Apr 25, 2018

Verge And PornHub MAKE HISTORY!

It finally happened. Verge talked a big game, claiming to announce the biggest partnership in the history of cryptocurrency. A lot of the haters and doubters scoffed, but XVG truly meant business. Now that this crypto is joining forces with PornHub, they are truly an unstoppable force, inevitably poised to surpass even Bitcoin. What a time to be alive.

Apr 24, 2018

How Can Blockchain Prevent Fraud in Payment-Processing Services?

What Is Payment Fraud?

With the growing popularity of online marketing and business, we are unfortunately facing new types of fraud. Fraud in payment-processing services is one of the most significant threats to all e-commerce markets, as its main working principles are based upon online transactions. It involves identity and private property theft, or illegal takeover of an individual’s payment information to make purchases or remove funds. To eliminate it, companies are setting up fraud detection using blockchain technologies.

In 2017, the global fraud detection prevention market was valued at $16.8 billion U.S. Areas in which fraud detection and prevention are applied include insurance claims, money laundering, electronic payments, and banking transactions, both online and offline.

When discussing deceitful schemes in payment processing, we should stress that the most common type of scam involves credit cards. As stated above, criminals use a stolen card or card details to commit illegal purchases or transfer money. The customer whose data is stolen may file a report, and, after numerous transactions, receive the money back. In the case of an illegal purchase, a retailer or business is penalized, and loses its money. Therefore, it is crucial to take action to protect your commerce from these types of losses.

Use Blockchain to Prevent and Detect Fraud

The principles of blockchain technology allow people to keep an open, transparent, cryptographically encrypted record of all kinds of transactions committed between two pseudo-anonymous parties. As this record is maintained in an absolutely decentralized manner, it is independent of local authorities and banks. Therefore, it is difficult to tamper with. Actions like double spending, a common problem in digital money transactions, are difficult to commit due to a consensus protocol that provides trust. Because the permanency of blockchain technology stores information privately between parties, it provides better security. And in case you need better security for your company, the Applicature team of experts can help you set up blockchain technology for fraud detection.

Blockchain offers a wide range of opportunities, and a great number of companies use it to gain financial security. According to Statista surveys, 23% of companies are using this technology to prevent scams, and for security clearance. This percentage comes in second to those who use it for international money transfers.

Advantages of Blockchain Technology in the Prevention of Payment Fraud

It is possible to detect and prevent illegal activities in payment processing without people’s involvement by using the following features that stop fraud with blockchain:

  • Permanence. It is impossible to disable the system, as it functions on various devices worldwide at the same time. All of the gadgets storing the complete history of transactions cannot be hacked at once. 
  • Transparency. As a chain with distinct blocks, the system keeps a record of all transactions in each of these blocks. If any corrections or additions occur in these records, they are to be verified and checked in the whole system of block validators, which are machines with strict rules that must be complied with. Any illegal interference will be noticed promptly, and the involved parties will be disabled from making such transactions. 
  • Immutability. Blockchain provides significant benefits for fraud detection. As soon as a record is entered into the system, it cannot be deleted or forged. 
  • Cryptography. Blockchain technology employs widely-adopted cryptography protocols that protect users’ identity. Validation and confirmation are possible only with unique digital signatures. This information cannot be tampered with or recreated by anyone due to the random nature of its creation. 
  • Postponed payments and multisignatures. If you need to pay for a certain product but do not trust the seller, Blockchain allows you to use multi-signature transactions for postponed payments. In this case, the seller receives money only when the buyer gets his goods. Delivery service (or any other trusted party) can act as an additional level of arbitration that assures the buyer has the funds and the seller sends the goods.

Though blockchain technology provides better security, it cannot protect against hacking into your digital wallet or identity theft on its own. It should be stressed that in order to increase protection, blockchains use the additional help of machine-learning capabilities. This technology works like an additional layer, analyzing the algorithms and models of users’ behaviour. For instance, personal data might be stolen or used, but no one can copy someone’s personal behaviour pattern fraudulently, as it is absolutely unique.

Blockchain fraud detection uses startups like Feedzai to provide safety solutions in the cryptocurrency community. Feedzai uses machine-learning technologies and information science to keep commerce safe.

So, if you want to secure your digital identity and prevent it from being tampered with, blockchain technology will protect against fraud cases like these. To sum up, your personal information should be placed in a blockchain framework accessed only by authorized participants who can verify and ensure its validity. Though thefts in payment processing still occur, it is very important to use special blockchains designed for businesses and users working with machine-learning software. Such technologies are designed to be resistant to vulnerabilities, and grant you greater security.

Apr 23, 2018

How to transfer files faster than 10Mbps in Windows

At my day job we have a disaster recovery (DR) site a few thousand miles away. Between our main data center and our DR site, we have a 100Mbps dedicated transport link. It's used to transfer files, and be the path for database mirroring etc.

One problem that we noticed was that when we needed to copy large files, it would take forever. We would use your typical SMB/CIFS share and copy files. What we noticed was that although the transport link was 100Mbps, our NICs were 1Gbps and our local switches are 1Gbps switches, we would still only see file transfers at around 10Mbps.

That's just not good enough. Especially when you have a lot of large files you need to copy relatively quickly. I'm talking hours not days here anyway.

Well to solve this problem, I remembered the good old fashioned Robocopy! In fact, the latest versions of Robocopy, that now comes pre-installed in Windows servers by the way, has a multi-thread feature!

To max out our 100Mbps transport link, I set the threads with my Robocopy to 20 and BAM! We were sending files at close to 100Mbps!

The command I ran was:

robocopy "C:\Source" "\\DestinationServer\Destination" /mt:20 /E /V /ETA /R:2 /W:5 /R:10

Pretty simple right? The /mt switch is where you can adjust the threads used.

I've seen lots of forums and posts with people talking about copying over Windows shares being limited to 10Mbps. Using Robocopy is certainly one effective workaround!

Do you know of a different way to maximize throughput when copying files in Windows? Let us know in the comments!

Apr 18, 2018

6 Ways How Business Can Use a Live Video Streaming App

Video is the content people are ready to consume for hours and hours. You and your business can definitely benefit from it, and in this article we will tell you, what you can use video for.

Already, big social networks and video services acknowledged its power. Netflix shows the extreme boost, and social networks get their users addicted to live streaming apps. Facebook, Instagram and other have also successfully onboarded this wave by opening their own streaming capabilities to the world, and saw the rapid growth immediately.

Some businesses create a video streaming app and use it as a marketing tool. 

Here are some numbers:

  • The views of branded content has increased 99% on YouTube… And 258% on Facebook! 
  • By 2019 80% of all internet traffic will be associated with videos.

As you see, promotion with the help of videos is very effective and will make your current and potential customers care for what you have to offer. However, in this article we will talk specifically about live video streaming. Why?

The main reason is that live streaming is even more effective. According to Tubular Insights, people spend 8 times more on live streams than on regular on-demand videos.

You may wonder, why is it so? From the first sight, it may seem that on-demand videos must be more popular, as people can see them whenever they have time. Live streams, on the other hand, are available only when they are being recorded, and some life issues can come in way.

However, live streams are really more engaging, because they are exclusive and they allow to talk with the viewers in real time via comments.

Here we’ll talk about the ways you can use live streaming for your business, and the best practices of connecting to your customers via broadcasting.

1. Host Webinars

Webinars are always popular. Share your knowledge with people and thus prove yourself an expert, and make your customers more loyal to what you do. Webinars can be either paid or free. The best practice is to host free ones, if your business hasn’t gained fame and reputation yet: this way you’ll be able to get more customers to watch you.

Paid webinars are a great option for companies that are already rather famous in their sphere, and customers already know something about them.

2. Host Q&A Sessions

Q&A sessions are the best way to add some personal touch to your business, to show that behind your logo and a website there are humans that are ready to help. Q&A sessions are great to reply to some concerns your clients might have, to educate them and to show how you work.

You can prepare to such session and gather all frequently asked questions. Another way to do it is to answer questions from comments or tweets with a hashtag in real time.

3. Stream Live Events

A conference or some other important events in your company are a great reason to take your smartphone and launch a live streaming app. Go ahead and show your customers how your company evolves and how your employees gain new experience. 

Live events are a great reason to stream them, whether it’s a presentation of a new products somewhere at the conference or a meeting with celebrities. Make your viewers feel like they are present there, don’t forget to react to their comments and show the best moments of the event.

4. Host an Interview

Interviews with experts and influencers are the best way to get viewer attention, as they will enjoy seeing someone they already know. The main thing when you host an interview is to make it lively and interesting. You really need to work on those questions you’re going to ask, and switch between topics frequently enough to avoid boredom and repetitiveness.

5. Show what’s behind the curtains

Don’t let your customers see only what you would normally show. It is important that you keep your broadcasts informal. Show how your business works on the inside, let customers meet those people who work for them every day to deliver the best service.

You can also show some details of your product creation process. People may enjoy what they get, but what really makes you unique in their heads, is your story. Make your brand personal and alive, and people will appreciate it.

6. Share Important News

Today people will prefer to watch a branded video or enjoy a live stream from a company than read a text, so the best way to tell your customers about any changes or new products in your company is to host a live broadcast and then make it available for later.

These are six ways you can make your business more memorable for customers with the help of live streaming.

Final Thoughts

The greatest thing about using live video streaming app for business is that you don’t need a production team and a big marketing budget to broadcast - just grab your Android or iOS device and think about things you’re going to share. Live streaming doesn’t have to be official or perfect - the most important thing about it is your open attitude and a genuine wish to share something awesome.

You can use any platform or social media on your phone to share live streams, but if you already have your own mobile app, you can add live streaming functionality to it. A mobile development company like Mobindustry can help you with that.

If it corresponds to your business model, you can also create an additional source of income by providing paid webinars with useful information that will educate the viewers.

Find your own creative ways to benefit from live broadcasting: it is definitely worth a shot!

Apr 17, 2018

Learning computer coding opens up 'endless world' for these kids

In this episode of PBS News Hour a nationwide computer science immersion program sets up shop at a couple Virginia elementary schools. The program is called Code To The Future.

Apr 16, 2018

Ransomware Detection Methods

Ransomware is undoubtedly the biggest threat among modern day malware. Since the advent of CyrptoLocker in 2013, the number of yearly attacks has been constantly on the rise. The first quarter of the previous year has seen two biggest ransomware attacks ever in the face of WannaCry and NotPetya.

According to data, presented by eSecurity Planet, the number of ransomware attacks for the first quarter of 2017 has increased on 62% as compared to 2016. The number of detected ransomware has increased on 2000% in 2017, as compared to 2015.

According to Barkly, roughly 60% of all malicious payloads detected in the first quarter of 2017 have been ransomware.

The number of mobile ransomware has also increased dramatically over the past year. According to Kaspersky, in the Q1 of 2017 218,265 new types of mobile ransomware have been discovered. Ransomware have also been exploding on the dark web, with new strains constantly being created for sale. The new model, called ransomware-as-a-service has become popular, where all you need to do is simply pay, and you will get a ready-to-use ransomware that you can start distributing via a botnet in a couple of clicks.

Ransomware has also been increasingly targeting more and more businesses as of late as opposed to individuals. The question then is what can be done about it? When ransomware initially appeared, there was no good way to combat it. CryptoLocker public-key encryption was basically impossible to break, and beyond just regular backups there was little you could do. But even if infection meant that operations within your company were halted only for a couple of hours, it still could mean huge lost profits. Ideal scenario – is to detect ransomware attack early and stop it completely

What is ransomware

Ransomware is generally defined as malicious software, designed to extract ransom from users based on restricting their access to their own data. The most popular way to restrict access to user data is to encrypt it, and thus, ransomware that uses encryption techniques is called Crypto ransomware. Such ransomware usually employs sophisticated public-key cryptography that is impossible to crack and goes for certain types of files that is supposed to be the most valuable to the user, such as text documents, images and specialized formats.

However, encryption-based ransomware is not the only type of ransomware there is. Other types also exist, called:

  • Locker ransomware – this type is designed to block user’s access to the system or certain specific applications. Ransomware like that either replaces the desktop with a custom one, making it unavailable, or targets popular apps like browsers by modifying certain files.
  • Scareware – ransomware that uses scare tactics in order to force users into paying ransom. Often uses social engineering and other similar tactics in order to make users pay. One of the most common tactics is to display a message from supposedly law enforcement that includes personal information such as location and name of the ISP provider, making the message more believable. The message will demand a “fine” for certain made-up offense, such as copyright infringement or watching child pornography, and threatens user that if they refuse to pay they will be jailed.
  • Fake ransomware – many modern ransomware strains don’t even bother encrypting user’s data. Instead, they just delete it right away, creating a bunch of dummy files in order to fool the user into thinking that their data is still recoverable. Since it is impossible to distinguish fake and paid ransomware, it is always best to never pay ransom, unless the situation is actually critical.

How ransomware works

There are several ways that ransomware uses to get into your system. The most popular one is using infected spam emails, that are usually distributed by vast networks of botnets. Such an email will usually contain a message that uses social engineering techniques in order to prompt the user to click on an infected link or download the malicious attachment.

Another similar method of spreading ransomware is infected adverts on the net. Once the user clicks on the advert, a malicious JawaScripts starts running, downloading a payload on the user’s PC. Beyond that, ransomware can also be spread on removable drives, or self-propagate via a network by searching for open ports and unprotected connections.

Perpetrators will also use exploit kits in order to leverage known vulnerabilities and get ransomware into your system. Once there, it will phone back (usually, without encrypting network traffic), and then start looking for certain types of data to encrypt. After the data has been encrypted, a ransom note is displayed.

Ransomware uses various techniques in order to protect yourself from being detected or analyzed, including obfuscation and system mapping, designed to distinguish between real system and a honeypot.

How to detect ransomware

While there are ways to mitigate or even prevent some ransomware infection (making regular backups and keeping your system updated), it is always best to have capabilities to detect infection as it happens and be able to prevent any damage.

Traditional malware detection methods rely on known signatures, proving extremely effective against known malware, but almost completely useless against unknown strains. Considering the number of ransomware variants that pop up every day, it becomes clear that signature-based detection is not enough to establish reliable protecting.

Thus, behavior-based detection is often used, aimed at detecting not the malicious file itself, but rather certain attributes and behavioral indicators, that can point to a specific file as being malicious. Such behavior-based detection is supported by advanced data mining and analysis technologies, including machine learning algorithms able to go through large quantities of data and detect anomalies in real time.

When it comes to ransomware, key behavioral indicators include:

  • Encryption API – the majority of ransomware skips reinventing the wheel and just uses already available encryption APIs for encrypting user data. Often times, standard Windows functions, such as CryptEncrypt are used. And while the use of said function can’t reliably point to a ransomware by itself, it can be combined with other indicators to make detection more reliable
  • File type change detection – data within each file can be described via a specific signature. Mass changes in file signatures can be used to detect mass file type changes, which can be taken as an indicator of malicious mass file encryption.  
  • Comparing similarities between different versions of the file – another indicator of the file being encrypted is when there are significant differences between the new and old version of the file. If significant differences in hash functions of many files have been detected over a short period of time, they can indicate ransomware infection.
  • Moving, renaming or deleting files – monitoring changes to Master File Table can lead to the discovery of ransomware. When encrypting files, ransomware often changes the flag of the original file in the table, thus deleting it and overwriting with the encrypted version. Mass changes to the status of many files on the table can be indicative of ransomware infection.
  • System mapping activity – ransomware will check certain system parameters in order to make sure that the targeted endpoint is valid. It can be something as simple as checking a location and language settings and searching for certain file types, or full system mapping. Any such activity can serve as an indication of ransomware.

These are only some indicators that can be used in ransomware detection. Depending on the ransomware type, you may need to detect system locking activity, such as creating a new persistent desktop, rather than any file operations. Also, ransomware files can be scanned for things like ransom note text, while network communications can be checked for an attempt of ransomware to connect to the server.

However, it is worth remembering that any single one indicator cannot be reliably used for detecting ransomware. It’s only when several indicators are detected together that the behavior analysis system can reliably pinpoint malware.

Behavior analysis systems like this have become the backbone of next-generation anti-viruses and other anti-malware systems, aimed at catching not only ransomware but also other elusive threats, such as compromised accounts, fileless malware, insider threats and fraudulent activity, etc.

Protecting yourself from ransomware

Ransomware protection is not something that you can set and forget. Instead, it’s a layered, continuous process, that involves multiple different types of controls. Having a reliable detection tool is great, but it can only get you so far. Beyond that, you also need to make sure that your software is always up to date and that you always have backups ready in case attack wasn’t caught early.

Filter network traffic, block ads in corporate browsers, and prohibit email attachments in order to minimize the possibility of getting infected. Also, you should make sure that your employees are educated on the dangers of spam emails, social engineering, and compromised accounts, and that they thoroughly follow all security policies that are enacted in your company.

Remember, while combating ransomware initially looks hard, it will allow you to strengthen your general security posture, and it will immensely help you when it counts the most – when your data is under threat.

Apr 13, 2018

How to brute force RDP, FTP, Telnet and HTTP With Hydra

In the above video (Sorry, it's one of those annoying ones with no commentary or sound) we see how someone could use the THC-Hydra utility built into Kali Linux to brute force RDP, FTP, Telnet and HTTP. The truth is, you can actually brute force all sorts of protocols with it, including SMTP.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam