Cloud Security : How To Secure The Multi-Tenant Environment Of Cloud ?

Learn How To Secure The Cloud Multi-Tenant Environment Using Hypervisor Based Segmentation And Database Based Segmentation Techniques...

Hypervisor Based Segmentation

Hypervisor based Segmentation is very important aspect of securing the multi-tenant environment generally when the cloud offering is IAAS i.e. Infrastructure as a service.

Hypervisor is generally a middleware between the underlying hardware and Virtual Machine and is involved in the entire virtualization process and also managing the VMs. In IAAS the multiple tenants or the customers are given the VMs which are generally the file servers, storage servers, databases, application servers, etc. The major risk or vulnerability arises in the architecture of co-residing of all the VMs of different tenants. There is always a threat of unauthorized access, data breaches, MITM – Man in The Middle Attacks, malware injection and various other attacks. Isolation and segmentation in VM should be done for the data integrity and confidentiality. But as Hypervisor is the main source which is involved making calls to and fro from VM and the underlying hardware, if segmentation is done at this level then none other option can prove out to be better for securing the multi-tenant 
infrastructure of the cloud.

Securing Cloud...:)

Database Based Segmentation

Database based segmentation is needed when the cloud offering is mainly SAAS i.e. Software as a service. In a multitenant environment when the customers are using the same instance of the software there is chance that the records or the data associated with that software is stored in the same database or inside the same table where the other tenant’s data is also stored in. So there arises a major risk when the data is just identified the tenant id and stored in the table or the same database. So one thing that can be done to avoid this type of risk is to encrypt the data inside the database, if by means it is compromised it would be very difficult to decipher it. Secondly the Access Control and Role mechanism should be established that ensures only those rows and fields to be accessed and modifiable in accordance with the security policies.


So That's all about securing multi-tenant environment of Cloud. This was one of my college assignments of Cloud Security ;)

Spread Knowledge!!!

How To Find Misplaced Mobile Phone While On Silent Mode

Learn How To Find Your Misplaced Android Device/Mobile Phone While On Silent Mode...

This is a serious problem which most of us face with our daily usage of mobile phones. Mobile phones or I must say Smartphones have really become an important part in an individual's life today. Smartphone users are increasing worldwide at a very rapid rate and as a matter of fact, according to eMarketer a total of 4.55 billion people worldwide shall be using a mobile phone as of 2014. That's a huge number right? and its expected to increase many folds by the year 2017.

While smartphones makes our everyday living smart and smooth, but at times its the other way around too. What if your mobile phone is on silent mode and you misplaced it. Misplaced in a sense, you kept it under a pillow or under a table, And ringing from another phone also proves to be futile. This situation would really crap your mind out when in hurry.

So, there is an easy way for Android Users to make their mobiles ring even when in silent mode. Cool Rite, I was too excited when I heard about this feature by google. But some limitations are also there. Most importantly your device should be connected to internet. If not, this particular feature to recover your misplaced phone wont work. So Lets see how to find our misplaced phone while its on silent mode. Follow these simple steps -

1. Open Google Play Store From Any Other Device.
    https://www.play.google.com/store

2. Sign In to Google Play Store With Your Same Account You Used For Registration/Activation Of  Your Mobile Phone.

3. From Settings Tab, Go To Android Device Manager.
    (At top most right you'll find the settings tab)

4. Inside Android Device Manger, You'll See Your Registered Device. Click On Ring. In A Matter Of  Seconds Your Mobile Phone Will Start Ringing If Connected To Internet.


                                             

Yeahh!! Finally He Got His Mobile...;)

Damn Cool, I tried it yesterday and it works like charm. And There are lot of other evil things that can be done with this Android Device Manager. A lot of hacks. Wait For my Next Post on Hacking Smartphones Using Android Device Manager. Till Then Enjoy This Feature and Spread it to people around.
                                                     

GOODLUCK! PEACE!

Pakistani Hackers Responded Back With A Bang By Defacing Rajasthan ACB Website & The Cyber War Continues

Pakistani Hackers responded back just a day after Indian Hackers Took Down 100+ Pakistani Websites on the Indian Independence Day - 15 August 2015

This Cyber War between the two nations seems to grow only over the time to come, as the current scenario says. This time some Pakistani Hackers Took Down Rajasthan Anti Corruption Bureau website and posted several messages, photos and cartoons on the homepage of the website. The site is currently down for recovery.

The ACB website is currently down for recovery

The message mainly focussed on telling the Indians that Pakistan won the Kargil War. Several photos depicting the Kargil War were posted on the website. Also cartoon of Pakistan's former President Pervez Musharraf was posted depicting the indian army left the bodies of indian soldiers claiming that the Pakistan won the Kargil War. Also cartoon of Indian Prime Minister Narendra Modi was also posted depicting him as if he has been wounded by the world of politics.

Homepage of defaced ACB Rajasthan website

You can find the all the pics of the defaced homepage of the ACB website on this link

http://www.ibnlive.com/news/india/pakistani-hackers-deface-rajasthan-acb-website-post-messages-claiming-india-lost-kargil-war-1040365.html

Only God knows when the relationship between the two countries will improve and finally be united  to lead the world to a peaceful place to live in. We can only hope for the best and pray to almighty to end all these physical wars and cyber wars between the two nations India and Pakistan.

   SPREAD PEACE !!!

100+ Pakistani Websites Defaced By Indian Hackers On India's 69th Independence Day

Indian Hackers bring down more than 100 Pakistani websites on Independence Day...

Forget about war and clashes between the two nations India and Pakistan, FYI these two nations are also a part of ever continuing and never ending Cyber War, which has been seen from years now. 

As a part of fact these two nations have a record of defacing each other websites on their special occasion of independence day as both the nation have a gap of just one day in their independence day (Pakistan's Independence Day - 14 August, India's Independence Day - 15 August).

On Indian Independence Day of 2013, It was seen that 6596 Pakistani websites were defaced by the Indian Hackers as a payback. And talking about the present year. Pakistani hackers attacked on Indian websites on their independence day i.e 14 August and then on 15 August (which is celebrated as india's independence day) Indian Hacker Group named "HELL SHIELD HACKERS" gave them a little payback by defacing 100+ Websites displaying different messages on their websites, paying a tribute to Indian Javans on this auspicious occasion. 

Hell Shield HACKERS group is one of the anonymous hacker groups of india, which is currently most active "Black Hat" team in India with founder L@z@rus, and other members include psychotic_overloadD, indi-g3@r, Mr.404 and poison. (As from Hindustan Times article).

Webpage of one of the defaced pakistani website  

Many of the wesbites are still defaced while some are down for recovery. You can have a look at the complete list of websites defaced by the Indian Hacker Group "HELL SHIELD HACKERS" on the following link - 

http://pastebin.com/wiatQW5P

Hope this cyber war ends soon and their relationship with each other improve so that both the nations can live happily & peacefully , and maintain the nationhood among them. PEACE !!

Microsoft Finally Rolling Out Windows 10 Upgrade Notifications To All The Licensed Windows 7,8 Users

Windows 7 & Windows 8 are prompted to reserve their free copies of Windows 10...

Finally today when i started my PC and connected to internet, after some time i got this icon at the bottom of the screen saying "Get Windows 10".

This is the window icon you see in your licensed Windows 7,8 to upgrade to Windows 10

The prompt is for users to reserve their free copies that would ultimately will be rolling out from 29 July onwards. This is also to get users familiarize with the looks and feels of Windows 10. You can also check the video showing you all the features and looks of the most awaited Windows 10.

Prompt box for Windows 10 upgrade

Video by Microsoft to get the feel of Windows 10

You would require around 3GB of internet data to download and upgrade to Windows 10. Rest all as it says, is totally FREE. 

But wait is it legit saying that its free... How free it really is?? Microsoft seems silent about this. And you never know Microsoft starts charging for incremental upgrades or updates after some time period. You indeed never know as of you...!!!

Still the curiosity is at its peak and we all would definitely wanna try this beast from Microsoft. Hope it proves out the same too. ;)

So what are you waiting for!! Hit that button to reserve you free copy now...!!!

Anonymous India Brings Down The TRAI Website For Releasing 1 Million Email Ids In Public

Anonymous India takes down the TRAI website earlier today for exposing the email ids of around 1 million people who responded to TRAI for the Net Neutrality Cause

UPDATED : The TRAI website is up and functioning now but still they haven't done anything with the email ids, you can still find the list of email ids on comments page.

TRAI asked the users to fill in the form regarding the Net Neutrality issue in India to get the feedback and reviews of the public for the same. And around million users responded to the same. But it was not at all a legit decision from a government organisation exposing the list of all the users with their emails in public though their website.

As they say, they are watching our every move. Finally, Anonymous India took action in order to protect and safeguard the privacy of around million users of India and attacked the website of TRAI (www.trai.gov.in) earlier today using their ways of DDOS.

You can have a look at the tweets made by the Anonymous India and the public on the anonOpsIndia twitter page

In the evening, the website was finally up and functioning well. But it seemed there is no effect to TRAI of the attack made by Anonymous India & You can still find the list of the email ids on the website of TRAI.

What can the general public expect from such government organization who is not even worried about the users privacy and wish to work for them for the cause of Net Neutrality. This shows that one DDOS attack was not enough for the TRAI. Lets see what action Anonymous India further against TRAI to protect the privacy of the indian public..

Have a look at the tweets after the TRAI website was functioning.

For more tweets and latest updates regarding this, stay tuned to the AnonOpsIndia page(opindia_revenge) on twitter

No More Private Profile Pictures on Facebook | Latest April 2015

Facebook has discontinued with the feature of Private Profile Pictures with the new settings and now you can view private profile pics of anyone very easily....

No More Private Profile Pics in Facebook from now onwards. Even if you set your profile picture to 'Only Me' in the Settings Tab of the profile pic, your Profile Picture is still visible to everyone when they click on it. Don't think that it's private now. Facebook has changed their policies or what or may be its a flaw ( i have already reported). But what i think is its done purposely by the Facebook team.

I can't say why they have removed that feature of Private Profile Picture though the option of Visible to 'Only Me' is still there.

The new settings are as such that when you click on the profile picture after visiting the profile of a person who has enabled the Only Me Privacy on his profile pic, unlike before it just opens as usual just you don't get the like section and comment section at the right hand side of the image. Otherwise the picture opens as usual and you can easily download the private profile picture just by right clicking on it, and saving it to the device.

This the private profile pic of one of my friend which i can easily open just by clicking on it

 No comment or like section at RHS of the pic, but i can easily save the pic just by right clicking it

Earlier for a non-geek, the private profile picture won't open only and that guy wouldn't be able to view the picture though a geek would have opened it using some tricks with the Facebook's Graph API. But now may it be a Geek or Non-Geek, its open to all to view the private profile pictures on facebook.

Again Privacy of the users being compromised, that's it. Can't say what Facebook has thought of before doing this change ?? I have already reported it to facebook, let's see if i get a reply and their statement regarding this privacy change (I'm sure i wont get a reply back...lol :D)

Google To Acquire Facebook at $490 billion

Google signs a deal with the Facebook regarding its aquisition...

What a day for both the top notches of the IT world. Google finally purchases the entire Facebook at a closing deal of $490 billion.

Mark Zuckerberg accepts the deal and finally moves on to work under Google. Google with not much popularity gained with its social networking site google plus finally decides to acquire facebook and take over the entire IT world in its hands today.

Never the less Mark Zuckerberg is quite happy with the decision and moves to plan out for a world tour taking a big leave from the professional front.

Now The entire social networking community will be led by Google itself. Damn !This day is really gonna be a one of the biggest days in the History of Information Technology and World.

Check out more what Mark Zuckerberg says in his interview just after the deal was signed with Google. Click on the link to know more...
                                         http://goo.gl/MLFwV1

ZigZag Hack : How To Break World Record In ZigZag Game

Learn how to make unlimited score in the ZigZag game by Ketchapp with this simple trick...

Wanna make a high score in the game ZigZag. Here is the glitch I got from the internet only. One of the guys out there, Sam found it. Credits to this guy for finding it. With this glitch you can easily hack this ZigZag game either in android, Windows or iOS platform.

I too spent out days and played around 1800 times to just get a high score of 910. I was amused at that time to finally have a score quiet competing one which none of my friends were near to. And I thought i was the king now. But when i searched out on the web out of curiosity, i found out this score is nothing as compared to those geeks who have been making scores more 4K. And i was like Ahhh WTF man. I wasted the hell out time to just get this score of less than 1K even.

My Score after 1800+ games played ! Damn :( Rite....

Thereafter on that day itself, I found a video on youtube by Sam, saying about the ZigZag Glitch and damn i was like why the Hell i wasted this much time on it. It is a very simple trick to make an unlimited score in ZigZag.

And breaking the World Record in ZigZag. It won't take much time now. Cool Rite...!!!

Here the step by step video by the Cyber Sarcasm Youtube Channel showing you the demo of making the high score in this game zigzag.

Watch the video and be the world champion of ZigZag. GoodLuck Dude...

How to Find The Sender Of An Email From A Common Email Id On Gmail

Learn how to find a guy who anonymously sends out an email from common email id in Gmail....

Common email id is generally used in schools, universities and colleges where a group of students can have a common platform to have information being delivered from either faculties or any other department of the organisation, so that it is made available to everyone with just single mail from the sender instead of mail being sent to each individual.

As with advantages of having a common email id, there is also a darker part of it. That is, what if someone anonymously sends out an email to some faculty or any department of an organization. It means that the email is sent from that particular group or class as a whole, though it is actually sent from an individual itself. This creates a problem when some unwanted or a bad email is sent to someone and in-turn the whole class is to be blamed. The guy does the does the job anonymously and achieves what was wanted.

Today I'm gonna discuss some of the ways in which we can track or find that anonymous guy who sent that email from a Common Email Id in Gmail. The coolest part is, Gmail has all the tools and stuff to track or find that person, Next comes your Information Gathering and Social Engineering tricks.

So, Let's see step-by-step how we can accomplish our task.
This video tutorial demonstrates you the entire process of finding that person who anonymously sends out emails from the common email id. Check it out...

The Wallpaper Collection | Week 2

Check out some of the coolest wallpapers in high definition for your PCs and laptops...

This is the second week for the wallpaper collection set. In this video, the wallpapers are much cooler and sexier that just makes your desktop screen as awsomest as possible. So what are you waiting for geeks?

Catch out the Wallpaper Collection Video set for the second week. If you wish to download any wallpapers, you can get the link from the video.

Enjoy Watching. Peace.!

The Wallpaper Collection | Week 1

Check out some of the coolest wallpees in high definition for your PCs and laptops...

Here i'm starting off with the all new wallpaper collection where weekly you'll get some of the coolest and sexiest wallpapers from the world of Hacking, Gaming, Fantasy, Cars and stuff.

This will be coming on a weekly basic. So here is the wallpaper video set for the first week. To download the wallpapers of your choice check out the video for the link.

Enjoy Watching. Peace!

Play Dinasaur Game in Google Chrome when offline

The hidden secret of Chrome browser: it has an endless runner T-rex Dinasaur Game which can be very addictive once you start playing it....

Internet Disconnected....:( ahhh (Whhaattt ddd  ffff)
Don't worry guys!!
If you are using Google Chrome as your browser, you still gotta be enjoying this time without internet connection.

Wanna know how??
Just test it yourself, disconnect your internet connection and check Google Chrome, you'll get a dinasaur game.
Hit "spacebar" key or the "Up" arrow key to start and enjoy playing  this cute little game which would definitely not upset you when your out of your connection. To pause the game, press "Alt" key. Once you start playing, it can also prove to be one of the addictive games like Flappy Bird.

Google Chrome endless runner T-rex Dinasaur Game

But you gotta be annoyed in a situation when you are trying harder to make a good high score and suddenly internet is connected again. It would just interrupt the game where ever it was and just load the webpage that you were surfing before.
But still, cool eh??

So, this time when you're offline, you gotta be enjoying this mini game instead of turning off your systems or moblie devices(also works on mobile devices).

Let's see if your addictive or not ;)