking. So now you have a good understanding of the fundamentals of IT, you can now understand how to break some of the underlying vulnerabilities within computer architecture. The following activities should help you with this:

What areas to concentrate on in order to build a foundation

Networking – Cisco courses seem to be really good. I undertook all the CCNA courses available.
Programming – Focus on learning C++, Python/Ruby and PHP.
Databases – Play around with MySQL and MSSQL and make your own database to understand how it works.
Operating systems – Most flavours of Linux are the similar to one another, I use Debian on a lot of servers and of course Kali. Additionally it is worth understanding the more obscure areas of Windows such as the registry.

Read books about hacking (Here are some good examples of some)

  • The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
  • Hacking: The Art of Exploitation, 2nd Edition
  • The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
  • Metasploit: The Penetration Tester’s Guide
  • CEH Certified Ethical Hacker All-in-One Exam Guide
  • Google Hacking for Penetration Testers

Undertake FREE ethical hacking courses.

These are very good for learning but won’t give you an industry recognised qualification, however they will teach you a lot about different areas of ethical hacking which will help towards recognised qualifications.
You can register for a free Cibrary account to do a free ethical hacking course at the following link –

Undertake Recognised Online courses

These course are all paid for, however they are industry recognised and will help you find a job in the IT security sector.
  • CEH
  • OSCP
  • CISSP

Communicate and follow other fellow IT security enthusiasts through the following mediums

  • Facebook (https://www.facebook.com/pages/Hacking-News-Tutorials/252350961471136 )
  • Google+
  • Twitter

Self learn by watching online tutorials

  • www.securitytube.net
  • www.youtube.com

Download practice environments to practice and hone newly learned skills

  • DVWA (Dam Vulnerable Web Application)
  • Metasploitable2
  • Samurai WTF

Final note: Hacking is something that takes A LOT of your time!, be prepared to sacrifice friendships, relationships and that awesome social life you used to have!