The Heartbleed Bug

Image

Hey guys, this article is about the latest bug that is found and named to be the “HeartBleed”. This bug leaves around a half a million systems across the web vulnerable.

Wikipedia context says it’s a security bug in the open-source OpenSSL cryptography library, widely used to implement the Internet’s Transport Layer Security (TLS) protocol. The fixed version of OpenSSL was released on April 7, 2014 and at the same time the bug was disclosed. It was registered with CVE-2014-0160 ( Common Vulnerabilities and Exposures systems ). Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug completely. Continue reading

The Deep Web Part II: Shady Deals in the Gray Market

Vijay Kumar (vjbadstreetboyz):

Its an awesome article…!

Originally posted on Secure Your Workplace Tablets:

Would you pay $300,000 dollars for a zero-day exploit like the Heartbleed bug? Well, somebody does, and it’s not the traditional hacker bad guys. They don’t have this kind of money. But before we get into the buyers, let’s see what they get for their money.

First of all, they get exclusive rights to the exploit and all updates. They are also promised that the original maker of the software, the vendor, is not informed of the vulnerability that exists in the exploited software. The company that made the software isn’t aware of this flaw so they cannot apply a patch that would help their regular customers remain secure. The longer the flaw remains undiscovered, the more the buyer of the exploit will pay. This is because payment will be made in installments over time. An early patch by the vendor limits the time the exploit can be used and…

View original 716 more words

Python Scripting Series – Basics and Fundamentals

pythonHello guys, in this tutorial I’m going to talk about few Python fundamentals. I have embedded a video below that will help you understand in a much better way. This tutorial aims you to let you know about handling data such as integers, strings etc and storing them in variable and then using them in the program. I’ve started from the very basics of the mathematical stuff and then some other surprising behavior by Python shell. Hope you guys will enjoy this! Continue reading

Python Scripting Series – Get started with Python.

pythonYet now I have never started any series on any topic. So I thought, it would be good to post a series on something like a tutorial on Python for beginners. Python is the language for hackers. It is simple and flexible hence anyone can easily understand and start programming. It supports major and most of the platforms. With Python you can avoid the most irritating things that you would come across while programming in C, that is, pointers. You can avoid the whole memory management while you are working with Python, but yet it is a powerful language which can be used for exploit development, further to design and build security tools. Continue reading

Access blocked websites in your college/office Wi-Fi

Unblock_WebsitesI got few mails asking for some tricks to access restricted websites in college or office Wi-Fi without using proxy. Generally, if you use proxy to access some website then it might take you some more time to load the page than usual, but a VPN connection rather will improve your speed. In this article I will be helping you to set up a free VPN account for unlimited access to often blocked websites like Torrents, Facebook and YouTube. Continue reading