NASVERA CYBER WORLD

Today I'll be showing you a step by step way on how to install the worlds most secure OS on a Pendrive. Tails is an encrypted OS that makes you anonymous online and that bundles widely open-source privacy tools on a USB device. it also knew as one of the world's most secure systems. the Tails OS got its popularity after the NSA Whistleblower Edward Snowden  which he used to secure his identity when sharing secrets files with Glenn Greenwald and Laure Poitras . another this to know is that the Tails OS is an acronym for The Amnesic Incognito Live System. The OS is very easy to install on any PC from a USB drive or DVD all its files are encrypted FEW THIS TO HAVE BEFORE WE START 1.A System windows 7 or higher  2 A USB Drive 4GB or More 3. Your Phone, A printer or a second computer. Warnings. Tails does not protect you from everything it cannot protect against compromised hardware, compromised software, or user error! Now Let Get started. step one: get your system to navi...

This Month, the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI),  the Department of Defense (DoD) released a  three full malware Analysis Reports (MARs) on malware variants used by  North Korean government. May 12, 2020: Malware Analysis Report (1028834-1.v1) – North Korean Remote Access Tool: COPPERHEDGE May 12, 2020: Malware Analysis Report (1028834-2.v1) – North Korean Trojan: TAINTEDSCRIBE May 12, 2020: Malware Analysis Report (1028834-3.v1) – North Korean Trojan: PEBBLEDASH The data contained in the cautions and MARs recorded above is the consequence of logical endeavors between the CISA, FBI and the DOD.

DHS CISA and FBI share list of top 10 most exploited vulnerabilities  The Cybersecurity and Foundation Security Office (CISA), the Government Agency of Examination (FBI), and the more extensive U.S. Government are giving this specialized direction to exhort IT security experts at open and private area associations to put an expanded need on fixing the most regularly realized vulnerabilities abused by modern outside digital entertainers. Below are the top ten vulnerabilities in no order of such. click her to check full list

Most people what to be browsing anonymously on the go without needing to install any software on your system buy just with a pen drive of at less 4GB. Tools You need to have is a pen drive of 4GB a system to use and TAILS(the Software) What is this Tails you are talking about? Tails is a live system that aims to preserve your privacy and anonymity online It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer, you fine ur hands-on but leaving no trace unless you ask it to explicitly. It is a complete operating system which is been designed to use on any USB stick or  DVD no matter the operating system on the original computers. This Tails so powerful that comes with several built-in applications and pre-configured with security features in mind: web browser, instant messaging client, email client, office suite, image, and sound editor, etc. Tails is a VPN on its own and it a free software and is based on Debian GNU/Linu...

pt is very important to your organization's system as we are in a digitalized world. as you know information is key and money no organization is free from hackers, some hack for fun, and some form money, here I will show you why it is important for your organization to conduct a pentest one in a while. the reason, why you need a pentest, is that it helps to find vulnerabilities in your system. weather you like it or not, ur system is never powerful enough to stop an attack or it immune to vulnerabilities. there is a rule called the 90/10 rule which says the security of a system is 10% on the software and 90% of a security system depends on the user. once ur system is hacker, even before it is hack u need professionals like   Kevin Mitnick Security  (Security testing isn’t just something we do. It’s all we do. And we’ve been doing it better than anyone, since the dawn of the industry.) reason two is that it helps you reduce a network downtime once in a year ur organization got ...

If you reading this it means u are interested in hacking, are already a hacker or looking to safeguard your system/network from attackers. the tools am about to show you, are tools u need to know in other to be a good hacker  also apart from these tools you can check the free ebooks sections on this site to download them and read. first is  Nessus this tool on it own is very good and a powerful scanning tool, it can scan multiple a site at a time and has a lovey reporting system. NMAP Nmap as we know today is one of the most powerful tool use for assessment when u want to scan a system, it allows you to find open ports and service and  version number  Wireshark Wireshark is one of my own favorite tools that I use to analyze networks. mostly it is used to scan packets that are passing through the network. for u as a network administrator, u can use these tools to troubleshoot your network. Burtpsuite is an integrated platform for performing security testing of web app...

Ruhr University A University in Germany called RUB has recently been attacked with ransomware that causes the university to shut down it It Systems the attack occurs on the 6th may 2020 and lasted for two days, most of it system has been inaccessible due to the hack. the university clam that attackers have no access to its external servers. but its online learning system remains accessible to students and teachers. but the university email remains unacceptable due to the hack. no hacking group has taken responsibility for the hack according to the school's website the management gives instructions to student and teachers  Due to the cyber attack on our univeristy,  all users with a RUB login ID must set a new password immediately. This also applies to so-called combined services that are used to run functional email addresses. Changing the password is a security measure. Instructions and detailed information for students and members of the teaching and administration staff ...

Every Social Engineer targets specific behavioral traits in the victim so as to extract maximum information out of him. These behavioral traits include but are not limited to:    The excitement of Victory Mr. X gets an e-mail stating, “You have won 1 Million Dollars and to claim the winning amount, fill in the attached document and forward it to the email id: email.xyz.com. Switch off your antivirus as it may block the download due to highly encrypted Digital Signature of the documents”. Out of Excitement he switches off his Antivirus and proceeds as ordered and downloads the document and opens it but finds it corrupted. Little does he know that he has just downloaded malware on his machine which allows the email sender to gain remote access to his machine.   Fear of Authority Many people are apprehensive in the presence of someone they perceive as an authority figure, it is not that person they are apprehensive about but most likely the position and power of the per...

Every Social Engineering attack is unique, but with a little understanding of the situations encountered, we can draft a rough the cycle of all the activities that a Social  The engineering project goes through leading to a successful outcome. The below figure shows a general representation of the Social Engineering Life Cycle in four main stages:  FootPriniting>>>>Establishinh Trust>>>>>Psychological Manipulation>>>>EXIT 1. Footprinting: It is the technique of accumulating information regarding the target(s) and the surrounding environment. Footprinting can reveal the individuals related to the target with whom the attacker has to establish a relationship, so as to improve the chances of a successful attack.  The information-gathering during the Footprinting phase includes but is not limited to:  List of employee names and phone numbers  Organization Chart  Department Information  Location information Footprinting generally refe...

SQL injection is a well know and exploited technique that mainly exploited in web enviroment.sql injections allows an attacker to reach the database. which ask the database true or false questions and determine the answer based on the system's response. examples of SQL injections http://victim/listproducts.asp?cat=books SELECT * from PRODUCTS WHERE category=‘books’ http://victim/listproducts.asp?cat=books’ or ‘1’=‘1 SELECT * from PRODUCTS WHERE category=‘books’ or ‘1’=‘1’ Basically, on SQL injection the attacker gets results. Blind sql injections Same vulnerability as SQL injection *Very* common vulnerability Sometimes (wrongly) ignored during tests as unexploitable or not detected The attacker can not retrieve results The attacker can only retrieve a True/False condition example. of blind sql injections http://victim/showproduct.asp?id=238 SELECT * from PRODUCTS WHERE id=238 Sometimes, due to the code surrounding the SQL query (grouped or sorted) the attacker can’t UNION and no ‘g...

Cybersecurity is an increasingly serious issue for the complete world with intruders attacking large corporate organizations with the motive of getting access to restricted content. CSI Computer Crime and Security Survey report for the year 2017-2018 stated that almost half of the respondents had experienced a security incident, with 45.6% of them reporting that they had been subjecting to at least one targeted attack.    Merely trying to prevent infiltration on a technical level and ignoring the physical-social level, cent percent security can never be achieved. A couple of examples can be the scenes from Hackers which shows Dumpster diving in the target company's trash in order to obtain financial data from printouts and the scene from War Games where Matthew Broderick's character studied his target before attempting to crack the password of the military computer system. 'Social Engineering' is a threat that is overlooked in most of the organizations but can easily be...

we are going to make use of Kali Linux, and the tool call SET (Social Engineering Toolkit). to hack any account that we like. so let get started now. The  ‘toolkit’ options we are going used   step 1 Social Engineering Attacks  step 2 Website Attack Vectors step  3 Credential Harvester Attack Method step  4 Web Templates step  5 Input the IP address step 6 Choose facebook First things first power on your Kali Linux machine and open up a  terminal and type in "setoolkit" and you will be shown a welcome screen and attack options to pick from. and we will pick number one coz we are performing social engineering. the next step is for us to click on the website attack options by typing in 2 thirdly we select options 3 which is credential harvester attack method. now we will choose a web site template of the website we want to attack which is Facebook  after which  then we have to set an attacker IP address which is our system. to check for ur...

Hackers have been using fake messages related to essentials services to craft their scams. They often pose as a service provider and threaten the victims about the discontinuation of essential services if immediate action is not taken by the user. The Italian postal service provider Poste Italiane is the latest one to be added to the list of such lures used by hackers.  What happened Attackers were recently seen using fake website resembling Poste Italiane to carry out their phishing scam. In April 2020, hackers had created a look-alike phishing website of the Poste Italiane and even faked the OTP-based authentication measure to make it look realistic. Adding more to surprise, hackers were using an updated copyright text at the bottom of the page, showing year as 2020, instead of 2019, as shown on the actual website. Hackers asked the users to enter their Poste Italiane credentials, along with personal and financial details and even phone number, which was also immediately used for...

Due to lack of proper training and awareness on cybersecurity, this has lead personnel to take cybersecurity requirements too lightly, leading to dramatic consequences for the organizations they work for. In the recent WannaCry ransomware epidemic, the human factor played a major role in making businesses worldwide vulnerable. Two months after the disclosed vulnerabilities had been patched with a new update from Microsoft, many companies around the world still hadn’t updated their systems. Several cases followed — with non-IT personnel being the weakest link: for example, employees with local administrator rights who disabled security solutions on their computers and let the infection spread from their computer onto the entire corporate network. So, what role do employees play in a business’s fight against cybercrime? To answer this question Kaspersky Lab and B2B International have undertaken a study into over 5,000 businesses around the globe. The results have been astounding. We’ve f...

A conference on securing Ghana’s cyberspace and digital infrastructure from the activities of hackers and criminals has been held in Accra. The National Cyber Security Conference and Workshop, the first of its kind was on the theme “Unifying Our Efforts to Secure Our Cyber Space”. It was attended by cyber security experts, researchers, academics, representatives of telecommunications service operators, financial institutions, ICT businesses and government agencies. In a keynote address on behalf of the sector Minister, Deputy Minister for Communications, Hon. Felix Kwakye Ofosu noted that the Government has embraced the use of technology not only as a new platform to deliver programs and services but also as an enabler to make services available and accessible to all citizens. “Ghana has made tremendous strides in the industry with massive fiber infrastructure and wireless network rollouts from mobile network operators. Further to that Ghana reached a total voice penetration of 133.3% ...

This is a high-level overview of what the Cybercrime Act 2015 provides, and things we should be aware of. 1. Gives the President the power to designate certain computer systems, networks and information infrastructure vital to the national security of Nigeria or the economic and social well-being of its citizens, as constituting Critical National Information Infrastructure, and to implement procedures, guidelines, and conduct audits in furtherance of that. Examples of systems, which could be designated as such, include transport, communication, banking etc. To find out more about what such a plan should look like, you can check the USA’s National Infrastructure Protection Plan here, or the European Union’s here. 2. Prescribes the death penalty for an offence committed against a system or network that has been designated critical national infrastructure of Nigeria that results in the death of an individual (amongst other punishments for lesser crimes). 3. Hackers, if found guilty, of un...

By now, it’s probably no longer news that three unofficial WhatsApp clones — also known as “WhatsApp mods” or “modded WhatsApp versions” — are among the top 10 most-used apps in Africa, and that one of those three modified versions of WhatsApp, GBWhatsApp, is, in fact, the second-most used social messaging app in Africa, used even more than the Facebook app and only behind WhatsApps’s official version. Or, maybe it’s still news to some people. Either way, that’s the situation. WhatsApp’s status as the most-used app in Africa is undisputed but maybe it’s popularity has also been unwittingly underreported. Africa Has A “WhatsApp mod Problem” & These Are The Dangers Users Of Fake WhatsApp Expose Themselves To with so been said on the  23rm of March 2020 Facebook Announce that it will start from December 1st 2020 it will band users from using the Official WhatsApp that are seen using any form of Whatsapp Mod be it GBwhatsapp, FMwhatsapp, YOwhatsapp, etc.  it also said mostly A...

we all know WhatsApp is the most used app nowadays for sharing and end the number of messages, audios, and videos. However, many new modified versions have introduced like  Whatsapp Plus, GBWhatsApp, YoWhatsApp, FMWhatsApp, OGWhatsApp, WhatsApp Prime, etc.  But among all these WhatsApp listed above, GBWhatsApp is one of the most widely used apps. Its features have proved better than the original Whatsapp itself, as well as from all the modified versions. Some of its features are: It allows you to hide blue tick, double tick, and online status, it also supports multiple languages,  you can lock your private chats with any body with a diffrent password, agaiin you can creat your own them for the Gbwhatsapp,  unlimited WhatsApp stories and also allows you to share large  videos which are of a lent of 1-2 her or 10 to 16GB. i can tell you that these features are very amazing and even better than the official WhatsApp we use today, but one this for sure nothing as go...

As of today you already know about Google, Yahoo, and Bing, But those few are just a piece of the internet under these famous sites are hidden sites that are not available to us today, That space is what we call the Dark Web and Deep Web, the dark web is a general term we use for a collection of sites on an encrypted network which Ip address is hidden in a tunnel, which gives us an anonymity protections. and those site and not index     like our normal sites which are indexed by traditional search engines, we can only access them with a special browser such as Freenet and TOR The Dark Web isn't Equivalent to the Deep Web  The Deep Web is all sites on the web that can't be reached with a web index. In spite of the fact that this included site that is on the Dark Web, it additionally incorporates locales that serve increasingly ordinary capacities, for example, business intranets, webmail stages, databases, internet-banking stages, and administrations that typically re...