The Ultimate Ethical Hacking Boot Camp

The Ultimate Ethical Hacking Boot Camp

World famous cyber security expert, ethical hacker, author and former U.S. Marine, Bryan Seely. Seely is known for intercepting calls to the United States Secret Service and FBI by hacking Google Maps in early 2014, but rather than spending time in prison he was called a hero and moved on to bigger and better things. A few months later, he found an exploit in LinkedIn and helped the company resolve it.

Learn Ethical Hacking from a world famous Ethical Hacker who has professional endorsements from people like Mark Cuban Billionaire tech entrepreneur, Star of Shark Tank, and the legendary cybersecurity expert John McAfee.

Seely “thinks entirely out of the box, and has consistently looked to leverage his skills for the good of society,” McAfee said in a statement.

This course is jam packed with content and will take an absolute beginner in cybersecurity & ethical hacking from zero to being able to actually hack wireless routers, crack passwords, and understand the reasons why those things work. You will be getting live video demonstrations, lectures, and in some video’s ill be on camera explaining something.

We talk about the process of hacking, from gathering information in the Recon phase to more involved looks at our targets in the scanning phase. Enumeration and System hacking bring the basic “hacking process” to a close, but that is not the end of things, far from it.

Many of today’s large hacks and data breaches that you see all over the news are the result of very clever & persistent social engineers. Social Engineers figure out that you can’t always hack the machines, and sometimes it’s much easier to hack the unsuspecting person using the machine. Learn valuable skills in conducting Social Engineering Penetration Tests as well as how to protect against social engineering attacks.

You are going to enjoy the demos in the course as they will walk you through the whole process and not just the highlights. You can follow along with every single demo and make them into practice courses for yourself.

in just a few hours, you will already be figuring out new ways to use the software tools and tricks I have shown you and come up with new things to try. It is kind of addicting once you get into it.

I can’t promise a prestigious job right out of the gate, but I can promise you that you will learn way more in this course than you thought was possible, and you will want to learn even more.

Get rid of the mystery and learn what real hackers know. If you are excited at the idea of being an ethical hacker, then there is no better place to start than right here.

Did Uber Just Make a Huge Mistake?

Did Uber Just Make a Huge Mistake?

A couple of months ago it was reported that Uber Technologies Inc. acquired a portion of Microsoft Corp.’s Bing mapping unit. What they acquired was about 100 Microsoft employees (they offered them jobs) from the image acquisition, data analysis and processing departments, as well as a data center in Colorado, cameras, software and certain pieces of intellectual property.

What I found to be a bit concerning was that these engineers and the other things that Microsoft ended up selling were responsible for producing Bing Maps. Actually its more than just a little bit concerning. Based on my research, I believe that Bing Maps is a dangerous product for consumers and that it should not be used at all. If Uber bought more than just some of the infrastructure and people from Bing maps, then the products and services that Uber offers in the future might have seriously negative consequences for consumers and ultimately taint the reputation of one of Silicon Valley’s most promising companies.

Bing Maps, like Google & Apple, provide an online map which allows users to get driving directions, look at satellite and street images of houses and landscape as well as look up destinations and businesses throughout the world.  Anyone can give driving directions, but most companies have struggled to figure out how to properly integrate the phone book with an online map product.  What Bing has completely neglected is the verification of the data that they publish and that means that consumers are at a huge risk of being the victims of fraud, not to mention that legitimate small business owners lose revenue due to competing with SEO experts, scammers and criminals.

Feel free to replicate my results if you choose. I am going to run a simple search for a few businesses on Bing Maps (http://www.bing.com/maps/)

I typed in:  locksmith seattle.  The results on the left hand side should represent the most relevant businesses based on that search.  Google, Bing and other search engines guard their ranking methods very carefully, but typically it has to do with keywords, geographic location and user reputation (reviews etc).

Here is a screenshot of what I found for Seattle.

 

I checked these top 10 results against the Washington State Business License website and found that out of the 10 results, only two of these ten are real companies. If you look at the results it’s kind of obvious isn’t it?  The top result is literally the word “Locksmith.”  Have fun trying to trademark that business name.  If you go down the list, the first company that was even a “maybe” was result number 5 “Emergency Locksmith”.

If you type in that trade name into the search results you get 8 possible results with the keywords emergency & locksmith.  Except the fact that 7 of them are expired, and none of which are located in Seattle. The one that is not expired is owned by someone out of state with a very long list of other trade names that suggest he has many listings like these with multiple names to dupe consumers and give the illusion of choice.

Here is another result that I found interesting.  There is a business called “Locksmith Locksmith” in Seattle, and it has the same phone number as “Emergency Locksmith” which is just below it in the search results. This is a pretty tell tale sign that someone is submitting multiple business names to manipulate the rankings as well as Bing not having suitable validation or verification methods.

Could these 8 fake results be the work of the most unimaginative small business owners on earth?  Unfortunately that is not the case. These are “fake” business locations, designed to rank highly on the search engines that will then bring in more calls to the locksmiths that end up answering the phones.  Some of these organizations are just a few people, others are entire criminal organizations that make quite a lot of money.

I ended up writing a book (Cyber Fraud: The Web of Lies) about this entire subject that was available on Amazon for about a month. I am making some edits to the book and hopefully re-releasing it later this year.

When you call the number of one of these comapnies, you get connected to a representative or service provider who then comes to your house or car or office to assist with your lock related problem. Simple transaction.  The problem is that guy (or gal) is typically not licensed or bonded or insured or even paying taxes.  Many times they scam their “customers” with bait & switch scams promising 15$ service fees and then charging customers 200$ or more. Here is an undercover video by Jeff Rossen of the Today Show that exposes locksmith scammers. Other times they rob customers with duplicate keys they made for them.

These 8 fake companies might just forward to the same company who found a way  to dominate the search results.  The might forward to 8 individual scammers. Who knows.  I don’t have the time to call each one and have them show up, and even if they did, I doubt they will take very kindly to me asking for ID or conducting an investigation.  I also don’t have time to try and flag all of these locations as spam because seo experts and the criminals who hire them put them up faster than one person can remove them.

If you are wondering about other cities or business types, the bad news is that this is very widespread.  I recently looked at the top ten results for Locksmiths, Plumbers, Garage Door Installers, Moving Companies, Air Conditioning Repair, and even Bail bonds and found that they are all just as bad. Also,  I checked the results in San Diego, Seattle, Los Angeles, Houston, Dallas, New York City, Miami and found that they are all just as bad.   There are many more categories that these criminals manipulate, and its not just confined to these cities.

Do you feel safe knowing that the search results on Bing Maps are this unreliable?  

Are you willing to take the gamble on 1 or more of these companies hoping that they don’t scam you?  They are being dishonest from the very beginning so I don’t see why they would stop anytime soon.

Worst of all, it’s not just confined to Bing. I think every mapping website deals with these scammers in some degree, and based on my research over the last year, Yelp seems to have the least amount of spam / fake business data but that doesn’t mean its not there either.  WhitePages.com, SuperPages.com and Bing Maps are the absolute worst based on the evidence I have seen and it is my recommendation that consumers stay far away from these websites.  The people you call or meet via these sites are not hardworking small business owners. These are criminals and scammers, and I can say that with a very high degree of certainty.

The reason I know  is because I used to work for one of these scammers. You can read more in an article that was just written by Drew Atkins for the Seattle Business Magazine titled “This Hacker Wears a White Hat”.  At one point my boss had a network of over 3000 fake auto glass companies that were listed on Google Maps, Apple Maps, Bing, CitySearch, Whitepages and more. Many of them are still there. Many of which with fake reviews and a lot of them dominate the search results. As the article mentioned me saying, my old boss just broke $10 million a year in revenue that is all sourced through these methods.

I am not proud of my past. But I can use that knowledge to try and fix the problem. I would love nothing more than to work for a company and get paid to track down these criminals every single day. I would love that as much as Kanye West loves Kanye West.

When I heard that Uber was buying Bing Map’s assets, it made me wonder what they actually ended up buying. Are they buying the business data as well? The verification process? The backend setup?  We don’t really know.  I really hope not.

We do know that Uber probably has some cool products in the works, seeing that they are planning on buying self driving cars in the future and in all likelihood will be competing with Amazon by offering a delivery service at some point.  What happens when they start including these illegal and fraudulent results in their product offerings?  I have loved Uber from the first second I downloaded the app, and think that they do a lot of things that other companies should emulate. I just hope that they didn’t acquire Bing’s business data, because it would be easier to start from scratch than to try and sort the wheat from the chaff.

If you have any questions about anything in this article, feel free to reach out to me on Linkedin or  Twitter or email 

The Mother of All Android Hacks

The Mother of All Android Hacks

Users of the popular Android operating system are all vulnerable to “the mother of all Android vulnerabilities” in which a simple text message can give hackers complete control of your phone.

The worst part, is that you don’t necessarily need to open the text message for the hackers to gain control of your device. This flaw was uncovered by security firm Zimperium, and the text message contains a video file. In the code for the video file is a string of malicious code that then activates once received. You don’t even have to watch the video to have your phone taken over.

Long story short is that if hackers send out this malicious code to every Android phone right now, they could gain access to your phone.

Zimperium has stated that the flaw has not been exploited by hackers, yet.

Google has been notified has is working on a fix. The amount of devices affected is astronomical. This bug affects any device running Android in the last five years, according to Zimperium.  In 2015 alone, more than 1.1 billion devices will be shipped, according to industry analysts IDC.

If you have an Android device, update it now!

This is quite similar to the recent iPhone text message hacking story from a few weeks ago.

Change your Skype Password Now! Like right now.

Change your Skype Password Now! Like right now.

Users all over the internet are reporting that their accounts are experiencing some weird behavior. Apparently Skype accounts have been getting “spoofed” and Microsoft is recommending that all users change their passwords ASAP. Here is the link to the Skype Forum 

Instead of a hard to remember password, you should use a passphrase. 
For example:  Mycatdoesnotenjoyplayingthebongos!2015.
The first reports were posted in skype / microsoft help forums. Others confirmed that their accounts also sent such messages all by themselves.
“My account sent out the same message OP describes. The message was sent at 2345 UTC on 01-07-2015 to all contacts. As a precaution, I changed my Skype password on a different machine. I also checked whether anything strange was accessing the API, but this did not appear to be the case,” one user explained 3 weeks ago. Source
 Microsoft is fully investigating and the only advice or recommended action right now is to change your password.
So go change your password right now.
Why are you still reading this.
Seriously.
Hackers Threaten to Expose 40 million Members of Ashley Madison

Hackers Threaten to Expose 40 million Members of Ashley Madison

AshleyMadison is the most recent victim of hackers as Brian Krebs of Krebsonsecurity.com has reported late last night.

The hackers identified themselves as “The Impact Team” and posted a small sample of the data that they stole from AshleyMadison’s parent company, Avid Life Media.  Avid Life Media also owns “Cougar Life” & “Established Men.” The Impact Team also demanded the permanent takedown of AshleyMadison & Established Men with the penalty for non-compliance being the full release of names, addresses, and sexual fantasies of all 37+ million users.

The reason that Impact Team seems to be upset is over AshleyMadison’s “Full Delete” feature which is supposed to erase all traces of a users profile from their servers. The service costs $19, and according to the hackers, does not do what it promises. AshleyMadison apparently raked in $1.7 million in revenue in 2014, which is a lot of money for a service that does not do what it is stating to do.

The hackers were pretty clear about all of this by saying:

“Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers continued. “Too bad for ALM, you promised secrecy but didn’t deliver. We’ve got the complete set of profiles in our DB dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”

If the Impact Team does in fact have all member / employee data from AshleyMadison, then the ball seems to be in their court and AshleyMadison is going to have one hell of a time trying to stay online. Imagine the famous / powerful people that might be members of this website that are going to be very nervous about the release of their private information, let alone confirmation of membership on the website.  Depending on how powerful they are, there might be a lot of back-channel pressure upon AshleyMadison’s leadership.

There are a couple things I know for sure.
1. I would not want to be the leadership of AshleyMadison right now. Also, I would never want to be in a leadership position at a website like this. Their sole purpose is to facilitate cheating on your spouse.

2. Being a member of this site sounded like a bad idea when the commercials first started airing a few years ago. Now that is 100% confirmed to be a bad idea.

Ashley Madison has an “affair guarantee” that guarantees that members will have an affair. In a round about way they succeeded, now that 100% of their members are now completely screwed.