The Linux Foundation on Wednesday announced that it was more than doubling the number of scholarships to be awarded this year for Linux training.

The Linux Foundation is a nonprofit organization dedicated to accelerating the growth of Linux and collaborative development.
Its announcement opened the door for the submission of applications for the 2015 Linux Training Scholarship Program.
The foundation will award 14 scholarships this year, up from last year's five.
It added two new categories: Linux Newbies and Teens-in-Training. That brings the number of training categories to seven.
"Formal Linux training is just one piece of the solution to the current shortage of Linux talent in the market," said Amanda McPherson, CMO and VP of developer programs at the Linux Foundation.
"While traditionally we have seen most people who end up with a career in Linux teaching themselves or starting as a hobbyist, Linux is simply too prevalent now for those types of individuals to meet the demand," she told LinuxInsider.

Certified Winners

Another new benefit added this year is certifications awarded as part of the scholarship. Recipients will have the opportunity to take a Linux Foundation Certified System Administrator (LFCS) or Linux Foundation Certified Engineer (LFCE) exam.

Linux Foundation certifications are widely recognized for being performance-based, distribution-flexible, and available anytime, anywhere.
The Linux Foundation training programs are essential for the continued growth of Linux, noted Rob Enderle, principal analyst at the Enderle Group.
"If you want to sustain a platform, you have to ensure people are formally trained in it. Proprietary firms fund colleges and universities to ensure this," he told LinuxInsider. "It follows that this is no less important, but often far more difficult for standards-based efforts due to more limited funding."

Candidate Qualifications

The scholarship program is open to individuals who demonstrate need and who have already displayed interest in or knowledge of Linux and open source software. Applications will be reviewed by a panel at the Linux Foundation.
Scholarship recipients will be notified by mid-August. The foundation will publicly announce the winning candidates shortly thereafter.
Applications are due by 11:59 p.m. PT on July 10, 2015.
Serious Competition
The Linux Foundation received more than 1,000 applications for last year's five scholarships awarded. The average age of applicants was 29 years old.
The Linux Foundation Training Scholarship Program provides funds to applicants who otherwise would not have the ability to attend Linux Foundation training courses. It attempts to help developers, IT professionals, and promising students to build Linux careers and contribute to shaping the future of the operating system and the enterprise.
The scholarship program ensures that more people who want to advance into this area are given the opportunity for an education in it, noted Enderle. It also helps ensure the longevity of the effort.
"If done right, it should improve the quality of the products that result by putting more rigor into the education of the practitioners," he said.

Categorical Excellence

The two training categories added this year show the developmental growth of the Linux training program.
Linux Newbies is for individuals new to Linux but who have learned the basics by completing the Intro to Linux online course (LFS101x through edX).
Teens-in-Training is for students under the age of 18 who already have started using Linux and want to get a head start on a career in the field. This is the first time The Linux Foundation has offered scholarships to pre-college students.
Whiz Kids is for 2015 high school or college grads already familiar with Linux but who want to prepare for their career with extra training. Applicants must be 18 years or older.
Women in Linux is for women doing amazing things with Linux.
SysAdmin Super Stars targets applicants who already have begun using Linux in their workplace but want to take their work to the next level with additional training.
Developer Do-Gooder is for developers using Linux for good, so that they might expand that good work while enhancing their Linux skills.
Linux Kernel Guru is a category for individuals who already have contributed to the Linux kernel community and who show promise toward becoming a Linux kernel developer or maintainer.

Popular Education

Few organized Linux training programs exist. The educational series the Linux Foundation sponsors has grown rapidly.
For example, to date more than 400,000 people have registered for the free Intro to Linux course. It is one of the biggest courses ever hosted by edX, said McPherson.
One course alone is not going to get anyone a job -- but it helps increase enrollees' knowledge of a specialized area, and it allows them to ask questions of a live instructor.
The foundation's training course enrollments continue to increase. It regularly adds new courses to keep up with changes in technology, as well as demand.
Specialized training will give scholarship winners "a leg up on the competition when looking for job opportunities," said the Linux Foundation's McPherson. "By almost tripling the number of scholarship recipients for 2015, we are trying to give that opportunity to more people."

Competitive Market

There continues to be demand for people who have the kind of training a well-managed program like this could produce. The question is whether this program will be well-managed.
"Often the problem, even with proprietary firms, is they focus on the grant process more than the quality of the related training," observed Enderle.
Interest in Linux careers is evident, said McPherson. More than nine in 10 hiring managers planned to hire Linux talent this year, according to the Linux Foundation's 2015 Linux Jobs Report.
Plus, 54 percent expected sysadmin job candidates to have formal training or a certification.
Dice.com always has thousands of Linux jobs listed, and that is only expected to grow as more and more organizations -- tech companies and otherwise -- move toward open source, noted McPherson.
"When you consider that," she said, "and that over 1,000 people applied for our scholarship program last year, it is clear there is huge interest in Linux careers." 

CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. The main purpose of CMSmap is to integrate common vulnerabilities for different types of CMSs in a single tool.

At the moment, CMSs supported by CMSmap are WordPress, Joomla and Drupal.

Please note that this project is an early state. As such, you might find bugs, flaws or mulfunctions. Use it at your own risk!

Installation

You can download the latest version of CMSmap by cloning the GitHub repository:

git clone https://github.com/Dionach/CMSmap.git

usage 





Notes

30/03/2015: Created a new repo to remove big wordlist. Users who have originally cloned the previous repo are invited to clone the new one.

Disclaimer

Usage of CMSmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program.

Parrot Security OS  for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, Privacy/Anonimity and Cryptography

Parrot security OS is an open source distribution of Linux based on the well known and award winning Debian GNU/Linux operating system. As its developers describe, it is a masterpiece that gathers together all the necessary tools for hacking, penetration testing, security and privacy tasks.

According to its developers, Parrot Security OS is a security oriented operating system designed for Penetration Testing, Computer Forensic, Reverse engineering, Hacking, Privacy/Anonymity and Cryptography.

Instead of installing the OS then painstakingly assembling your collection of security tools (and package dependencies), using something like Parrot Security OS takes care of all that for you

It is based on Debian and developed by Frozenbox network. Parrot is designed for everyone, from the Pro pen-tester to the newbie, because it provides the most professional tools combined in a easy to use, fast and lightweight pen-testing environment, and it can be used also for an everyday use.

Most of the penetration testing tools can be found under the Parrot entry of the main menu, where they’re organized in subsections. In addition, an anonymous surfing mode is available for those who don’t want to be traced.

Among the included applications, we can mention TrueCrypt, Ettercap, Iceweasel, Vidalia, Wireshark, VLC Media Player, RecordMyDesktop, BleachBit, XRCed, PyCrust, aircrack-ng, Hydra, Nmap, and many others.

Features

• Updated pen-testing tools
• Great for forensic analysis
• Custom hardened 3.16 kernel
• MATE interface with custom themes, wallpapers and icons
• Fast lightweight system designed also for old computers
• PenMode + AirMode
• AnonSurf functionality (tor & i2p)
• Pandora’s box ram cleaner at shutdown
• Encrypted installation
• Cryptocurrency friendly
• All the necessary for programming out of the box
• Cloud compatible

Rather than downloading the whole ISO, there’s also a BASH script version which turns a regular Debian Stable install into Parrot Security OS, you can find the script here:

parrot-install.sh

You can download Parrot Security OS here:

amd64 Parrot Full – Parrot-full-1.9_amd64.iso
i386 Parrot Full – Parrot-1.9_i386.iso

Here is a demo of mssql data dumper plus a full take over tool



Enjoy

Thanks

The popular hacker Kevin Mitnick explains how it is easy to steal data from a network tapping the cable, even if it’s a fiber optic network.

Kevin Mitnick demonstrates how easy it is for a hacker to tap into your network and read your email messages, even if it’s a fiber optic network.

Kevin Mitnick is the father of the art of hacking, hacking is a philosophy of life and today the Master demonstrates how easy it is for an attacker to tap into a network to steal sensitive data, access emails, even if it’s a fiber optic network.

Kevin Mitnick clamped onto a fiber optic cable, CAT5x or CAT6x network wire, and by using the popular network analyzer Wireshark demonstrated how is simple to sniff any unencrypted information is a few minutes without leaving any trace. Mitnick used in his attack an optic fiber clip-on coupler that provides non-invasive bi-directional coupling into 250 micron coated single-modefibers.

“The FOD 5503 offers the ability to couple fiber optic talk sets at any intermediate point along a fiber span where access to a terminated end is not available.” states the description of the optic fiber clip-on coupler.

Such kind of hardware is not used to hack into fiber, but it is designed for maintenance purpose and fiber identification.

Kevin Mitnick published a video to demonstrate the attack, it shows the popular hacker while is sniffing an email directly from the tapped cable.

The hackers can easily tap without cutting the wire by using alligator clips to attach to the cable or they can cut the cable and plug both ends into a small hub to intercept the traffic.

In both cases, it is essential to prevent physical access to the wire, but most important is to use encrypted connections, while accessing any kind of web services, including email, chat, web browsing.

An attack like the one presented by Kevin Mitnick is very easy to arrange, clever attackers could use a cheap and tiny Raspberry Pi hide the tap used to grab the data. A similar scenario is scaring because an attacker can exfiltrate data from the targeted network for a long period without arousing suspicions.

Let me suggest to watch the video.

Author:Pierluigi Paganini

A brief introduction to several malware-related terms in an easy-to-understand manner. A useful glossary to better understand the “malware” terminology.

Introduction

The world that we live in is constantly changing; it is always evolving. The sophistication of the technology at the disposal of both those who “wear” a white hat (the good guys) and those who wear a black hat (the bad guys) is increasing at a rapid rate. As new mitigation tools are released, new attack methods and malicious software are produced; we are constantly playing catch-up with the bad guys. Whether your occupation falls under the technology category or not, we all have read about–and likely have been infected at one time or another–with some type of malware.Someone with a technical background or that works in the field certainly has some inherent knowledge of the several different terms that are used to describe different types of malware, attacks, etcetera. For someone with little-to-no technological background, though, these same terms may seem like a foreign language. I wrote this article to address this issue; to briefly define several malware-related terms in an easy-to-understand manner. Disclaimer: The below definitions/descriptions have been derived from my knowledge; my understanding of each term.Disclaimer: The below definitions/descriptions have been derived from my knowledge; my understanding of each term.

---

Malware Classifications

MalwareMalware is essentially any software that performs actions that are not known and authorized by the user. While most of the malware that we read about in the news or on forums for the most part have damaging effects on the infected device, the term malware also encompasses less damaging software, such as PUPs.Virus

Viruses are a type of malware that require user intervention to infect a device. What this means, is that the victim must actually run the software that contains the virus’ code. Viruses have often been spread via e-mail, i.e. through “chain e-mails” as attachments that are named as something else. Viruses are often spread as files that contain solely malicious code. This means that rather than spreading and masquerading as a legitimate application, viruses are often files that contain nothing but malicious code, which places the burden on the sender to convince their target to download and launch the malicious software.

There are several types of viruses, but one that I will mention are Macro viruses. Macro viruses are spread via Macro code (code that can be embedded inside a Microsoft Office document (e.g. Microsoft Word document, Microsoft Excel spreadsheets) that are launched when the document is opened. There are a very large quantity of Macro viruses still being spread in-the-wild today.

Trojan

Trojans are a type of malware that also require user intervention to infect a device. Like viruses, victims must run the software that contains the Trojan’s code in order for it to successfully compromise the victim’s device. However, Trojans (hence the name “Trojan Horse”) are different from viruses in the sense that they often appear to be a legitimate application that the victim may have been searching for. Often, the malicious code launched by a Trojan is actually appended to the end of a legitimate application to better deceive their targets.

Additionally, there are several types of Trojans. The three that I believe are worth mentioning are:

Trojan Downloader – A Trojan that, when launched, downloads additional file(s) that actually contain the final payload (e.g. ransomware, a DLL containing a backdoor).
Trojan Injector – A Trojan that, when launched, injects malicious code into another process, often a legitimate process, to evade detection.
Trojan Dropper – A Trojan that, when launched, drops an additional file (usually) containing the malware’s payload. Usually an executable file or DLL containing an additional payload (i.e. the final, most damaging payload) and/or used for persistence (maintaining access to the compromised device).

Worm

Worms are a type of malware that differ from Trojans and Viruses. Worms cause arguably the most damage to the device(s) that they compromise; this is because worms are self-replicating. Worms can spread without user intervention, and in effect, a single worm infection can spread to an entire network. Worms in the news includeStuxnet, Koobface, and Conficker. I set up a vulnerable device and let it run for a couple weeks and logged hundreds of unique Conficker variants within the first week on a brand new device. Worms are still out there, and Conficker is still very active.

Ransomware

Ransomware has been around for quite some time, though it made national headlines a few years ago with the development and spread of CryptoLocker. As can be derived from the name, Ransomware is a type of malware spread by attackers with the goal of demanding a ransom from their victims; most often for financial gain.

Specifically, Crypto Ransomware will go through all of the directories, files and sometimes network shares and mapped drives of the victim’s device. It will open supported files (varies by variant) and then encrypt the contents of each supported file. This renders the files useless, and if the file contains pertinent data and no backup of it exists, this can be quite damaging to an individual or an organization as a whole. Ransomware authors generally demand a ransom payment in order restore affected files to their previous state, usually paid in Bitcoin. However, trusting criminals and funding their activity is never recommended.

Rootkit

Malware that is capable of evading all anti-malware utilities, the affected device’s operating system itself, and that may be extremely hard to remove. Rootkits often infect theMBR of the targeted device, and are distributed by attackers as a “hard-to-detect”, persistent method of accessing their targets. Rootkits often function as keyloggers, and their removal often requires the user to format their device; deleting the infected partition and re-partitioning the device is the most accepted remediation method.

Many people think that system restores are effective methods of restoring a compromised device. For one, they aren’t, but even more so in the case of a rootkit infection. Rootkits are generally installed as drivers; as new restore points are created, older ones are purged, and it’s important to remember that these restore points include copies of drivers and other configuration items. Meaning, eventually, the system restore points will become infected as well.

Keylogger

As the name states, keyloggers record keystrokes on the affected device, usually dumping all logged keystrokes to a file in a discrete location, to later be sent over to the attacker, often via SMTP (e-mail). Keylogging is an easy way for attackers to obtain usernames, passwords, and credit card numbers of their targets.

Remote Access Trojan (RAT)

A type of malware, specifically under the Trojan category, that allows a remote attacker to gain full control of an infected device.

---

Additional Terminology

Zombie (or “Bot”)A zombie is a device that has been compromised with malware that listens for commands from a remote attacker (via a command-and-control server), that the remote attacker often has complete control of. Zombies comprise a botnet, and are most often leveraged when carrying out DDoS attacks.Command-and-Control Server (or “C2 Server”)

A command-and-control server (or “C2 Server”) is a server dedicated to managing a botnet (network of zombies). While C2 servers can be dedicated devices set-up and configured by the attacker(s), legitimate websites with known vulnerabilities (commonly: websites running vulnerable versions of WordPress) have often been compromised by attackers and converted into C2 servers. It is not uncommon for an attacker to take control of a vulnerable website and implement the command-and-control functionality in the background, remaining undetected by the actual site owner for quite some time.

Exploit Kit

Many define exploit kits as a type of malware but I disagree. An exploit kit is a full software suite (usually a complete web application written in PHP) that is used to distribute malware in an automated fashion, leveraging exploits to install the malware on vulnerable devices without user intervention (other than browsing a specially crafted page).

Exploit kits serve a landing page that carries out the core functions; this page will scan the target to determine their browser, browser version, installed plug-ins, and other identifying information. Exploit kits have an arsenal of commonly-known vulnerabilities, and sometimes zero-day vulnerabilities. If the target is found to be vulnerable to one of the vulnerabilities in its arsenal, the exploit kit will then leverage the vulnerability to force the download and execution of malware onto the target system.

Zero-Day

A zero-day or zero-day vulnerability is a vulnerability that (was) not previously known to exist by the security community nor the vendor. Attackers exploit these previously unknown vulnerabilities to compromise even the most recently updated, hardened devices. Zero-days are often kept secret for as long as possible by attackers, and are sometimes even sold in “underground” markets.

Obfuscate

Often we see the term "obfuscated" when reading malware analysis reports, but what does this mean? Well, to obfuscate somethinig essentially means to hide something or make something illegible. Malware authors obfuscate their code to render it unreadable and hide its malicious nature; often you will see malicious JavaScripts files to be obfuscated, although in my experience, they’re not quite difficult to deobfuscate.

The obfuscation of code is often done not only to deem it illegible, but different obfuscation methods could lead to different file sizes, giving the file containing the obfuscated a code a different signature, to evade anti-virus detection.

Deobfuscate

Referencing the above definition of obfuscate, to deobfuscate is to do the obfuscate; to take illegible, masked code and turn it into code that can be understood and interpreted. Deobfuscation routines are used to deobfuscate code, and are included with obfuscated code in order to convert the code into a language that can be interpreted by the (host) device.

Packer

Packers are used to obfuscate code, in a sense. Essentially, a malware author will take a malicious binary file (executable, DLL, etc.) and scramble the code around to change the file’s signature, to evade anti-virus detection, increasing the rate of successful infection.

---

Final Thoughts

I hope that the above terms and their definitions are simple enough to supplement your current understanding of the several different types of malware and additional malware/analysis terminology. Remember, the above are only a subset of the terminology used in malware analysis and forensics. If you wish to see some terms added, or have a suggestion, feel free to chime in with your thoughts.

About the Author Michael Fratello

Michael Fratello is a Security Engineer employed by CipherTechs, Inc., a privately held information security services provider located in downtown Manhattan, New York.  Specializing in Penetration Testing and Digital Forensics, Michael, a St. John’s University graduate majoring in Computer Security Systems, has developed a passion for information security and often spends his free time studying, programming, and researching the exponentially growing number of threats found in-the-wild today.

ISIS supporters are spreading online a collection of tutorial titled the Book of Terror to teach how Hack a Wi-FI network and which are main spying tools.

ISIS militants are spreading a small package, titled Book of Terror, containing data of various spy tools, as well as tutorials on how to hack Wi-Fi networks in order to evade detection.

The Book of Terror has been posted online by the ISIS sympathizers a week ago, it is a 5,232-page PDF document.

“It’s difficult to tell if the guide is actually being used by the group, but the 5,232-page PDF was uploaded to a Pastebin-style site just over a a week ago, and then linked to from an ISIS supporter forum on Saturday, the pseudonymous security researcher known as “Switched” told Motherboard.” reported Motherboard that first published the news. 

The package includes a guide to teach ISIS militant on how to use encryption to evade surveillance and a manual on the use of firing weapons.

Many Twitter accounts were used the by ISIS to spread copies of the Book of Terror, many websites and forums used for propaganda are also informing sympathizers about the existence of the package, which is written in English.

The package includes an entire section, titled “Secret Spy Devices,” related to electronic equipment. The section includes information on “high power” mobile phone jammer, for recording landline telephone calls and a spy camera hidden within a pen.

The experts who examined the Book of Terror confirmed that it is not a guide written from scratch by the ISIS members, instead it is a cut and paste from consumer electronic sites.

The Book of Terror also explains hot to crack Wi-Fi networks by using the popular Kali Linux distribution to hack WPA and WEP encrypted networks.

“If you live in an area where there are Muslims