Demystifying CERT-In directives (dated 28th April 2022)

Demystifying CERT-In directives (dated 28th April 2022)
[Download PDF] Introduction Cyber security has always been a hot topic area and it’s gaining momentum by leaps and bounds these days (which is great for information security professionals like us :D ). In all seriousness, “Data is the new Oil” and there are criminal agencies operating worldwide with impunity that harvest user data and sell it or use it for malicious/financial gain. CERT-In (under MeitY, Govt of India) has recently issued a much need

Microsoft Most Valuable Professional – MVP (again)

Microsoft Most Valuable Professional – MVP (again)
Super excited to be awarded by Microsoft for the 10th time in a row as Most Valuable Professional in the domain of "Enterprise Security" under the named award category of "Cloud and Datacenter Management". A decade is a good thing, right :) For the sake of clarity, It's awarded for non-commercial community contributions, commercially benefiting contributions are not counted It doesn't have to be saying good about Microsoft only, they are pre

The world with a new look

The world with a new look
The way internet has barged into our lives, we have been seeing the world in a very new way.I stumbled on this image created by Byte Level research LLC which shows the new worldAs per Byte LevelEach ccTLD is sized relative to the population of the country or territory, with the exception of China and India, which were restrained by 30% to fit the layout. At the other end of the spectrum, the smallest type size used reflects those countries with fewer than

Cheat Sheets: Networking, Hacking, Security, Administration, Tools

Here is a bunch of CheatSheets which might be useful from time to time to use as a reference:# TCP/IP and tcpdump Cheat Sheet - SANS.org# Google Hacking and Defense Cheat Sheet - SANS.org# Intrusion Discovery Cheat Sheet Windows - SANS.org# Intrusion Discovery Cheat Sheet Linux - SANS.org# SQL Injection Cheat Sheet - ha.ckers.org# Cross Site Scripting Cheat Sheet - ha.ckers.org# Web application Cheat Sheet - secguru.com# Linux Security Quick Reference Guid...

UNtrusted Certificates from UNtrusted CA

Following HDMoore's twit I stumbled on this case of Man-in-the-middle attack with a valid SSL certificate from a shady reseller.Eddy Nigg was able to buy a certificate in the name of mozilla.com from a reseller of comodo named 'Certstar'.In response of this issue, comodo saysThat reseller's ability to sell Comodo certificates has been suspended while weinvestigate why they are apparently not fulfilling their contractual obligationsto us. We revoked your ce

Powerstatus for Windows Mobile

I found this tiny(absolute tiny) and wonderful utility for windows mobile.It uses top 2 pixel row of your screen and shows you the battery as well as memory status. A quick look at the phone will give you an idea that how much battery is remaining and if you have enough memory free or not. See the top 2 pixel of the screenshot Name: powerstatus.exeSize: 3584 bytesLicense: FreewareDownload: http://freewareppc.com/utilities/powerstatus.shtmlPut this in your

Wardriving Pune

On 10th November 2008, ClubHack with support of Cyber Crime Cell of Pune Police conducted a Wardriving in Pune, Maharashtra.This Wardriving aimed at analysis of wireless network security in Pune city at common places like ITparks, residential areas, market areas, hotels, airport etc.To our amaze, we found nearly 81% of Pune's wifi to be insecure ( I count WEP as insecure)Find the report and analysis @ http://wardrive.in/