An insecure backup incident affects 35,000 employees over a period of nine months.
Outlook for Android Leaves Private Messages Wide Open for Stealing
The flaw in mobile app development plagues many messaging apps.
(ISC)² Announces GISLA Award Finalists for Government Security
(ISC)² will honor excellence in advancing the nation’s public-sector cybersecurity posture on June 3.
New Security Fears Over Keyboard and Trackpad Data Retention
Privacy International warns that various PC components could retain data, raising concerns over recycled IT kit.
Slick $5K Malware-as-a-Service Takes Over Android to Steal Financial Data
The powerful iBanking Android malware spreads beyond Russian cyber-gangs.
Über-Secure ProtonMail Beta Maxes Out Servers in Just 60 Hours
Lavabit heir built by CERN boffins sees huge demand for its NSA-proof email capabilities.
FireEye Backs Washington with New APT1 Data Linking Attacks to China
Mandiant owner says connection days and times fit perfectly with the average PLA working day.
Facebook Implements Free Browser-based AV for Users
If a malware infection is suspected, Facebook will prompt the user to run a scanner from F-Secure or Trend Micro.
Researchers Blast eBay Over Data Breach
Several concerning security practices point to a compromise that may have been prevented – or at least significantly mitigated.
Tutorial On Information Gathering / Foot Printing (Hacking Technique)
Information gathering or Foot printing is the basic technique of hacking which includes gathering maximum information about the target computer systems. It is a very important part of hacking because the more information about target system we have, more the number of attacks we can launch. Information gathering is the important technique because all other process of hacking based on information that you have. Therefore we must know what information to gather, where to find it, how to collect it & how to process the collected information.
Let’s start with an example: Suppose your designation is as a hacker in your company & company wants some information about the target system like physical location, IP records and some details about the specific domain. What you’ve is only the domain name (e.g. www.example.com) or IP address. There are some practical steps you need to follow while gathering information about target system:
- First step is to finding the IP address:
- Go to command prompt> type ping www.example.com
- It will give you IP of the target system.
- After getting IP, next step is to know about the physical location of the victim:
- Go to IP2location from here, enter the IP in search field & hit enter.
- It will give you details about the physical location of the victim.
- Now, we have to find out the details of the domain (example.com):
- Go to who.is or whois.domaindetails.com & type the site address of victim.
- It will give you details about domain owner, server, domain expiry/creation date.\
- Use Traceroute for tracing the websites path:
- Check out my post on Trace Website Path Using CMD.
- Use Google for getting more information about the victim.
Following above methods will help you in getting maximum information about the target system & if you need further information, then google it with your queries.
Some of the tools used for information gathering are nslookup, traceroute & Nmap. Very soon, I will explain about Information Gathering technique using Back Track.