Amfas Tech | Technology, Blogging & Internet Marketing: Hacking

How to Protect Yourselves from WannaCry Ransomware

The Fire Sale is happening all over the world with the massive ransomware (named WannaCry) attack on personal, organizational and government systems and networks by hackers. The predicted WWIII hasn’t started on May 13th but it took a digital course and showed up like this. The courtiers, organizations and government websites have lost massive data on computers.


The brutality has also spread to the hospitals leaving no past records of the diagnosis of patients that cast them away on the hopeless island. What is this WannaCry ransomware? How different and powerful is it from the previous ransomwares? Let dig deep into some analysis and at last we will discuss how to protect yourself and your data from being attacked.




What is WannaCry ransomware?

Just like any other ransomware, this WannaCry ransomware is also a type of encryption virus that encrypts the data on the computer and demands huge amounts of money to get it back decrypted.


WannaCry is named with WannaCrypt, WannaCrypt0r2.0, WannaDecryptor aliases and is spreading rapidly inside the networks like a rat from computer to computer in no time. More than 200,000 computers were infected over 99 countries including the health systems, parcel services like FedEx, police department websites in India and so on.


Sounds scary? It should be

This might sound scary to you as it should be. Ransomware is one of the most annoying virus that a computer catches. Once it is attacked, we will have two options left, one is to pay the huge amounts and another is to format the whole computer and reinstall the operating system fresh.


For individuals, there won’t be important data other than family and friends; photos and videos. As there are unlimited online storages available to us like the one Google offers us on ‘Photos’ app, I guess this won’t be a problem; One can easily format the whole computer and have a fresh copy installed.


If you have any important documents and files on the personal computer, it is a scary situation for your too. Organizations will have to lose unbacked up data once they are attacked with this virus however.


Which computers are at risk?

Computers running on Windows operating system are vulnerable to WannaCry encrptor virus. The virus is focused to exploit forcefully on Windows 10 as well. That means, the previous versions like Windows XP, Windows 7, Windows 8.1 aren’t safe either.


Preventive measures to WannaCry

Just like it is said that prevention is better than cure, it is always better to take precautions to safeguard yourself and your data on the computers. These preventive measures can be applied from personal computers to organizational network of systems.


Allow Microsoft updates

The only one who would protect you from being attacked by WannaCry or any other future deadly virus is the original software developer himself – Microsoft, in this case.


Microsoft has already released the patch for the underlying vulnerability so recently and you can expect it anytime via OTA. Fortunately or unexpectedly, it has also released updates for the support stopped operating systems Windows XP, Server 2003 and Windows 8. This gesture is most welcomed by the Windows users from Microsoft.


Microsoft patch update MS17-010


Customer guidance for legacy platforms (older operating systems)


Disable SMBv1 if not able to apply the patch,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012


Allow antivirus updates

Let the antivirus software that you are using on your computer install virus definition updates automatically. Let your antivirus company work this out for you.


AVG antivirus WannaCry support page


Symantec WannaCry solution (Norton)


Norton WannaCry community page


Kaspersky forum page for WannaCry


Do not download suspicious files

Some files on the internet would be droolsome. You would want to download them without even knowing who sent them or what are they. If you do it, that means you have fallen for the bait of the hacker.


Do not download any suspicious email attachments or torrents without any knowledge. If you get any attachments from your friends, call them up and ask if they did it themselves or it was unintentional. Figuring out the authenticity of the emails will reduce the risks of being attacked with WannaCrypt virus.


Stay away from popups and downloads for a while

If you don’t have proper knowledge on computer and internet security, better stay away from downloads for a while, at least until you get the software patch updates to your computer OTA.


Most of the download sites will open popups unknowingly which may take your input actions as trigger and exploit the ransomware on to the computer. I recommend you to stay away from downloads for a while.


Always have backup of your data

It is said thousand times and over again. Always have a backup of your data to control the damage done by this such new viruses on computers. Always have your data synched on to your Google Drive or online secure place. Even having it on the other disks as local copies is appreciated either.


Already infected with WannaCry?

If you notice a screen locking down your computer and asking to pay money to decrypt, never be intrigued to pay a dime. This not only encourages the hacker but also doesn't guarantee over the recovery of the encrypted data.


To get back your data, follow the instructions provided by the following country computer emergency readiness teams. Here are the solutions offered by corresponding country governments for their citizens to fight against the attack.


US-Computer Emergency Readiness team -


National Cyber Security Center UK


IN-Computer Emergency Readiness team


Cooperative Republic of Guyana security


Homeland Security-Washington


Singapore-Computer Emergency Response Team


Government of Philippines


United Arab Emirates


Government of Israel






I have tried to bring together at my reach all country wide instructions to fight back against WannaCry cryptor. Comment below if you need any help regarding the information and identification of this ransomware in your system. I will try to help you at my reach.

Continue Reading

How to Know the Birthday of a Person with Gmail ID?

Birthday is not a public piece of information that one can show off. It isn’t even displayed publicly on an internet profile unless the user wants to share it. So, this following technique is not actually a hack but a feasibility of the Google/Gmail technological interconnection.


Expected reader’s knowledge level: Smartphone users, Gmail ID account holders.


Everyone has an email ID today because of the smartphones. As the android, which takes the 80+ percentage of all smartphone users, need a Gmail account integration to work with the promised functionality. This integration is synchronizing the data onto Google clouds eventually.


So, keep that in mind as I walk you along the process of finding out the birthday of a person with Gmail ID.




If you even wanted to know the birthday of a person and you know their email ID (Gmail), just add them to your contacts.


If you even closer to them and have rapport to communicate over email. Send them an how-about email and let it be added to your contacts automatically.


You don’t need to add them specifically if communication is established on both ends with that email ID. By this, their email ID will be added to your contacts.


Now, take your android phone and add the email ID of that person to his number in your contacts (if had any).


Go to sync settings and sync Google calendar with your native calendar app. This will synchronize all the important dates and birthdays onto your mobile phone calendar.


Now open the calendar app on your Android phone and check what has been updated. You would see new birthdays added to your calendar. If you had added the email ID to the phone number, it would be much easier to identify the birthday of that person. It will then show the birthday with the name that you have given in your contacts to him/her.


It’s that simple!

Continue Reading

How to Protect Private Data from Hacked Myspace Account

Myspace login accounts were compromised by a suspected Russian hacker group and made them available in the hacker forum. The notification is officially sent through email by the Myspace team with instructions to safeguard the account. I’ll be walking you though the process of protecting private data from your Myspace account in this article.


This is not he first time Myspace has been under attack. The potential threat to the Myspace is the out casting of the accounts for longer periods. Hackers who have been observing the decimating of the Myspace social networking platform had exploited some attacks recently where they revealed the private data of the users on hackers forum.


Like any social networking platform, Myspace also have the user privacy protecting mechanisms if which are not taken care will turn against their own will. If you are having a Myspace account and though you are not using it anymore, follow these tips to keep your private data more secured and non-hackable.




I have no much details on my Myspace account. Should I still worry?


Don’t settle down with ‘No much details’ thing. Anything that has to be seen behind the password wall is a protectable detail.


Follow these steps and take recommended actions to protect private data from hacked Myspace account.


1. The first and foremost action to take it to change the password of your Myspace account. Because it is the first door to step-in for the hacker. It at least blocks the hacker from accessing your account another time.


2. Set your profile accessing permissions to private. Do not allow access to public visitors to see your profile. Go to Settings > Privacy and set the Profile Privacy to Restricted Profile.




3. Myspace’s ad-technology uses your personal and registered information to deliver targeted ads based on your interests. Choose not to receive such emails as they can pose more threat to the personal information if their ad-technology get hacked.


Go to Advertise from the Privacy options and select I do not want to receive


4. If you are no more using the Myspace account and you don’t want to delete it, better remove the photos from it rather than leaving them for predators – especially ladies should take care of this.


5. Also remove the profile information like the place you live and phone number if any given. Make sure the hacker won’t get access to your contact details which can worsen the situation.


In case of precise security measures, removing photos from the profile also helps you protect the private data from a hacked Myspace account.


Hope that helps!

Continue Reading

Disable Automatic Updates on Windows 10 & Save Bandwidth

Windows 10 is claimed to be the best operating system ever developed by Microsoft. Unfortunately, it bagged haters more than the fans with forcible restrictions like incompatibilities with the old hardware (even of 2 years old) and no control over the options like operating system updates.

Hardware incompatibilities might be because of the advanced technologies that are used to build this operating system but the customization is what people carve for when it comes to the software. Microsoft is known to be signing up deals with the computer manufacturers to make the future computers compatible with only the Windows 10 but not down-versioned operating systems if Microsoft.

One of the uncontrollable options that Microsoft Windows 10 has is the control over the automatic updates. Windows users are wondering why this option is not made user controllable.

There are two obvious reasons why Microsoft would have made the automatic updates essential. One is that they might have afraid of losing their subscriptions if automatic updates are allowed to be disabled. The second reason relates to the security of the operating system.

Are automatic updates bad?

Any update the a digital device gets from the vendor is not bad at all. It might have bugs but the motive of that update would be to improve the user experience and enhance the security.

The automatic updates will keep your system patched with missing functionalities, security updates and improve user experience. In fact, it is always better to keep the updates to download and get installed automatically.

Then why disable automatic updates?

The top 3 reasons that I found in my experience to disable the automatic updates are,
  1. Frequency of updates
  2. Updating while working
  3. Consumes all bandwidth
1. Frequency of updates – It would be great to get updates weekly or monthly. But, Microsoft sends updates to Windows 10 daily (including Windows Defender virus definitions). The update frequency of Windows XP. 7 or 8 and 8.1 were not used to happen this often.

2. Updating while working – Updates are supposed to get downloaded and installed while the system is left idle. It would be distracting and interrupting to get updates while working. The whole computer might lag or or the piece of software that we are working on might not respond properly. It would sometimes leads is to restart the computer which might cost the loss of unsaved work done.

3. Consumes all bandwidth – It is the major problem an average windows 10 operating system user would face with updates. It consumes all the bandwidth to download the updates always and halts the programs to install them sometimes.

Countries like India are ranked last in internet speed in a recent survey. According to the survey report generated by Akamai Technologies Inc., the average speed of the internet in India is just 2.8Mbps. If it comes from a ISP like BSNL, the speed would be the 10% of the promised. That means, if they promise you 4Mbps, you would get 400Kbps only.

In that sense, how good is to get updates while working on the internet? It would not only slow down the process of loading websites, but also wastes a lot of time.

How to disable automatic updates on Windows 10?

Disabling automatic updates on Windows 10 is a bit tricky. You won’t be finding the option straight on the update console. Take a look at the screenshot below if you want.


But, still you can access the controls to enable or disable the automatic updates from ‘Local Group Policy Editor’.

Go to Windows Search, type Edit Group Policy and then navigate to the following path.

Administrative Templates > Windows Components > Windows Update and double click on ‘Configure Automatic Updates’.


Set the option ‘Enabled’ to ‘Disabled’ and click ‘Apply’, then ‘Ok’. Restart the system once and you are now relieved of automatic bandwidth eating updates on your Windows 10 computer.

Get Windows updates manually

If you want to get the updates manually, open ‘Configure Automatic Updates’ and select ‘Enabled’ from the configuration options and select ‘Notify for download and notify to install’ option from ‘Configure automatic updating’ settings.


Watch the following video for the live instructions:

Continue Reading

Beware of Ransomware! Prevent, Protect & Recover Your Data

Ransomware might sound a new word for some of you. It is one of those blackmailing software programs that will get installed on computers silently and takes control of the data on them. Unlike malware, adware and other kind of viruses like Trojans, Ransomware programs will not exhibit any misbehavior of computer software programs but will demand for money.

What is this Ransomware? Why will it demand the user for money?

Ransomware, being installed, once installed, will encrypt the important data on your computer/network without asking for your permissions and will blackmail you in order to you to access the data by decrypting. A window or notification which cannot be closed will be displayed on the screen showing a countdown clock giving you the time to pay the money to safeguard your data. If you neglect, you data might be deleted or never be restored again.

Encrypting the data? Doesn’t that mean my data is safe?

You data will be safe as long as you have control over the encryption and decryption procedures. How could it be safe if it is encrypted by some unknown person leaving you no way to decrypt unless you pay some money in return?

How a computer can be affected?

Ransomware takes different forms. It will not enter into your computer just like a software program.
Via Emails – Hackers will try to inject the program as an attachment in email with different file extension which will be exploited once the file is downloaded and tried to open.
Via Security Loop Holes – Hackers will be hunting for the security loop holes to inject the virus programs into our computers. That’s why software vendors advise users to regularly update their software with new patches and upgrades.
Via Freeware – One of the major virus transmission media is the freeware. Hackers consider freeware software as the potential method to spread viruses to take control of users’ computers. After all, not all freeware software programs are virus prone but, be careful while downloading them from source.
Via Cracked Version Software/Game – Only 30% of the computer users buy software genuinely. All others just download them from internet. A computer means only the hardware for most of the people but software is the one that costs 10 times more than an average computer.
A cracked version of the software/game of game might give you full access but it also brings many security risks along with that. Remember that your anti-virus or firewall programs are not invincible enough to block every attack and data slip.
A recent ransomware attack exploited the popularity of the game Minecraft by offering a “mod” to players of Minecraft. When they installed it, the software also installed a sleeper version of ransomware that activated weeks later.
I wonder if you are not thinking about the reason why the IT industry discourage the using of some popular legacy software programs like Windows XP, Adobe Flash etc.

How to know if my computer is infected?

Ransomware is not stealth-ware. It exploits right away at the time it enters the computer or exploits after some time like ‘mod’ ransomware of Minecraft. However, you will be able to see a window or undeniable notification opened with a countdown timer. So, better not search for it and delete other files in suspicion by mistake.
You will be given instructions to pay for the hacker to decrypt the files which would be notified to you in time.

My Computer is infected. What to do now?

Before you scream it out, ask yourself the following questions,
  • Do I have any important data on the computer?
  • If my important data is still accessible?
  • Do I have a backup of the data? If yes, to what extent?
The above three questions answers your tension about this kind of virus. Generally ransomwares uses RSA 2048 encryption technology to encrypt the files on the victim’s computer. An average desktop computer will take 6.7 quadrillion to crack the 2018 bit RSA key if run without turning it off.
Not only you, the ransomware countdown timers also won’t wait till you develop a crack for the encryption and build a super PC. So, there are limited options for you now.
  1. To wipe all the data on your hard disk and make it new again
  2. To safeguard the unaffected data onto another safe drives (preferably cloud drives like Google Drive, One Drive and so on)
  3. To restore the latest backup
Before you take any further step, make sure to take the following actions in order to avoid spreading or re-affecting of the ransomware.

Action #1: Disconnect from network

Disconnect the infected computer from the network to avoid the further spreading or damaging of data on the other computers on the network. Ransomware can easily spread through shared files, folders, networks and USB thumb drives.
Cloud storage drives might restore the data as they maintain better security measures to storing the data from millions of users. For better recovery results, better to disconnect even though not connected to any network and only connected to internet through modem.

Action #2: Calculate the scope of recovery

Some files may not be affected because of the security programs you are using to lock or encrypt them. Check the list of files that you can still access and move them on to cloud drives or another safe drive as a precaution.
Some ransomware will list the encrypted files in the registry. This might help you separate the affected files and programs from the unaffected ones. Search on the internet for better knowledge of the ransomware that is installed on your computer.

Action #3: Check for security holes on your network

In general ransomware does not spread over the network like other malware programs. They will only encrypt the files that has direct access to. If you see the ransomware spreading through the network on all/any other computers, it means that your network system has got some security loop holes. Better take care of it first.

Wrapping up with a solution

The best solution for ransomware infection is that restoring of the backup. It is the ideal solution that gives maximum best result than trying out 3rd party decrypting software. If yours is an organization or a company, backup is an essential security mechanism that you should afford at any cost.
Try to restore files from backup at most extent. If you have not taken any backups, you may have to lose some money or data itself. If you have no important data in the computer, try to wipe it off completely (not formatting). Wiping off the data will erase the file table on the drives and cleans the hard disk as new as it was when bought.
If you even can’t wipe off the data or the encrypted data is important and it is the only copy on your computer, better to take a step down and pay the hacker for decrypting them. Because data is the only weakest asset of any individual or company in digital era.
Once the data is restored or recollected, take precautions for the next time. Use the best security programs and take regular backups to other secured computers or cloud. Train the employees in case of a company. Research and make a list of ransomware programs and block them right at the firewall. Keep the anti-virus- anti-malware and anti-spam software updated with latest definitions and never ever try to use patched security software.
There available some ransomware decryptors developed by popular security software organizations like Kaspersky and Cisco to fight specific ransomware programs like CoinVault, TeslaCrypt and Bitcryptor. Let’s hope the other security software companies also come forward and develop better solutions to keep our data safe.
Wish you a #SaferInternetDay
Continue Reading

Essential Guide to Avoid Major Online Hacks and Scams

The question about online security does always finds a new security vulnerability from time to time. The so called safe SSL has found serious vulnerabilities named as heartbleed bug in the past. The default internet browser, internet explorer of all versions has also been found vulnerable by Microsoft itself before hackers exploit by using it. It was said that the bug that is found in internet explorer is also a deadly vulnerability. Microsoft responds to the issue quickly and releases a patch including for Windows XP.

Though you install the powerful anti-virus on your computer and use strong firewall rules, you cannot stop this unless you get some awareness about the type of attacks and how they are executed.

As a part of our self-claimed responsibility, Amfas Tech always tries to bring awareness about the online scams, hacking, computer, mobile and online security issues from time to time.

Let us see some major type of hacking techniques used by the hackers on internet along with their preventive measures at their best.

Online Scams – Hackers always feed on victims ignorance and desire to earn easy money online. We have also seen some famous online scams in the past while we are discussing about the online security. Of them, email scammers are most famous ones. You cannot expect to stop receiving these kind of emails because of the security vulnerabilities in the technologies.

There is a misconception that the victims are old aged people but the statistics show 30% of those victims are youngsters under 30 years of age.


There is a cyber crime control center, the Internet Crime Complaint Center ( that works along with FBI(federal Bureau of Investigation) and NW3C(National White Collar Crime Center) to eradicate these cyber hacks. In 2013 alone, quarter million complaints were were registered as per the annual crime reports of IC3. What about those who never complained and those who don’t know how to?

Rather than clicking links in emails, book your frequently used website links like insurance company, bank etc.., and use those bookmarks every time you visit that site.

Don’t fall for the unknown lottery ticket and fortune transfer scams. Think about it a second before you respond to them. How could you think an unknown person would transfer his million dollar fortune to you? Be smart!

Phishing – We have talked about phishing so many times in the past and also have seen demonstration of how can a facebook account can be hacked using the technique. The theme of the demonstration is the reason for the major icloud hack that happened on famous celebrity digital devices in the recent past. Can you think that a device which is protected by the secure protocols and powerful encryptions technologies be cracked simply? No! never unless you are careless.

In the case of icloud hack, there is nothing wrong with the Apple side but the user’s. The celebrities have fallen to the phishing links and the world started blaming Apple. A phishing site is actually an imposter of the original website to snatch the sensitive details like credit card information. The hacker designs the website to look like the original one and baits an email to the victim. The victim then hurries to keep his/her account safer which is not actually.

Do check the URL of the site twice(including the spelling) on which you are going to punch your sensitive data like password and credit card information. Use 2-step verification process to make any transactions online. Using mobile and email verification codes makes it harder to hack.

Generally, sites that take credit card information would be secured with SSL security over HTTPS protocol. Also check for it before you do any thing drastically.

Massive data Breaches – The above two methods practiced by hackers focused on an individual victim where as the massive data breaches costs the privacy loss of number of individuals collectively. Hackers target POS systems to hack the data in bulk. Computes at retails stores and small companies should be protected against such breaches. The recent “Backoff” virus is a pure proof of vulnerability in POS systems. The recent hacks of Home Depot, Target and other major retailers have compromised millions of credit cards and revealed their information.

Hackers will sell the bulk hacked data in internet forums to those who are willing to buy. The recent happening of Russian hackers selling out millions of Gmail IDs along with passwords on the internet has been found to be one of the major hacks of the year 2014.

So as to keep the databases like retail systems secured, Microsoft have already suggested businesses to upgrade to latest operating systems in the past. But still number of businesses cannot afford to get an upgradation. Also, it is necessary to host your data in secured dedicated servers that serve data on proper authentication only. The reason why I said dedicated server is because there should be no sharing of computing and storage resources that may raise conflicts in case of wanted security to your data.

Upgrade your businesses to secure servers. Choose a right company that can provide you right solution to keep your data safe. Because maintaining security of data is showing your loyalty to customers.

Using very unique transaction passwords and monitor your credit card and financial statements from time to time might help you keep conscious at least about the hacks.

October is awarded as the National Cyber Security month by the FBI of San Diego division this year. Regarding the event FBI have advised to implement some security measures to keep yourself safe online. Go through their instructions also to learn more about online security.

SingleHop, the cloud hosting services company took a campaign to spread the word of online safety and has been encouraging bloggers by providing necessary useful information in PDFs to spread the same through their blogs.

Amfas Tech wishes all the best to SinlgleHop and we’re proud to be a part of the campaign. #StaySafeOnline.
Continue Reading

Watch 18+ Videos on YouTube without Signing in

'YouTube' is the most popular video streaming service that any internet user is aware of. The videos in it are being protected with policies including child safety. So as per them, it won't allow videos that are not recommended for users under 18 years. You might have came over this issue when you tried to watch the videos from YouTube without signing in. But signing in at all times is definitely not a smart move to go on with.

Note: This article doesn't motivate children to bypass the restriction, but to enable the quick access to YouTube service. Amfas Tech is not liable to the consequences there after.

Follow the process carefully to access 18+ YouTube videos without signing in.

Step 1: When you try to watch a video without signing in, it would look like this

Step 2: Observe here the code gHGDN9-oFJE represents the video you wanted to watch.

Step 3: Simply add ?fs=1& at he end of the video code in the URL. This removes the 18+ restriction on that video.

Continue Reading

Hide My IP Software Review: The importance and need for IP hiding

IP address is your unique identity on the online planet. Anyone can easily identify your location based on IP address of your connected device. Showing up your IP address publicly will has its adverse effects on both sides of the situation.


Some websites in the internet cannot be accessed in some countries. Because of the restrictions posed by their governing laws, you would not be able to access those websites freely or completely. As internet connects people with the rest of world, irrespective of the countries, there is a need for unrestricted access to websites.


All the banned websites are not actually bad websites. For example, Google was banned in China as the country thought that it violated their laws. That doesn’t make Google a bad website for the rest of the world too. Visitors of China would want to access the Google’s website which they cannot and it would be hard for them to switch to any other search engine all of a sudden. This brings up the necessity of hiding of IP address.


Also, when you connect to internet, some applications and software might track down your location and can manipulate the results that suits for you. This open book online activity creates a vulnerability on your side and a sweet spot to hackers. If you remember the flying ads on some websites saying that some [local name of a girl] is waiting for your in [location], you would understand what I mean clearly.


What is Hide My IP and how to download it?

Hide My IP helps us to hide/mask our IP address on the network with fake one’s and enables anonymous web surfing by encrypting our internet connection thereby protecting our privacy.


Features of the software:

  • You can surf the web anonymously
  • Protects your identity online
  • Encrypt your internet connection
  • Prevent the government from spying on you
  • Send anonymous emails
  • 30-days money back guarantee

Hands-on the application

Downloading and installing the application has no strings attached. I’ve not faced any hiccups in installing the application on my PC.


When run, Hide My IP shows up the real IP address on the network along with the safety masking/encryption options.


shows up real IP on start up


Choose you IP rotations, location and click Hide My IP button to start hiding your real IP address. It would then show up with you new and fake IP address like as shown in the following screenshot:


fake IP


You can even configure the software for different browsers. Click on Advanced Settings and it allows you to choose the header privacy and SSL encrypted connections.


browser settings


Hide My IP even allows you to control the IP hiding for web browsers and internet applications alone. It even allows you to run this software for specific applications.


With Hide My IP, you can,

  • Hide your real IP on computer startup itself
  • Rotate IPs for more security
  • Clear cookies on changing to new IP address
  • Control browser header privacy
  • Encrypt the connections with SSL
  • Choose a desired fake IP location
  • Control the program’s integrity with the some applications specifically

You can buy and download Hide My IP from this link.


Download trial version

You can even download the trial version of this application that allows you to use the software for 7 days without any restrictions to the premium service.


Share your opinions on the software after using it. We’d be happy to hear your thoughts on this.

Continue Reading

LastPass Account Got Hacked? Here Is The Safety Guide

LastPass, the online login credentials safety vault was hacked yesterday and the team notified the issue to their users through an email. The email says,


We wanted to alert you that, recently, our team discovered and immediately blocked suspicious activity on our network. No encrypted user vault data was taken, however other data, including email addresses and password reminders, was compromised.


We are confident that the encryption algorithms we use will sufficiently protect our users. To further ensure your security, we are requiring verification by email when logging in from a new device or IP address, and will be prompting users to update their master passwords.




We apologize for the inconvenience, but ultimately we believe this will better protect LastPass users. Thank you for your understanding, and for using LastPass.


The LastPass Team


They are pretty much confident about their encryption algorithms in protecting their users. However, they recommend the users to update their master passwords.


Besides updating the master password, there are certain things that you better know about, to ensure more security of your LastPass account.

  1. LastPass, as they claim, implements very good encrypting algorithms to secure their users accounts. They have intelligently designed cyber attack response system which raised the alarms this time.
  2. LastPass don’t have access to users’ master password. They use numerous rounds of complexity to their hash algorithms making them difficult to be hacked.
  3. The guess attacks will not crack LastPass’s algorithms. The unique string inclusions in encrypting the algorithms helps them keep these kind of attacks go ineffective in the beginning itself.
  4. Though the attacker guesses your weak master password, you data vault will not be exposed to him. He then will be asked to complete email verification(because login from a new IP address or location triggers the security breach alarms and activates the counter measure instructions).
  5. Do not use your master password for any other website.
  6. Enable multifactor authentication for your LastPass account for added security features. To enable so, go to your LastPass vault > Account Settings > Multifactor Options.
  7. Never disclose your master password even to LastPass team.
  8. Check LastPass security updates on their blog. Emails might be misleading.
Continue Reading

How to Secure Your Website from Hackers

This guest post was contributed by Caroline on behalf of Secure Thoughts, one of the best possible online sources for information regarding internet security.


Hosting a website can be very useful in the Internet Age. But if that website is not protected, then you, your data, and the data of your visitors, clients, and potential clients is in danger. Thus, keeping your website protected is of utmost importance. Fortunately, there are simple steps that can be taken to protect your website from these hackers:


How To SecureYour Website From Hackers


Stay Updated and Up-To-Date on Everything

Staying updated and up-to-date is the most important and simplest means of protecting your website from hackers. But staying “updated” means several different things:


First, stay updated with the latest news and information regarding the most current hacking threats. You can do this by paying attention to trustworthy periodicals, websites, blogs, podcasts, and radio programs that focus on the nature of hacking, current hacking threats, and computer security. By doing this, you will be better aware of the dangers threating your website and will, thus, be able to take proactive measures to prevent being hacked.


Second, because hackers are constantly devising new ways of infiltrating their target, it is necessary to keep all platforms and scripts up-to-date. After all, platforms and scripts are often times updated in order to better protect the user from these destructive and hostile invaders.


Third, install all the latest security plugins for the platforms or scripts used by your website and update them as soon as updates are released. Security updates are created for a reason: They are there to protect you and your website.


Further, there are also many third-party security applications that can be used with various platforms or scripts. These can provide an added layer of security. Prices vary with some, like Acunetix WP Security, costing nothing at all. In any instance, a little bit of research can go a long way to discovering which of these might be useful for your website and keeping your website more protected.


Put a Firewall between Your Website and the Hacker

Nonetheless, even by staying updated and up-to-date, your website still remains vulnerable. A web application firewall (WAF) better alleviates this vulnerability by reading all of the data that passes between your website server and the data connection. Reading this data means that known malware, Trojans, spyware, or other unwanted entities can be traced to their origin and deleted before they infect your website or computer system. Thus, your data remains a bit more secure.


Protecting Your Website Means Protecting Your Computer

Defending your website does not only require, however, that you build a layer of security around your website. If a hacker wants to access your website badly enough, he will stop trying to break the lock on your window and steal the key to the front door, that is, rather than hacking your website, he will attempt to hack into your computer system. There, he can gain access to your website as well as all sorts of other personal information.


The first way to protect your computer is reactive but still effective: install anti-hacking software and run it regularly (at least once weekly but daily if possible). Find any unwanted entities left by these hackers and then delete or quarantine them; this can be one of the more effective means of removing the backdoors hackers may have placed on your computer.


A second, more proactive, and, thereby, more effective means of protecting your computer system (and website) is to prevent hackers from first accessing the gateways to your personal files and folders that constitute it at all. Perhaps the most efficient means of doing this is to install a virtual private network (VPN). Essentially a VPN uses a third-party server to encrypt your data whenever you access the internet. By using a VPN, a hacker will be unable to trace your internet usage back to you: it will be re-routed to a server elsewhere. The data you share online is thus secure and, so too, is your website. You can research more information about VPNs to find the one that has the features that are right for you.


Closing Remarks

In short, while there are many other ways to protect your website from hackers, the simplest way is by combing these three dimensions of security: 1) stay updated and up-to-date on everything, 2) use a WAF to trace information as it travels between the website server and its data connection, and 3) prevent entry into the website indirectly through the use of anti-hacking software and a VPN.


* If you have any complaints regarding this guest post, please don’t hesitate to contact us.
Continue Reading

WhatsApp Video Calling Feature Link is a Spam

The voice calling is done and WhatsApp has been thinking about introducing video calling feature for its users. But the official statement or the update is not yet released and it strike an idea in hackers’ minds to cash in the enthusiasm of WhatsApp users.


Recently, WhatsApp users have been receiving a message with a link from their friends’ circles saying that it will update the application and enable video calling feature. The link is not actually an official updater but a hackers’ bait for WhatsApp users. It is found to be uploading your sensitive information and contacts list on your phone to hackers’ databases.


Beware of WhatsApp spam


How it works?

Just like many other average spams, this video calling feature spam also impersonates the original updater like UI when clicked on the link. It will show a progress bar mocking the update in front and will be uploading your information in the background. After it is completed, it will then be propagated to your friends’ circles and the same happens to them too.


How can we say that it is spam?

If you are using WhatsApp since last two updates, the voice calling feature and material design, it would be easy to recognize this as a spam right then. All the previous updates were applied by getting a call from voice call enabled WhatsApp friend or from Google Play application update service. Isn’t it? If so, why would you get a separate unknown link to update it this time? Do you think updating the application through third-party link is safe?


If you have clicked on the link and have seen that progress bar UI till completion, check now if you got any such feature enabled on your WhatsApp. Definitely, you won’t.


How to keep yourself safe from this scam?

It’s simple. Don’t click on the link you receive from your friends through messages. WhatsApp can propagate coded messages that can easily track your details in seconds. If you are aware of messages like ‘share this message and see the red apple moving’, you could imagine the range of vulnerability.


Be safe!

Continue Reading

Ask Google About Your Lost Phone Now | Type “Find My Phone” in Google and Find Your Phone on the Map

Google have introduced an useful application in its search engine that finds our phone and locates it on the map.


To find your phone, go to and type “find my phone” (without quotes) and see the magic.


Take a look at the screenshot to know how it works:




When you type “find my phone” in search engine, it automatically finds the device, place and accurate distance.


You can simply send a ring if you dropped it somewhere at home or in car and searching for it. It rings with a different ringtone louder than usual and so can you find it easily.


Not showing your phone location?

If “find my phone” in Google is not showing your phones location, that means you have not enabled location sharing on your phone. You can enable it from the browser itself by doing the following.




Step #1: Sign in to your Google account by clicking on Sign in button if showed.


Step #2: It might show this following error if location sharing is not enabled on your phone.




Step #3: Click on Allow button to enable your device’s location sharing from your browser.




It then locates your device and shows the exact location within some accuracy. For example, take a look at the screenshot of my Moto E2 phone that I have tracked earlier.




To get access to this screen,


Go to and login with your Google account that you used on your device. This screen will give you more controls than Ring. You can even Lock your device or Erase your information from it in case it was lost or stolen.


NOTE: You cannot track your device if it is rooted, Google account signed out or factory reset. This feature of Google cannot completely help you get your stolen phone back. So, don’t quit the idea of filing a complaint in nearby police station. It might be more easy to track with their help.


Won’t that make Google password secrecy more serious?

Yes! of course. It does. Sharing your Google password to your friends and others can give some control over your phone and content for sure. So, better not to disclose your password of the Google account that you are using on your Android device.


I don’t want Google show my location. How to hide my location?

You have full control over this feature. You can turn this off for your security purposes, just like the one you saw in a screenshot above.


To hide your location on Google, go to your phone Settings > Location > Turn Off. It then goes unavailable on Google when searched.




Always remember, you can gain control over the phone’s Ring, Lock and Erase features even though the phone’s location sharing is turned off.


Hope that clears all the doubts.


What do you think? Is it safe or vulnerable? Share your thoughts in comments.

Continue Reading

Quick Hack & Search Trick: Download AP SSC Hall Tickets 2015

SSC exams for the students of Andhra Pradesh are so near and hall tickets were made available before they are given to students in schools. Enthusiastic students who wanted to know the details about their examination centers can go to this link and download their hall tickets prior they are given in schools.


Wait! I’m not here to give you the ‘edu’ kind of information. I am a techie, I always look for an easy way to do any task.


Obviously, the website have three combo boxes which show up list of details up on selecting the prior one. Scrolling down the vast list of schools and name will take a heck of time and the worst thing is you may not find it in the first time itself.


Sneaking code to quick search

Step 1: Selecting your district first and it will make the schools list visible.


Step 2: Select a random school from the list and wait till ‘Select’ appear on the third combo box.




Step 3: Now, right-click on anywhere on the webpage and select ‘view page source’.




Step 4: It will now open the source code of the webpage in another new tab. Press CTRL+F, type your school name and hit ENTER.


Step 5: Your school name will be shown highlighted in the code. Find the code of your school that resides right beside the name and note it down.




Step 6: Now switch back to the hall ticket download page and you can now easily find the school name based on the serial number code that you noted down in Step 5.


Step 7: You can also search your name if the student list is also vast, by going on to the ‘view source code’ page again doing what we did in Step 4.


Hope that saved your valuable time. Say after me, Hackadackadooo!!

Continue Reading

Bug Found on WhatsApp Web Photo Sync

WhatsApp after being taken over by Facebook have undergone some dramatic changes within sort time. Recently, we have also seen WhatsApp introducing the WhatsApp web that facilitates to chat with the WhatsApp contacts right from your desktop.


This features could not attract the customers as it needs to have WhatsApp running on the phone already. But it was expected to have the feature that can help to use it as Facebook without the intervention of the smartphone again. Apart from the expectation, using WhatsApp on desktop without lifting off your hands on your keyboard is somewhat useful.




Meanwhile in India, a 17-year-old boy named Indrajeet Bhuyan found a bug on WhatsApp web photo syncing feature. He demonstrates that WhatsApp on web refreshes for every message sent and received making it synched between the two devices. This works fine in case of text messages, but with the photographs that are sent is not working.


The photographs sync finely with web but then deleted from phone, they will still be available on web.


Check out the video demonstration by Indrajeet about this bug:


Continue Reading

Malaysian Airlines Website Hacked by Lizard Squad

It is not the first time, Malaysian Airlines appearing in hot news and this time it is not about missing of the plane but it is about the cyber attack on their official website.

Yes! Malaysian Airlines official website is hacked and the havoc come in cyber form this time to them. The official is defaced by Lizard Squad hackers. The website has been replaced with a lizard-man in a tuxedo with a smoking pipe in mouth(a morphed imaged).


The image is followed by the credit text “Hacked by LIZARD SUQAD – OFFICIAL CBER CALIPHATE”. They also left their twitter handle on the website. It is not the first time for them to exploit on websites, they have been arrested for performing DDOS attacks in the past.

The worst thing about it is that Lizard Squad tweets about the Malaysian Airlines website hack and he is what it says,

Here is what people respond for their tweet,

Continue Reading

It is not the Information that needs to be free, it’s us!

This article is written by Rohan Chaubey, an enthusiast blogger, presentation designer and he loves writing Inspirational quotes. He is also interested in photography and video editing. He writes on technology, social media, programming languages and self improvement tips.


Ever tried searching for a free e-book on internet? Ever downloaded a pirated copy of a copyrighted material? Ever Google searched for a free download of commercial software that needs to be purchased? Is your Operation system a licensed version?


If you answered the above questions as true or yes, you are probably promoting violation of cyber laws. The reason I made such a strong statement is that we often tend to overlook cyber crimes.


Most of the times, the cyber laws illiterates think or assume that only hackers are the one who commit cyber crimes but they never know that they are too a part of the bad crowd. The reality is far away from the lie they are living in.


It is very much important to understand the term “Hacker”. They are often seen as a bad guy and categorized under the bad light. In my opinion hackers are as good as a cyber expert, lawyer, writer/blogger, internet marketer, etc. and I think they are even bigger super heroes of this internet age where people rely on Google for everything and anything.


To be precise, I think we need hackers!


Let us understand the meaning of the word “Hacker”. A hacker is a person who uses computers to gain unauthorized access to data. But this is an incomplete definition. A hacker can also be a person who tries to find faults in a computer system.


There are various types of hackers. Shocked? Did you ever heard about this before? If yes, that’s good. If not, then please continue reading. The following is the classification of hackers in to various types:


1. Black hat hackers: This type of hacker has malicious intentions whenever he breaks into the system.


2. White hat hackers: Here comes the twist in the tale! The catch is… This type of hackers are the GOOD GUYS. The reason I call then as “Good” because they are the one who are responsible for making your system more secure by finding flaws in them. They are mostly categorized as “Ethical hackers”.


3. Grey hat hackers: Humans cannot always be nice; I hope you agree with this statement. Similarly, the hackers being a human sometimes tend to keep switching themselves between a black hat hacker and a white hat hacker. So, does their behavior depend upon their mood? Yes, mood do plays an important role here but it is mostly influenced by external factors like money, pressure, etc. and internal factors such as resentment, frustration, etc.


4. Elite hackers: Elite hacker is a term reserved for those with the most skill and experience and is considered a social status in the hacker community.


5. Script kiddie: I have another question for you, have you ever been a part of an online forum or community or group that provides scripts that help you break into the system? If yes, YOU are a HACKER; a script kiddie. This type of hackers use automated tools or scripts in order to hack and do not have deep knowledge of the scripts they use.


It took me (the above) 450 words to prove that we all are cyber criminals at some point. So, now I start with the actual message I wanted to convey to you.


I want to ask you another question, why are hackers always considered as criminals or villains?


It was well said by Barnaby Jack, ”Sometimes you have to demonstrate a threat to spark a solution.”


The best example of this statement is here: On 7th November 2014, the time was roughly 7:09 PM IST on the clock when I saw a website named as “Vedic Vatica” (which is of course an Indian site) which was hacked. And I was the first one who informed the site owners about the same. It is suspected that hackers from Israel had hacked it. See the screenshot which I had taken when I witnessed it.




Thereafter the site owners were able to bring their site back into action after some hard work on improving the security of the site. Hence this proves the Jack’s quote to be true! Not to mention that hundreds of Facebook accounts are hacked each day.


I am sure we all are terrified and fascinated by the power that the hackers have; they scare us. But I think they might act as an immune system to the information age as well. I agree that they threaten us but they also find the faults which are present in our work and they urge us to fix it.


Just imagine how helpful hackers could be if they all help us to secure the system.

The next time you hack or crack a Wi-Fi password by watching a YouTube video or hack your score on Facebook while playing games just ask yourself one question: If I am cracking and breaking into the system, so am I a hacker too?


If hacking is illegal why there are millions of hacking footage uploaded over internet every day. Why are they all not removed? Why hacking forums continue to run without any government permissions? Does this urge the common masses to learn hacking? If yes, there will be a day when almost every internet user will be a hacker and all of them will bring down the whole inter-connected network to a halt.


Think about it, it’s worth thinking, isn’t it?



I am not here to support hackers instead I am an optimist who wants to see hackers in a good light. I strongly condemn the problems created by them. But the message that I want to convey to you is that I want people to realize if you keep on seeing or expecting a person to be a bad guy, how will he ever get motivated to be a nice guy? Think over it! And the next time you think of doing any malicious stuff over internet don’t hesitate from tagging yourself as the hacker!


It’s high time to hack your mind towards hacking and not hack the information system because it is not the Information that needs to be free, it’s us!

Continue Reading

How Easy Is It To Hack Into Your Life [Infographic]

We live in two worlds. The real one in which we live just for sleeping and other we live actually like a zombie. Do you think we are safe behind the simple ‘phrase’ locked profiles? Take a look at the infographic to know about it.
This infographic is created by Sloan McKinney, native of Santa Ana,CA. She took up writing about the things that interest her most - technology and pop culture - after being encouraged by her husband, and her brother (who is a reporter).
Here is what she says about the infographic,

We’ve all heard the usual addendum to every discussion or warning about cyber security: we know we shouldn’t name our passwords after our dog and our birth date. We shouldn’t put overly personal information on social media. If a Nigerian prince emails us, asking for $200 that he can easily turn into $10,000 - we know that email belongs in the spam folder.


But as the hacking of the iCloud, Snapchat, and other large conglomerates have illustrated, companies and individuals alike aren’t as safe from malicious intent online as we’d like to believe, and many people fail to realize that even the most tech-savvy person - we’re talking the one with a password made up of seven numbers, five letters, an ampersand and a Spanish greeting - aren’t necessarily unhackable. Even institutions like the University of Oxford and Google have their weak spots that require some extra security.


If you think you’re completely unhackable: think again. Learn the new tactics hackers are using to find out your personal information and take over your cyber-life in this infographic: How Easy is it to Hack Into Your Life?

How Easy is it to Hack into Your Life? 
Continue Reading

Salesforce Announces $1Million Hackathon Event 2014

Salesforce have announced $1million hackathon event for the year of 2014 in the early IST hours of Tuesday. This time dreamforce is planning to award more exciting prizes than the previous year.


The hacking is planned to start on October 12, 2014 at San Francisco and will be continued till 14th. There is not registration fee and all aspirants are allowed to register from anywhere in the world.



Salesforce announced big bounty this year for this hackathon event winners like never before. Prizes worth 1million USD will be distributed to the winners of the event. Only top 10 teams will be awarded with the cash prizes who work on, Heroku, and with Heroku categories. Bonus prizes will also be awarded to the best app for their work in Ruby, Python, Node or Postgres code to the open source community with compliance to their rules.


The 1st best App will be be awarded with $1,00,000, the 2nd best will be with awarded with $50,000 where as the 3rd will be awarded with $35,000 and the 4th will be awarded with $20,000 and the 5th with be with $15,000. The winners from 6th best to 10th best will be awarded with the common prize of $10,000. The awarding of prize moneys are the same for the remaining Heroku app developers as well as app developers.


Four best apps will be chosen from Ruby, Python, Node or Postgres code developers and will be awarded with $5,000 each.


However the first best winner will be awarded with additional $150,000 along with the $100,000 prize making it a huge total of $250,000.


Rounds and Judging Process

There will be four rounds of total in this event in which the filtering of teams according to their performances will be taken place.


The 1st round will be announced at City View on October 12th with the winners who have secured the positions from 6th to 10th in the top 10 list under three app developer categories. The open source developers will be awarded in this round itself.


The remaining 15 teams will go the second round where the 3rd, 4th and 5th position will be announced by the end at DreamForce. The rest of the 6 teams will be forwarded to the third round where the real winners are picked out.


Finally, a solo winner is announced and will be awarded with the huge amount of $250,000.


Agenda of the event



Check-ins for registrants will be opened from 4pm on October 10th. Later the process will be followed by the and Heroku introduction workshops which is then followed by beginning of kickoff coding. The introduction workshops will be continued at 6:30 and 8:30pm and the participants check-in will close at 10:00pm. As the coding challenge continues overnight, it is advised to attend the event with full preparation for staying at night.


The first git commit period starts at 10:00am the next day, i.e., on Saturday, October 11th and closes by 12:00pm along with the team registration on ChallengePost. The second git commit period starts at 6:00pm and ends at 8. The second day of the event also continues with overnight coding.


The final git commit period will start on Sunday, October 12th at 10:00am and ends by 12:00pm noon. No commits will be accepted after the time specified.


The judging will start at 1:00pm on the same day of final git commit and the winners will be announced by the end of 16th hour.


Register your entry now and show the hacker in your to the world. All the best and be careful while packing your stuff for San Francisco.

Continue Reading

Another iCloud Hack: Hacker Leaks Nude Photos of Kim Kardashian and Two Other Celebrities on 4chan Forums

Kim_KardashianIts been hardly a month since the hackers leaked the private photos of Jennifer Lawrence, Kate Upton, Ariana Grande and some other famous stars of Hollywood. This time hackers leaked the nude photos of Kim Kardashian, the famous television personality on 4chan and Reddit.

This is the second time happening of the leak of photographs of celebrity on the 4chan communities. The website authorities and FBI were lounged into action immediately after the leak news was heard. They assures that they are going to take care of the content that was reported to be posted on their website.

It is also believed that the hacker leaked some private photos of some other celebrities including Vanessa Hudgens and Hope Solo on the website. However the recue team have deleted the photos shortly after they posted, but Kim Kardashian is believed to be taking legal action on the predator.

The vulnerability assessment so far says that the photographs were hacked from their private computers and hand held devices. So it is advised to keep their computer’s security get updated by time to time.

How to resist these kind of hacks?

One may not keep his/her digital data safe unless he gets an over all idea of the security limitations on his/her computer or smart phone. However the following tips can help you fight back against these kind of attacks and can keep you safe for some extent.
  • Create strong and complex passwords
  • Keep updating anti-virus definitions
  • Keep an eye on your background running programs
  • Do not install unverified software
  • Be careful while installing any software as you may install harmful crapware by chance or ignorance
Statutory Warning: Do not drink and use computers, smartphones, internet, social media and majorly iCloud.
Continue Reading

How to Track Your Lost Mobile Phone Like FBI

The fear of safeguarding expensive mobile phones from dust and scratches was almost pursued. But the fear of being stolen stays on even after installing so called the best tracking applications on smart phones.


It would not be possible to track the thief if once the mobile phone is rooted or the operating system is reinstalled on the device.


Wait! don’t make up negative conclusions yet. Because the whole tracking story is not a fairy tale. There is an app called Cerberus Anti Theft that tracks the lost phones like FBI. You can even fear the thief for stealing your phone.




How to Download the Application?

Simple! the same way you download any other application on to your Android phone. Go to Google Play and search for ‘Cerberus Anti-Theft’ application, download and install it on your Android device. If you are reading this article on Android device simply click here to download the application now.


Once you install the application, open it and you will see a sign up screen. Fill-in the details and create a new account in Cerberus.


Getting Started with Cerberus Anti-Theft on Android

After Signup, it will show you a welcome screen with information regarding the application of how you can use it and asking permission to ‘enable device admin’ and ‘authorize SIM card’.




‘Enabling device admin’ would give you full control over the application where as SIM authorization would trigger the application when a new SIM is found.


Tap on ‘Enable device admin’ and proceed to ‘Activate’ button.


Also tap on ‘SIM checker configuration’ and set phone numbers to receive alerts. You can set up to 3 external phone numbers to receive alerts.


Configuring Cerberus Anti-Theft on Android

After you are done with the startup configuration, exit the application and restart it once.

  • Now login with the previously created credentials.
  • You can now customize the settings.

Tracking the Mobile Phone

To tack the mobile phone you need a computer with an internet connection.


Go to secured page and login with your credentials. It will take you to the dashboard of the app from where you can control your lost mobile  phone.




You can choose a command from the dropdown and click ‘Send Command’.




The command processing can be seen on the right pane of the window dashboard. This will look like as shown below:




A tracking point will be shown with the location of the mobile on the map in real time like as FBI does in spy and action movies.

  • Using Cerberus you can,
  • Start tracking lost mobile in real time
  • Stop tracking
  • Get device info
  • Get location history
  • Lock with code
  • Unlock
  • Start alarm with a message
  • Display message on the screen that can speak
  • Get call log
  • Get SMS log
  • Can call a phone remotely
  • Can SMS remotely
  • Record audio remotely
  • Take picture remotely
  • Record video remotely
  • Grab screenshot
  • Start emergency mode that will send SMS alerts to the phone numbers previously specified
  • Stop emergency mode
  • Hide app from drawer
  • Sow app from drawer
  • Wipeout memory
  • Wipeout SD card
  • Reboot device

Install this application on your android device and when you found it missing, track down the thief, follow him/her, pull out your hand gun and say “Freeze FBI”.



Continue Reading