Samsung Galaxy S5 Fingerprint Scanner bypassed easily

Posted by SiddhartH SolankI
Samsung’s Galaxy s5 is surely quite awesome device having lots of new features and one of the new feature of the Samsung’s Galaxy s5 is Figure print scanner actually it adds one security layer.

Samsung Galaxy S5 Fingerprint Scanner bypassed easily

Somehow the Samsung’s Galaxy s5’s new security layer called the fingerprint scanner can be bypassed easily using the lifted fingerprint. And any one can get the unauthorized access to your Samsung’s Galaxy s5 device just by lifted fingerprint with wood-glue based dummy finger.

Moreover Samsung’s Galaxy s5 is not asking for the password to access your Paypal Account application so once the attacker got the access in your Smartphone then they can easily make transactions and he can also buy products using your Samsung’s Galaxy s5 Smartphone.

Samsung’s Galaxy s5 allows infinite attempts to unlock the device and  Apple’s I phone 5s also have the same feature but it requires strong password the occasion you boot a device and Samsung’s Galaxy s5 dose not have such security.

And of coerce one need the physical access to your device and if your phone is stolen, then the thief will be able to access your phone and can perform any tasks.
Read More

Flicker is Vulnerable to Remote Code execution and SQL Injection Flaws

Posted by SiddhartH SolankI

Flicker is very large photo sharing and photographs management system and its owned by the Yahoo!

Flicker vulnerable to sql injectin and remote code execution

Security Researcher named Ibrahim Raafat have found that the Flicker is suffering from the SQL injection and Remote code execution vulnerabilities. He have found Two parameters which where vulnerable to the SQL injection named $page_id and $items.


Flickr from SQL Injection to RCE

By exploiting this vulnerability he was able to get the MYSQL root password. He have reported  both RCE and SQL injection vulnerabilities to the yahoo and now its patched.


According to the Ibrahim Raafat, most of the web applications are vulnerable to the Blind SQL injection and after the deep research you can find the Direct SQL injection in the web application.

Read More

Heartbleed Bug Exposes Your Passwords to Hackers !!

Posted by SiddhartH SolankI
Heartbleed vulnerability is an extreme bug in the most popular OpenSSL encryption technology.  The OpenSSL technology is used by most of the web applications to encrypt the communication like it encrypts our username, password, credit card numbers, bank information, email address and much more personal information.
Heartbleed was discovered by the security team at Codenomicon and then the Neel  Mehta of Google Security have reported this major vulnerability to the OpenSSL team.

Heartbleed vulnerability have affected many web applications as they are using OpenSSL encryption technique to protect the communication.

Some of the companies that where vulnerable to this Heartbleed bug have successfully updated their server with a patch to fix the Heartbleed  bug.

How to protect your self from the Heartbleed vulnerability ?

To protect your self from the Heartbleed vulnerability all you have to do is to change all your passwords. You have to change the passwords of your emails, facebook, twitters and every web applications which uses the OpenSSL encryption technology.
Read More

700+ websites get hacked by Modi ‘fan’ to support Narendra Modi

Posted by SiddhartH SolankI
Narendra Modi, Gujarat's chief minister and the next PM candidate of the India. And he has so many supporters from the youngsters and now a days he is also gets the supports from the hackers.

Narendra Modi Fan Here

Hacker have hacked and defaced 700+ Indian websites to support and promote Narendra Modi.

The list of the hacked website is here.

You can check out the defacement image in the above snapshot. The message written in the defaced website is “ whatever you fail to detect, will cause your downfall..
Narendra Modi fan is here to tell you the truth.. no one is here like Narendra Modi and thats why sonia gandhi and rahul always barking about Narendra Modi and you all know about aam aadmi party who don’t know what they have to do and waht not always one word dharne par bheth jayenge lol!  we just defaced this site to give you a message vote for MODI!  ”
Read More

Pakistani Hacker arrested for hacking into a Cellular Company’s Database

Posted by SiddhartH SolankI
Pakistani hacker arrested by the Pakistan's Federal investigation agency (FIA) for hacking into a cellular company's database and for exposing the database on his website.

Hacker have hacked the database of the Warid Telecom and then he have exposed the database of the Warid Telecom on his website

Senior manager of Warid Telecom have found that the information of their customer till 2006 had been shard over the internet and then they have filed complaint about it. website was being hosted by hosterpk and with the help of the hosting company FIA have successfully traced the IP, Email and Phone number of the hacker and he was traced in the shop located at Ghalla Mandi, Noorpur, Kasur.

The FIA team have have found the Warid Data in his computer and then team have seized Two desktop computers, hard drives and other portable drives and they have arrested Mubashar Shahzad. 

The website where the hacker have exposed the database of the telecom company has now been shut down.
Read More

Facebook have introduced free voice calling feature to its Messenger App

Posted by SiddhartH SolankI
Facebook have updated its messenger this week and now the new version of the Facebook Messenger allows you to make a free call, create group chat and its also allows you to forward the message to the other contacts.

Facebook acquired the WhatsApp for $16 billion, many WhatsApp users wondered that what will happen to the WhatsApp by the way it was went down many time ! But now the WhatsApp users don’t have to worry about anything because the Facebook have introduced the Free Call feature to its messenger.

This new Facebook Free calling feature is inbuilt in the Facebook Messenger and you can see the blue color icon with your contact’s name and you can easily make a call to your Facebook contacts and all they need is WIFI connection. They should have good internet connection.

The quality of the call is average but they will improve the quality in the next version of the messenger, you can download the Facebook Messenger from the android app store.

This feature was available for the IOS users only but from the last week its available for the Android users too! but still this Facebook Free calling feature is not available for the windows users!  
Read More

5-year-old boy has bypassed Microsoft Xbox Password system

Posted by SiddhartH SolankI
Kristoffer Von Hassel is a five year old boy and he have managed to bypass the Microsoft Xbox password system!  And now he got the security acknowledgement by the Microsoft.

Kristoffer Von Hassel have found this vulnerability in Xbox live and his parents have found that he is logged into his father’s Xbox account using just space bar!

When his father have asked how Kristoffer Von Hassel have actually did this then he told his father that first of all he added the wrong password and then simply he have pressed the spacebar and got the access to his Xbox account !

Well, spacebar was the backdoor of the Xbox live system and it was there for the testers and they forgot to remove the backdoor from the Xbox.

After knowing this issue Kristoffer’s father have reported the vulnerability to the Microsoft and then the Microsoft gave the security acknowledgement to the Kristoffer Von Hassel :)
Read More

How ANGRY BIRDS Sharing Your Personal Data with government intelligence agencies

Posted by SiddhartH SolankI

When you are going to install any application in your Smartphone you may have noticed that every time you install the new application it asks the permission to access your data! And in one or another form the application is collecting your personal data. One of the Security Researcher Edward Snowden have found that the most popular game applications like Angry Birds sharing all our secret information with the government agenesis like NSA.


How ANGRY BIRDS Sharing Your Personal Data with government intelligence agencies

The government intelligence agencies mostly uses the popular Applications and Popular games to get the personal data of the users  including the GPS location.


Angry Birds is the most popular game available for the Smartphone and other devices and its being downloaded more then billion times. And the ROVIO have shared the users location earlier this month and that’s the 3rd party advertising company.


Angry Birds sharing your personal data with advertising company

As mentioned in the security firm, the latest version of the Angry Birds works with the ad-mediation platform, Burstly and other advertising networks and they are sharing most of the your personal data like name, gender, number and much more information first of all it grabes the data and stores the data to their cloud and then they shares the data to the other advertisement networks! And that’s how they target the customers

Read More