Basics of HTML

HTML 

HTML (Hypertext Markup Language) is the basic building block of the web. It provides the structure, content and connection between pages, allowing web designers to create interactive experiences and many opportunities. The mass of web pages are made up of one or more files that are downloaded to a computer, which in turn are interpreted by a web browser and finally rendered out to our computer screen. HTML is a markup-based, human-readable language that’s intended to be simple to write, and easy to understand.

Behind all HTML consists of identifiers (markups) that refer to various segments of the file such as the header, body and footer, the divisions inside these with images, forms that could be downloaded and printed, calendars with events marked, etc

The HTML was initially developed in 1993 as a HTML version 1.0. This 1.0 was a basic version and was supporting to basic elements like text controls and images. In 1995 HTML 2.0 developed for improving with text boxes, buttons, forms, tags etc. Then HTML 3.2 in 1997, HTML 4.01 in 1999 and finally HTML 5 released on 2007. 

The most thrilling aspect of HTML5 is the semantic approach to marking up content. This latest version introduces new features and support for multimedia directly inside an HTML document.

Over the past few years, videos on the web has exploded. As bandwidth has increased, and more people have access to high-speed internet connections. Until HTML5, the most reliable and common method for including video on a web page was to render it using Adobe Flash. Now YouTube came in to rule over all the video playing applications and showing the videos.

Like HTML, the CSS (Cascading Style Sheets) is another key component for building web pages and without them the web as we know it simply would not exist. HTML provides the building blocks and structure while CSS offers the styling such as it adds style to the front end of a webpage and defines the layout design, style fonts, borders, images, videos and create a background canvas.

HTML 5 came with tags such as <video> tag, <nav> tag, <article> tag.

A Basic example of HTML query

<html>

<head>

<title> Page Title </title>

</head>

<body>

TAG Info:

The HEAD tag

The head tag contains important information for the browser, such as CSS styles as well as search engine information.

The HEADER Tag

The header tag is different than the head tag, as it’s contained within the body of the HTML page, meaning it gets displayed in the browser. The header usually contains company emblem, navigation and possibly an introductory image.

Advantages

• HTML is easy to learn
• HTML is free to use and user friendly
• HTML is supported by all browsers
• HTML is basic for all programming languages and can be integrated with other languages.

For more information you can refer W3C portal. 

-DR

Basics about Hashing in cryptography

Hashing

Hashing is an algorithm used in blockchain technology and other cryptographic controls. It is a process of using an algorithm to map data or to scramble it of any size to a fixed length.

That fixed length string contains of numbers and characters known as hash or hash value.

As told, this hashing algorithm is used more in cryptography for encrypting keys or messages. Encryption is meant to protect data in transit, whereas hashing is meant to protect them at rest, that is to verify or check-sum that data or file is not altered and is authentic. Encryption is a two way function using the public key, whereas hashing is a one way function only, so that the text can not be unscrambled and decoded by anyone. 

Common hashing algorithms are such as MD4, MD5, CRC-32, SHA etc.

MD5: Known as Message Digest 5 and is an one way cryptographic hash algorithm used to verify data integrity.  The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, normally expressed as a 32 digit hexadecimal number.

Example of one hash file.

Let I have to add MD5 hash value to the word “Vine”. The output hash file will be as: a77b51765620b8b0c50236e9ea8907ab

Confusing? Yes it can be. Because normal people can not make this combination. We ideally use a HASH generator. There is a MD5 hash generator. This MD5 hash generator is useful for encoding passwords, credit cards numbers and other sensitive date into MySQL, Postgress or other databases. This tool provides a quick and easy way to encode an MD5 hash from a simple string of up to 256 characters in length.

Secure hashing algorithms (SHA) are many types and are published by NIST and NSA. Some of the SHA types are, SHA-0, SHA-1, SHA-2, SHA-3, SHA-256.

SHA-1 is a cryptographic hash algorithm, which generates a 160-bit string value as the hash value. It is commonly used in security and data integrity applications. This hashing algorithm was developed by the National Security Agency (NSA). In case of SHA-256, it creates 256 bit (32 bytes) of string value as the hash value.

Advantages of Hashing

• Hashing provides more reliable and flexible data retrieval method.
• Digital forensic experts use hashing value in case of verifying images and other documents during their investigation.
• Password storing and verification.

  Further you can suggest your views at comment below section.

-DR 

Crypto Ransomware

Crypto Ransomware

Data and information are becoming the new wealth day by day. The evolution of crime becomes more and more sophisticated in time. There is a new threat named ransomware just entered. These ransomware are just malwares that encrypts all your data. Hackers are willing to exploit data and information as much as possible to make it for their own economic benefit.

Crypto-ransomware are malicious malware that encrypt a victim’s most important files and hold them reserved with them from user until a payment is made to the hacker. Most of the payments they demand in form of crypto currency like bit coins. 

There are some professional hacking agency who develop and distribute the malware. They are building invincible malware variants, such as TorrentLocker and CryptoWall etc.

A brief about TorrentLocker

TorrentLocker malware was initially observed in 2014. It uses a symmetric block cipher AES to encrypt target’s files and system. This was affected to European countries more. 

This ransomware is being sent through infected spam emails and sometimes they use a infection chain which involves three steps such as;

• URL redirection
• Leading or routing to malicious page
• CAPTCHA verification.

In first step, the hacker compromise the web servers and inject them with a redirect rule. Then it constantly redirects or changes the URL address to avoid detection.

Eventually victims land on to web pages that seem to be legitimate and those are backed, controlled by the hackers. Again it asks for CAPTCHA code for feeling more authentic to the victim.

Then, when the victim fills the captcha, the ransomware downloads its package and encrypts all the files who have extensions like, .DOCx, .PDF, and .ZIP.  

Security experts warned not to trust those unknown sites, always keep back up of your data. A consistent backup can help to rebuild the business without hassle in case of any attack happens.

Everyone should use antimalware programs to prevent in downloading to system or it can warn the user before downloading.

And last but not least a lot of user level training or awareness is required to learn this type of attacks and their consequences.

-DR

Cyber News | TalkTalk Data Breach

Talk Talk Data Breach

In 2015 there was one data breach incident occurred at TalkTalk, a telecommunication service provider from UK. The breach happened as there was vulnerability at the website and the website was compromised.

In October 21, 2015 TalkTalk initially informed the website is just taken down. But later on October 23, TalkTalk have confirmed they have suffered a cyber attack. The CEO confirms that the firm received a ransom message and as well, names, addresses, date of birth, credit card / bank details etc. Of approximately 4 Million customer has been compromised. As of a result of this potential risk to customers’ personal data, Dido Harding, the CEO, urges customers to be cautious of unexpected phone calls that ask for personal information with respect to their TalkTalk accounts.

On October 24, one customer complained that scammers stole cash from her bank account and used it to purchase £600 worth of goods before the card was blocked, whereas another user reports that the hackers interfered with the broadband connection.

Next day on October 25, TalkTalk released an update in which it reveals that the attack was targeted to website not customers. As well company told that they do not keep credit card details on their website.

So very less amount of financial data may have been compromised. Behind this incident one 15 year teen was arrested by the Cyber Crime Division who was associated with the breach. There was SQL Injection attack. 

In November in an update, TalkTalk reports that the total cost of the damages it expects to incur as a result of the October data breach will range between £30 million and £35 million. These damages, the company goes on to explain, are largely due to a “loss of online sales and service capability.”

Security blogger Brian Krebs, citing sources “close to the investigation,” reported that a hacker group had demanded a ransom of £80,000 in bitcoins (about $122,000) in exchange for a stolen cache of customer data.

Just for the update and information on how personal and sensitive information can be stolen.

-DR