blog

Decoding Spear Phishing: Unmasking Cyber Threats and Defending Your Digital Fortress

Today, we’re delving deep into the enigmatic realm of the cyber world to uncover the clandestine techniques of “spear phishing.” In an age where the line between physical and virtual blurs, grasping the methods employed by cyber wrongdoers is of paramount importance. Join us on this thrilling journey into the domain of spear phishing, replete with captivating anecdotes, expert insights, and practical advice!

Exposing the Cyber Threat: Spear Phishing
Unveiling the Fundamentals of Spear Phishing
Spear phishing represents a precisely targeted cyber-attack designed to deceive specific individuals or organizations. Unlike conventional phishing, which casts a wide net hoping to catch any unsuspecting prey, spear phishing is akin to a skillful angler using the perfect bait to lure a particular fish from the vast ocean of data.

Distinguishing Spear Phishing from Whaling


Spear Phishing vs. Whaling: A Tale of Targets
Imagine you’re a cybercriminal with a specific organization or individual in your crosshairs. You meticulously gather intricate details about your target – their interests, connections, and online behavior. Subsequently, you craft a highly personalized email or message, laden with a compelling hook, like an urgent request or an irresistible offer. The objective? Deceive them into divulging sensitive information, clicking on malicious links, or downloading harmful attachments. It’s a craft of deception, one target at a time.

Now, envision yourself pursuing even grander prey – a CEO, a high-ranking executive, or a prominent public figure. This is whaling, the VIP edition of spear phishing. The techniques remain analogous, but the stakes are considerably higher. Cybercriminals target individuals with significant authority or access within an organization. If successful, the attacker gains access to a treasure trove of sensitive data and can inflict substantial damage.

In both instances, the goal is to compromise a target’s security or purloin valuable information.

Real-World Example: Phishing in Action


The Nigerian Prince Scam
This age-old example of phishing has persevered for years, demonstrating that old tactics can still be effective when executed skillfully. It typically unfolds as follows:

You receive an email from a supposed Nigerian prince who requires your assistance in transferring a substantial sum of money out of their country. In return for your aid, they promise a generous reward. The catch? To get started, they request your bank account details and a small “processing fee.”

While this might sound implausible, it has ensnared numerous unsuspecting victims into sharing their financial information or sending money. It’s a quintessential illustration of a phishing endeavor that preys on avarice and gullibility.

Detecting Spear Phishing: Your Guide to Cyber Sherlock


Safeguarding Against Spear Phishing
Identifying spear phishing necessitates a vigilant eye and a dose of skepticism. Here’s your trusty checklist:

  1. Scrutinize the Sender: Carefully examine the sender’s email address. Cybercriminals often employ deceptive addresses that mimic legitimate ones. Look for subtle discrepancies or misspellings.
  2. Analyze the Content: Is the message excessively urgent or menacing? Does it promise an implausible reward or demand sensitive information? These are warning signs. Always independently verify such claims.
  3. Hover Over Links: Before clicking on any links, hover your mouse over them to determine their destination. If the URL appears suspicious or unrelated to the purported sender, refrain from clicking.
  4. Inspect Attachments: Exercise caution with email attachments, particularly if they request you to enable macros. Malicious attachments are a prevalent avenue for cyber-attacks.
  5. Double-Check Requests: If the message solicits sensitive information like passwords, Social Security numbers, or financial data, exercise caution. Reputable organizations do not request such details via email.
  6. Verify with Caution: When in doubt, independently verify the request. Reach out to the supposed sender using official contact information, not details provided in the suspicious message.
  7. Keep Software Updated: Ensure your operating system, antivirus, and applications are up to date. Cybercriminals frequently exploit vulnerabilities in outdated software.
  8. Educate Yourself and Others: Educate yourself and your colleagues or family members in recognizing phishing attempts. Knowledge is a potent defense.

FAQs: Your Guide to Surviving Spear Phishing


How can I report a spear phishing attempt?
If you receive a spear phishing email, promptly report it to your IT department or email service provider. They can investigate and take appropriate measures. Additionally, consider reporting it to organizations such as the Anti-Phishing Working Group (APWG) or the Federal Trade Commission (FTC).

Can mobile devices be targeted by spear phishing?
Absolutely. Mobile devices are prime targets for spear phishing. Exercise the same caution with emails and messages on your phone as you would on your computer. The same rules apply – verify sender information, scrutinize content, and refrain from clicking suspicious links.

Is two-factor authentication (2FA) effective against spear phishing?
Yes, 2FA enhances security by requiring you to confirm your identity through a separate device or code. Even if a cybercriminal acquires your password, they cannot access your account without the second verification step.

In the ever-evolving landscape of cyber threats, spear phishing emerges as a cunning and targeted adversary. However, armed with knowledge and a healthy dose of skepticism, you can bolster your defenses and shield yourself from these digital snares.

Remember, cybercriminals continuously refine their tactics, so staying informed serves as your most robust defense. Share this knowledge with your peers, and together, we can forge a more secure digital realm.

Unveiling 48 Malicious npm Packages: A Deep Dive into Supply Chain Threats

A new set of 48 malicious npm packages has been discovered in the npm repository, capable of deploying a reverse shell on compromised systems. These packages, cleverly disguised to seem legitimate, contain obfuscated JavaScript that triggers a reverse shell upon installation. They were published by an npm user named hktalent, with 39 of them still available for download.

The attack occurs after package installation through an install hook in the package.json file, executing JavaScript code to establish a reverse shell connection to rsh.51pwn[.]com. The attacker deployed benign-sounding packages with multiple layers of obfuscation and deceptive tactics to target any machine installing them.

These findings follow recent revelations of malicious code in two Python packages, localization-utils and locute, which aimed to steal sensitive data from Telegram Desktop. These packages retrieved a final payload from a dynamically generated Pastebin URL and sent the data to an actor-controlled Telegram channel.

This development underscores the growing interest of threat actors in open-source environments, enabling impactful supply chain attacks affecting multiple downstream customers simultaneously. Such packages demonstrate dedicated efforts to evade detection, emphasizing the critical importance of trust in dependencies within our open-source ecosystems, as noted by Phylum, a software supply chain security firm.

My Negative Experience with Kotak General Health Insurance

Claim Intimation No.- Date 73344 – 24/08/2022

As a policyholder of Kotak General Insurance’s health insurance product for the past two years, I expected the company to provide a smooth and hassle-free claims process in case I fell ill or needed medical treatment. However, my recent experience with their claims department has left me disappointed, frustrated, and with a feeling of distrust towards the company’s practices.

My ordeal began when I fell sick with fever and dengue while visiting my native place. After receiving medical treatment and being discharged from the hospital, I submitted all the required documents to Kotak General Insurance’s claims department, including the original discharge summary, medical bills, blood and X-ray reports, and hospital bills. However, the company took 10 days to acknowledge my claim and requested more documents, including an acknowledgement report and my Google Map history, which I felt was an invasion of my privacy.

Despite complying with their requests, the claims process took almost two months, during which they even visited the doctor’s office to review CCTV footage, which I found intrusive and disrespectful. They also requested a letter from the doctor on his letterhead, specifying the dates of admission and discharge and the treatment provided, which I submitted three times, but they rejected it each time, stating that it was not “properly written.”

After five months of waiting and repeated document submissions, Kotak General Insurance informed me that they could not process my claim and rejected it, leaving me without the financial assistance I needed for my medical expenses. This experience has left me with a strong sense of distrust towards the company’s claims process and customer service, as they made the entire process of claiming insurance a source of harassment and frustration.

Based on my experience, I would not recommend Kotak General Insurance’s health insurance product to anyone seeking reliable and efficient insurance coverage. Their claims process is not only time-consuming and invasive of privacy but also inefficient and unprofessional. As a policyholder, I expected better from the company and was disappointed with their service.

In conclusion, I urge anyone considering health insurance to research and evaluate their options thoroughly, and to choose a provider that prioritizes customer service, efficiency, and transparency in their claims process. Based on my negative experience with Kotak General Insurance, I would not recommend them as a reliable or trustworthy option for insurance coverage.

Smart Phone Juice Jacking

Whichever type of modern smartphone you are using – whether it’s an Android device, an iPhone, or a Blackberry – it’s a common feature in all phones and it’s the power to pass the power supply and data flow from the same cable. Even though you now use standard USB minibus connections or cable which comes with Apple phones, the same situation is: the cable used to recharge your phone’s battery is the same cable you are using to transfer and sync your data.

This setup provides an approach vector for the malicious user to access your phone during the charging process; the data/power on the same cable; To get the USB data/power cable injected in order to illegally access the phone data and/or identify the malicious code as a juke jacking in the device

How can I avoid this?
Instead of charging your phone using a third-party system, only the most effective caution center. Here are some tips to help you avoid using a public kiosk charger:

  • Turn off most of your devices: Make a habit of charging your phone and office with your phone when you are not actively using it.
  • Take personal charger: Chargers have become very small and portable from USB cables to power bank. Get one and throw it in your bag, when you use a power bank, you can charge it anytime on your phone while in the office or whenever you go.
  • Run backup battery: If you are not eager to bring an extra charger or a power bank, you can choose to have a full spare battery if your device has a removable battery
  • Lock your phone: When your phone is locked as accessible as an access to the PIN or equivalent passcode, your phone cannot be connected to the device connected to it.
  • Turn down the phone: This technique works only on a model by model, as some phones run down, allowing full USB circuits to still be in the power store and the flash store in the device.
  • Use only USB cable power: These cables are missing two stars that are needed for data transmission and there are only two stars for the remaining power transmission. They will charge your device, but the data transfer has become unbearable.

The smallest details like charging from your phone kiosk charger can also affect the security of your device. There are many options for using third-party systems, but ultimately the best protection against compromised mobile devices is awareness. Want to know more about today’s safety and threats? Contact me today and see how I can help.

Interview With ZeeNews on Smartphone Juice Jacking

Securing WordPress

Advanced WordPress Security, Minus the Plugins

As always make sure to take a full backup of your website before making any changes. The code snippets below are placed in the root directory of your WordPress Installation. You can use your Control Panel to edit the file or you can use an FTP Program to upload your changes or you can even use the Yoast SEO Plugin File Editor to make these changes.

Protect your .htaccess file

I’m mentioning this first because your .htaccess file is one of the most important files and it needs to be protected. Use the code snippet below to secure this file.

# Protect .htaccess
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>

Protect your wp-config.php file

This is another extremely important file to protect so make sure to include the code below in your .htaccess file.

# Protect wp-config.php
<files wp-config.php>
order allow,deny
deny from all
</files>

Protect your error_log file

It’s important to make sure that any error logs aren’t accessible.

# Protect error_log
<files error_log>
order allow,deny
deny from all
</files>

Protect your WordPress Website from SQL Injection

This provides protection against SQL Injection of your WordPress Database.

# Protect from SQL Injection
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

Prevent others from Hotlinking your Pictures.

This will help your website from being drained of it’s resources when others try and hotlink images. Make sure to change the URL example to your URL.

# Disable hotlinking of images
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?example.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$  [NC,F,L]

Restrict Direct Access to Plugin and Theme PHP files

This will ensure that PHP files can’t be directly accessed.

# Restrict Direct Access to Plugin and Theme PHP files
RewriteCond %{REQUEST_URI} !^/wp-content/plugins/file/to/exclude\.php
RewriteCond %{REQUEST_URI} !^/wp-content/plugins/directory/to/exclude/
RewriteRule wp-content/plugins/(.*\.php)$ - [R=404,L]
RewriteCond %{REQUEST_URI} !^/wp-content/themes/file/to/exclude\.php
RewriteCond %{REQUEST_URI} !^/wp-content/themes/directory/to/exclude/
RewriteRule wp-content/themes/(.*\.php)$ - [R=404,L]

Secure the wp-includes Directory

Your includes folder is important and is often targeted by hackers. Protect it with the code snippet below.

# Protect Include-Only files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

Don’t Let People Browse your Directories

This is a great way to prevent Directory Browsing.

# Disable directory browsing
Options All -Indexes

Block Author Scans

Sometimes hackers will try and scan your author listings. You can block that.

# BEGIN block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]
# END block author scans

Block WordPress XMLRPC Requests

If you’re not using this feature, then block it.

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

Block xmlrpc.php via Redirect Match

If you’re not using this feature, then block it.

# Block WordPress xmlrpc.php requests
<IfModule mod_alias.c>
RedirectMatch 403 (?i)/xmlrpc.php
</IfModule>
 

6G Firewall/Blacklist

This firewall was created by PerishablePress and provides amazing protection.

# 6G FIREWALL/BLACKLIST
# @ https://perishablepress.com/6g/

# 6G:[QUERY STRINGS]
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
 RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR]
 RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR]
 RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]
 RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR]
 RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR]
 RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR]
 RewriteCond %{QUERY_STRING} (\\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR]
 RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR]
 RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR]
 RewriteCond %{QUERY_STRING} (\'|\")(.*)(drop|insert|md5|select|union) [NC]
 RewriteRule .* - [F]
</IfModule>

# 6G:[REQUEST METHOD]
<IfModule mod_rewrite.c>
 RewriteCond %{REQUEST_METHOD} ^(connect|debug|move|put|trace|track) [NC]
 RewriteRule .* - [F]
</IfModule>

# 6G:[REFERRERS]
<IfModule mod_rewrite.c>
 RewriteCond %{HTTP_REFERER} ([a-z0-9]{2000,}) [NC,OR]
 RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC]
 RewriteRule .* - [F]
</IfModule>

# 6G:[REQUEST STRINGS]
<IfModule mod_alias.c>
 RedirectMatch 403 (?i)([a-z0-9]{2000,})
 RedirectMatch 403 (?i)(https?|ftp|php):/
 RedirectMatch 403 (?i)(base64_encode)(.*)(\()
 RedirectMatch 403 (?i)(=\\\'|=\\%27|/\\\'/?)\.
 RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&amp;?)/?$
 RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")
 RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\\|\s|\{|\}|\[|\]|\|)
 RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack)
 RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)
 RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$
 RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php
</IfModule>

# 6G:[USER AGENTS]
<IfModule mod_setenvif.c>
 SetEnvIfNoCase User-Agent ([a-z0-9]{2000,}) bad_bot
 SetEnvIfNoCase User-Agent (archive.org|binlar|casper|checkpriv|choppy|clshttp|cmsworld|diavol|dotbot|extract|feedfinder|flicky|g00g1e|harvest|heritrix|httrack|kmccrew|loader|miner|nikto|nutch|planetwork|postrank|purebot|pycurl|python|seekerspider|siclab|skygrid|sqlmap|sucker|turnit|vikspider|winhttp|xxxyy|youda|zmeu|zune) bad_bot

 # Apache < 2.3
 <IfModule !mod_authz_core.c>
 Order Allow,Deny
 Allow from all
 Deny from env=bad_bot
 </IfModule>

 # Apache >= 2.3
 <IfModule mod_authz_core.c>
 <RequireAll>
 Require all Granted
 Require not env bad_bot
 </RequireAll>
 </IfModule>
</IfModule>

# 6G:[BAD IPS]
<Limit GET HEAD OPTIONS POST PUT>
 Order Allow,Deny
 Allow from All
 # uncomment/edit/repeat next line to block IPs
 # Deny from 123.456.789
</Limit>

HackRepairs Blacklist

This is a Blacklist that is used in iThemes Security and created by HackRepair.

# Start HackRepair.com Blacklist
 RewriteEngine on
 # Start Abuse Agent Blocking
 RewriteCond %{HTTP_USER_AGENT} "^Mozilla.*Indy" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Mozilla.*NEWT" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^$" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Maxthon$" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SeaMonkey$" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Acunetix" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^binlar" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^BlackWidow" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Bolt 0" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^BOT for JCE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Bot mailto\:craftbot@yahoo\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^casper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^checkprivacy" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^ChinaClaw" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^clshttp" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^cmsworldmap" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Custo" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Default Browser 0" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^diavol" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^DIIbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^DISCo" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^dotbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Download Demon" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^eCatch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EirGrabber" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EmailCollector" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EmailSiphon" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EmailWolf" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Express WebPictures" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^extract" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^ExtractorPro" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^EyeNetIE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^feedfinder" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^FHscan" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^FlashGet" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^flicky" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^g00g1e" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^GetRight" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^GetWeb\!" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Go\!Zilla" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Go\-Ahead\-Got\-It" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^grab" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^GrabNet" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Grafula" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^harvest" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^HMView" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Image Stripper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Image Sucker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^InterGET" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Internet Ninja" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^InternetSeer\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^jakarta" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Java" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^JetCar" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^JOC Web Spider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^kanagawa" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^kmccrew" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^larbin" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^LeechFTP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^libwww" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Mass Downloader" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^microsoft\.url" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^MIDown tool" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^miner" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Mister PiX" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^MSFrontPage" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Navroad" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NearSite" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Net Vampire" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NetAnts" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NetSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^NetZIP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^nutch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Octopus" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Offline Explorer" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Offline Navigator" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^PageGrabber" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Papa Foto" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^pavuk" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^pcBrowser" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^PeoplePal" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^planetwork" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^psbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^purebot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^pycurl" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^RealDownload" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^ReGet" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Rippers 0" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^sitecheck\.internetseer\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SiteSnagger" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^skygrid" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SmartDownload" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^sucker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SuperBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^SuperHTTP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Surfbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^tAkeOut" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Teleport Pro" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Toata dragostea mea pentru diavola" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^turnit" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^vikspider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^VoidEYE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Web Image Collector" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebAuto" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebBandit" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebCopier" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebFetch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebGo IS" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebLeacher" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebReaper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebSauger" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Website eXtractor" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Website Quester" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebStripper" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebWhacker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WebZIP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Widow" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WPScan" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WWW\-Mechanize" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^WWWOFFLE" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Xaldon WebSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^Zeus" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "^zmeu" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "360Spider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "CazoodleBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "discobot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "EasouSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ecxi" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "GT\:\:WWW" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "heritrix" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "HTTP\:\:Lite" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "HTTrack" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ia_archiver" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "id\-search" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "IDBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Indy Library" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "IRLbot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ISC Systems iRc Search 2\.1" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "LinksCrawler" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "LinksManager\.com_bot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "linkwalker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "lwp\-trivial" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "MFC_Tear_Sample" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Microsoft URL Control" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Missigua Locator" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "MJ12bot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "panscient\.com" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "PECL\:\:HTTP" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "PHPCrawl" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "PleaseCrawl" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "SBIder" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "SearchmetricsBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "SeznamBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Snoopy" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Steeler" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "URI\:\:Fetch" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "urllib" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Web Sucker" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "webalta" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "WebCollage" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "Wells Search II" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "WEP Search" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "XoviBot" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "YisouSpider" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "zermelo" [NC,OR]
 RewriteCond %{HTTP_USER_AGENT} "ZyBorg" [NC,OR]
 # End Abuse Agent Blocking

 # Start Abuse HTTP Referrer Blocking
 RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?semalt\.com" [NC,OR]
 RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?kambasoft\.com" [NC,OR]
 RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?savetubevideo\.com" [NC]
 # End Abuse HTTP Referrer Blocking

 RewriteRule ^.* - [F,L]
 # End HackRepair.com Blacklist, http://pastebin.com/u/hackrepair

Final Thoughts

Securing your WordPress Website isn’t hard to do as long as you follow Cyber Security best practices and use the right Security Plugins or the code above. As always make sure you take a full backup of your website before making any changes.

Work together for cyber security!

Increased proportion of cyber crime due to the increased use of the internet and the rising violence in the gaming universe is a danger bell for all. Experts have expressed their views on the need to work together and to work together for the cyber security, students, parents, teachers, headmasters and administrators.

In order to raise awareness about the growing violence due to cyber crime and gaming, Aahan Foundation organized a seminar on ‘Cyber Cares Givers‘ in Bhaidas Auditorium in Vile Parle Sponsor by NMIMS, under the initiative ‘Responsible Netism‘. Appeared to the guests present at the meeting. This seminar is well known psychologist Dr. Harish Shetty, Deputy Commissioner of the Cyber ​​Crime Cell of Mumbai Police, Akbar Pathan, Cyber ​​Forensic Expert Sanyog Shelar, Ahama Foundation’s Unmesh Joshi and Sonali Patankar were also present. NMIS College was a co-organizer of this seminar.

At the beginning of this seminar, Unmesh Joshi highlighted the games and how the revolulation of game started. He said that there are so many complaints about gaming being received and it is necessary for the parents to have parental control over them. Deputy Commissioner of Police, Mumbai Police, Akbar Pathan, underlined that under the cyber crime, children are being targeted. He said that security, information and awareness for cyber security are very important. He also advised not to give any password and OTP to anyone on social networking site.

Akbar Pathan Sir also took cognizance of the type of cyber crime and its review. He appealed to contact the Mumbai Police’s 98208 10007 helpline numbers and report the cyber crime. Cyber ​​Forensic Expert Sanyog Shelar, who was involved in the games and the care that needs to be taken, guided the audience. Personal information is currently being played while playing many online games. He instructed to take precautions when giving them. He urged parents to constantly talk to children about games and Internet usage. He said that parental control is necessary for how long the children play games.

Man cheated by the psychiatrist, who is coming forward to fight for cyber security. Dr. Harish Shetty has done this. Explain how the role of parents in this fight is important, make sure to know how to use things like internet, gadgets, do not fall prey to all the children, and communicate with the children in a spirited manner. The schools should maintain the status of a child safety policy, he said. Sonali Patankar informed about the measures implemented by Aahan Foundation.

Legendary Pokémon Go

Pokemon Go Fest took place in Chicago’s Grant Park July 22, and while technical issues prevented many attendees from getting the most out of the event, the expected rollout of Legendary Pokemon did take place.

Specifically, players around the world can now capture Lugia and Articuno by participating in Legendary Raids that may appear at Gyms near them. Niantic also revealed the next two Legendary Pokemon coming to the game “soon”: Zapdos and Moltres.

So Pokemon Legendary can impact on children interview with Zee News as Cyber Expert

Dangerous that can be digital footprint

Though the current time is of social media, the digital footprint that is emerging is not seriously considered. There is currently a possibility of getting a job lost, due to the shock that has been broken.

There was a rule that a large company of web designing could not work together with the Committed Cupels. Chandan and Sadhana (names have changed) The same academic batch. Incidentally, having a job in a single company increased the intimacy with each other. The social account also used to comment on one another; But he was not yet comedited. According to FB, his relationship with the office was seen by the management of the office and both of them were afflicted, so one person was told to leave his job. This was a shock for both of them. They did not want to do such posting when they were not commuted; Because they decided to establish their relationship status before the management sealed them.

Chandan and Sadhana were in a dilemma all of a sudden to hurry to share everything on social media. He had not thought about the consequences of your posting in the future. Posting in the language of social media is called ‘digital footprint’. That means life experiences, memories or traumatized accounts. You can be called a digital album of what memories are remembered for going forward in life. Humans must be ‘social’; But he should have a limit. If you exceed the limit, the result will be affected by anybody.

It is the youth’s interest to go to where you eat, what to eat, whatever happens on the occasion. There are many reasons behind creating this virtual image, marketing yourself, show off. It is a virtual attempt to tell about the situation, the person’s personal experience, and how soon it is going on in our life, telling me how much fun I am. Then you can get real happiness in the moment or not, as soon as you get it, your updates are given in mobile hands immediately.

To prevent viruses

So far, if you’re using a pirated window on your computer, now include the original Windows 10.

Go to the Computer Control Panel and go to System and Security and make sure that the settings of Windows Firewall are correct.

Upload any good company’s antivirus software to the computer. Also, follow the settings and follow the full Computer Scan.

When you turn on the computer, the antivirus updates most of the software. So do not cancel the update even if there is any disturbance.

Do not keep the computer or laptop’s default password. For example … abc, 123, characteristic words, your birth date, words in the English dictionary, etc. are not included as a password.

Never keep a password in your computer or browser. If you have a message like ‘do you want to save this password’, answer ‘no’.

Address bar – where the URL is included; If there is a sign of the locked lizard in the beginning, then it is not possible to know that the website is safe.

Never open links from e-mail or any other website. Know who has sent a link exactly before opening.

To reduce the memory of e-mail

Find Big Mail is a good option for finding large files in Gmail. The app works to automatically search for files that need to be deleted.
Visit www.findbigmail.com this website.

• After clicking the e-mail address on the homepage, click on Find Big Mail.
• After that, Google will ask for confirmation of this service.
• If not logged in, click the password and select Access Access.
• After that this service will start scanning your inbox. There is an email notification when the scanning is done.
• In the Inbox, there are several options like ‘Sent Mail’ etc. On the left, there are some more options that will appear. If the new options are not displayed, then the label will be displayed in three new options.

FindBigMail-Top, FindBigMail-1MB, FindBigMail-10MB
• Clicking on any one of the above options is to clean up unneeded e-mail and the Gmail inbox will help you to have a good amount of time. If you use these tips, it can help you get rid of the sudden loss of sudden e-mail.