Market Reality: Game of Thrones in AR, Microsoft Preps HoloLens 2 for Devs, & Epic Gives Out Magic Leap Headsets
Developers in the augmented reality industry got a lot of love this week.
Valuable Commodities Search Results
How To: Use Websploit to Scan Websites for Hidden Directories
Websites are often misconfigured in ways that allow an attacker to view directories that are not ordinarily meant to be seen. These directories can contain sensitive information such as private credentials or configuration files that can be used to devise an attack against the server. With a tool called Websploit, hackers can scan targets for these hidden directories without difficulty.
News: Meta's Optical Expert Delivers AR Reality Check via TED Talk, & Takes a Few Veiled Swipes at Magic Leap
Publicly, things have been pretty quiet over at Meta, the augmented reality headset and software startup based in Silicon Valley. But that doesn't mean that the company doesn't have a few strong opinions about the state of AR in 2018.
How To: Generate a Clickjacking Attack with Burp Suite to Steal User Clicks
Users are often the weakest link when probing for vulnerabilities, and it's no surprise they can be easily fooled. One way to do this is called clickjacking. This type of attack tricks the victim into clicking something they didn't mean to click, something under the attacker's control. Burp Suite contains a useful tool called Clickbandit to generate a clickjacking attack automatically.
Market Reality: Magic Leap Demotes Execs, Artie Makes AR Smarter, & Walmart Adds AR to Its Shopping Cart
Signaling a new direction forward for the company, Magic Leap shook up its executive suite by re-assigning to top leaders to new advisory roles. Meanwhile, a new startup backed by Hollywood executives, tech venture firms, and notable angel investors plans to bring new life to AR for marketing entertainment properties.
Market Reality: Magic Leap Goes to Work, Snap Speeds Up AR Spectacles Timeline, & Apple's CEO Preaches the Future of AR
Now that the Magic Leap One is out in the real world, the mystery behind the company lies not in whether it will actually ship a product, but when it will ship a consumer product. Or, does CEO Rony Abovitz steer the company in a different direction first?
How To: Use Metasploit's WMAP Module to Scan Web Applications for Common Vulnerabilities
Having an efficient workflow is an integral part of any craft, but it's especially important when it comes to probing apps for vulnerabilities. While Metasploit is considered the de facto standard when it comes to exploitation, it also contains modules for other activities, such as scanning. Case in point, WMAP, a web application scanner available for use from within the Metasploit framework.
News: After 5 Years, Touch ID Is About to Get Read Its Last Rites
RIP Touch ID. Apple's fingerprint sensor on iPhone and iPad models with Home buttons is about to become phased out on Wednesday, Sept. 12. While Touch ID will remain an integral part of models from the iPhone 5S to the iPhone 8 Plus, as well as the iPad Air 2 through the sixth generation iPad, Face ID will completely take over as the default security method for unlocking future iOS devices.
News: How Android Go Is Bringing Flagship Performance to Low-End Phones
Ever since Google CEO Sundar Pichai took the helms of the world's most valuable brand, he has made it his mission to bring smartphones to lower-income communities. Born in India, Mr. Pichai has created several programs to address the needs of the Indian market, particularly the lower income families.
How To: 4 Apps to Help Keep Your Android Device Secure
As of 2016, there are approximately 1.85 billion Android smartphones worldwide. This growing popularity has led to an increasing number hacks and cyber attacks against the OS. Unfortunately, Android users need more protection than what is offered by Google. The good thing is that there are a number of options available.
How To: Write an XSS Cookie Stealer in JavaScript to Steal Passwords
JavaScript is one of the most common languages used on the web. It can automate and animate website components, manage website content, and carry out many other useful functions from within a webpage. The scripting language also has many functions which can be used for malicious purposes, including stealing a user's cookies containing passwords and other information.
iPhone X vs. Pixel 2 XL: Comparing Google & Apple's True Flagship Phones
When it comes to technology, there are no bigger names than Google and Apple. They're the two most valuable companies in the world, and they've swapped places a few times over the last year, so they're truly neck-and-neck. But let's put business aside for a moment — which of these companies makes the better flagship phone?
Action Launcher 101: How to Set Up Covers & Shutters to Get Gesture-Based Widgets & Folders
Most Android launchers limit you to three choices: Icons, widgets, and folders. It's better than nothing, but it's still pretty hard to find the best look without overcrowding your home screen. You could fill everything up with icons, but then you'd have an iPhone. You could toss everything into folders, but that would always require an extra tap. You could mix in some widgets, but that would take up valuable space. So what do you do? Action Launcher has the answer.
News: Unexpected Microbial Life in Glacial Clay Could Offer Antibiotic Solutions
For as long as 14,000 years, the First Nations people of the Heitsuk Nation have made their home along the Central Coast of the Canadian province of British Columbia. Among the territory's inlets, islands, rivers, and valleys lie a clay deposit on the north side of Kisameet Bay, near King Island. For as long as most can remember, the tribe has used the clay as medicine. Now science says microbes that live in that clay may have important antibacterial properties.
News: Change of Tune? Not Everyone Needs to Finish That Course of Antibiotics
After years of telling patients to finish any prescribed course of antibiotics completely, a group of researchers in the UK say it is no longer necessary, and could even be harmful if we want to preserve the antibiotics we can still use.
News: Sleeping with the Fishes — Decay in Wastewater Damages Aquatic Life
Everything from disposed of drugs to hormones and disease-causing bacteria — anything that is rinsed or flushed down the drain — can contaminate wastewater.
News: Ebola Drug May Offer Safe and Effective Treatment for SARS & MERS
Coronaviruses are common viruses, and most of us catch one at some point — they cause about 30% of all common colds. A new accidental discovery could help fight these viruses, even the deadlier, emerging ones.
How To: Scrape Target Email Addresses with TheHarvester
Open-source data scraping is an essential reconnaissance tool for government agencies and hackers alike, with big data turning our digital fingerprints into giant neon signs. The problem is no longer whether the right data exists, it's filtering it down to the exact answer you want. TheHarvester is a Python email scraper which does just that by searching open-source data for target email addresses.
Social Engineering: How to Use Persuasion to Compromise a Human Target
Social engineering makes headlines because human behavior is often the weakest link of even well-defended targets. Automated social engineering tools can help reclusive hackers touch these techniques, but the study of how to hack human interactions in person is often ignored. Today, we will examine how to use subtle, hard to detect persuasion techniques to compromise a human target.
News: Blood Test Can Predict Severe Dengue Complications, Saving Kids' Lives
Dengue fever is a danger to anyone living or visiting tropical or subtropical regions. It can be hard to detect the infection in its earliest and most treatable phase, especially in children. Luckily, new research highlights better techniques for triaging the disease in infected children with more severe symptoms, potentially saving lives.
Market Reality: Upskill Acquires Pristine
This week's Market Reality covers a variety of business news from acquisitions and partnerships to competitive and technology assessments to quarterly financial results.
News: Malware Targets Mac Users Through Well-Played Phishing Attack
Maybe you thought sitting behind a Mac gives you special protection when it comes to getting hacked. Thanks to a a new report from Check Point, you can kiss that theory goodbye. The cyber security company just uncovered the latest strain of malware — OSX/Dok — infecting all versions of macOS (previously Mac OS X).
How To: Push Samsung Push Out of Your Phone, & Life, Right Now
You may have heard that Samsung Push is an incredible service that all Android users absolutely love. For one, Push provides extremely useful notifications for Samsung apps to assist you in all aspects of your life.
News: Phase 2 Zika Vaccine Trial Begins in US, Along with Central & South America
Phase 2 of a Zika vaccine trial began in the United States this week, along with Central and South America.
News: Two Doctors Simplify Spinal Surgery with the HoloLens
True innovation tends to come from the places we least expect as developers. The Microsoft HoloLens is still a very new product, and some of the other headsets are still just ideas, so the rules for mixed reality are not set in stone. That means all the real problems to be solved are yet to come.
How To: Strawberry Stems Aren't Waste—They're Perfect for Pesto
We're year-round pesto eaters. We eat pesto outdoors in the summertime on a light pasta with a glass of rosé. We eat pesto in the wintertime by the fire atop a bowl of soup with a warm mug of tea. We eat pesto with scrambled eggs for breakfast, pesto-slathered sandwiches for lunch, and baked pesto chicken for dinner.
How To: Upgrade Eggs Instantly with Milk, Beer & Other Creative Poaching Liquids
You can put spices in a scramble or fry an egg in bacon fat, so why poach eggs in just plain water? Water doesn't add any flavor whatsoever, so you're wasting a valuable opportunity to give your poached eggs more oomph—an extra important step if you're not frying your poached eggs afterward.
News: The HoloLens Might Have a Small Field of View, but That's Actually a Good Thing
Microsoft's HoloLens is certainly a leap into the future of mixed reality interfaces, but it's not without drawbacks.
Hack Like a Pro: How to Get Facebook Credentials Without Hacking Facebook
Welcome back my, tenderfoot hackers! Many people come to Null Byte looking to hack Facebook without the requisite skills to do so. Facebook is far from unhackable, but to do so, you will need some skills, and skill development is what Null Byte is all about.
How To: Turn an Ordinary 9-Volt Battery into a Secret Safe
Sometimes the best way to hide things is in plain sight. Whether you're trying to sneak some medication past security at a concert with a zero-tolerance policy, or you're just worried that maybe Omar comin', YouTuber MrGear has a clever way to put your mind at ease.
Hack Like a Pro: How to Use PowerSploit, Part 1 (Evading Antivirus Software)
Welcome back, my greenhorn hackers! A few years back, Microsoft implicitly recognized the superiority of the Linux terminal over the GUI-based operating system by developing PowerShell. Since Windows 7, every Windows operating system has had PowerShell installed by default, and they even made PowerShell capable of running Linux commands on Windows!
How To: 5 Android Apps That'll Make You a Citizen Scientist
Using a technology we like to call "Hive Computing," several Android apps allow you to contribute idle processing power to help further scientific research. This basically means that when you're not using your phone or tablet, it can join forces with other idle devices to form a supercomputer that scientists can use to potentially make a world-changing breakthrough.
Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 12 (Web Delivery for Linux or Mac)
Welcome back, my budding hackers! Metasploit, one of my favorite hacking/pentesting tools, has so many capabilities that even after my many tutorials on it, I have only scratched the surface of it capabilities. For instance, it can be used with Nexpose for vulnerability scanning, with Nmap for port scanning, and with its numerous auxiliary modules, nearly unlimited other hacking related capabilities.
How To: Security-Oriented C Tutorial 0x19 - Functions Part V: Passing by Reference
Hello there! This will probably be the final tutorial on functions where we will be looking over a method called pass by reference. This technique allows us to modify large amounts of data without the overhead and return multiple values. Let's go!
How To: Portion Out Cookies Months Ahead with This Ingenious Egg Carton Trick
Back in the days when June Cleaver was our role model, stay-at-home moms eagerly greeted their offspring's arrival home from school with fresh-baked cookies. But in the current vernacular, "Ain't nobody got time fo' dat!"
Hack Like a Pro: How to Hack Like the NSA (Using Quantum Insert)
Welcome back, my greenhorn hackers! Over the years, I have written many articles here on Null Byte chronicling the many the hacks of the NSA, including the recent hack of the Juniper Networks VPN. (By the way, my speculation in that article has proven to be correct. The NSA did embed a backdoor on those devices.)
How To: Gathering Sensitive Information: How a Hacker Doesn't Get DoXed
before I move on to more exciting areas in this series, I want to also point out some things to protect your information & how to not get DoXed.
How To: Upgrade a Normal Command Shell to a Metasploit Meterpreter
When attempting to compromise a target, we want as much control as possible over the victim. Metasploit's meterpreter allows us to have immense control over the victim, the only issue is that sometimes we can't land a meterpreter. We may only be able to land a standard shell, but fear not, there is a way to upgrade our shell into the all powerful meterpreter!
How to Train Your Python: Part 9, Basics of Error Detection and Handling
Welcome back! In the last iteration of how to train your python, we covered loops, today we'll be covering something that I wish I had learned about much earlier in my scripting career, errors. We all run into them, and they can be frustrating, but there is also a silver lining to them. Today, we'll be discussing why some errors are unavoidable, and what we can do when we run into them. Also, this article will be more of a concept and less of writing actual code, but the information is equall...
Hack Like a Pro: Windows CMD Remote Commands for the Aspiring Hacker, Part 1
Welcome back, my greenhorn hackers! Many new hackers come from a Windows background, but seldom, if ever, use its built-in command-line tools. As a hacker, you will often be forced to control the target system using just Windows commands and no GUI.