• what is 5G

    What is 5G | How fast is 5G | 5G Use ...

    5th generation telecom standard (5G) has been buzzing in recent years to cater to nearly 2 billion mobile subscribers worldwide by 2025. Likewise, 5G unfolds many new applications like Machine to Machine (M2M) communication, Internet of Things (IoT) and enables new revenue growth opportunities for the communication service providers (CSPs).

    Let us look at the evolution of 5G here:

    GenerationTechnologyFeature ServicesPeak Speed
    1G was about analog communicationCellular technology [AMPS]Only Voice14kbps
    2G was the era of Digital TechnologyGPRS, EDGEVoice, SMS, Email384Kbps
    3G was the era of Mobile InternetUMTS, CDMAVideo Calling, BoD, Web browsing2Mbps
    4G was the era of Mobile BroadbandLTEVoLTE, VoIP, High speed data, Video calling, IPTV, OTT Streaming100Mbps

    What is 5G?

    5G network is promised to transform businesses and society. Significantly, it enables faster connectivity and faster services and brings new opportunities, new revenue streams, and new business models with it.

    In short, with a higher capacity, 5G is expected to connect anything (mobiles, machines, sensors…) in the physical world to the Internet.

    Why 5G?

    4G has laid the mobile broadband platform for audio & video content over the Internet, Social networking, P2P file sharing, Streaming apps. Examples are different OTT platforms like Netflix, Amazon Prime, Hotstar, and so on. As the mobile data traffic (Video streaming) went up with the increasing mobile subscriptions, simply 4G cannot satisfy this enormous demand. Here are some interesting statistics:

    1. Mobile broadband traffic is expected to grow ~ 30% YoY until 2024
    2. Advanced services such as Augmented Reality (AR), Virtual Reality (VR), UHD, 360Deg Video are also in demand, expected to transform the digital world
    3. In addition, recent analysis shows OTT (Netflix/ Prime) traffic went up by ~ 55%
    4. Moreover, the global Internet of Things market is expected to reach ~ USD 724.2 Billion by 2023

    5G Services:

    5G use cases

    1. 5G eMBB (Enhanced mobile broadband):

    5G enhances limited 4G LTE capabilities to provide a greater capacity mobile broadband with higher bandwidth and higher throughput [1 Gbps user exp., at least 50 Mbps everywhere]. The ultimate goal is to deliver seamless coverage with high connection density to the end-users.

    1.1 Smart Home/ Office

    • Mobile broadband handles heavy data traffic of hundreds of users in an office environment.
    • Alexa-enabled smart home solutions are capable of controlling the lights, TV, music system, AC, Geyser, Air purifier, Vacumn cleaner, and other connected devices.

    1.2 Virtual Reality

    • High resolution streaming display (4k/8k video) for watching virtual reality contents
    5G Virtual reality gaming
    • Virtual Reality is not just about gaming, it is revolutionizing other industries like Sports, Education, Military, Medicine, etc. Examples are ClassVR (Educational VR App), VR360 (science and industrial use), Facebook Horizon (online gaming), VR-enabled movies, etc.

    1.3 Augmented Reality

    Unlike VR, augmented reality superimposes an image on top of a video or camera to feel like a real physical thing with sound and other technologies. Some examples are:

    5G Augmented reality
    • Google Map AR application shows digital navigation by recognizing the building names, street view & visual positioning.
    • Google Lens reads the object & gives all essential details
    • Snapchat AR filter transforms the objects & their characters by introducing a 3D effect

    2. 5G MMTC (Massive machine type communication):

    Millions of IoT sensors deployed very densely to capture, track small signals and send them back to the centralized server. The IoT signals are:

    • Occasional data communication (Delay tolerant)
    • Low data rate
    • Low data volume
    • Long battery life
    • A large number of devices / deep coverage

    2.1 NB-IoT (narrow band), Mass sensors

    Agri IoT
    • Firstly, agricultural mass sensors to track weather parameters
    • Secondly, connected wearables that capture health conditions such as Apple Watch, Fitbit, etc.
    • Finally, industrial IoT applications use mass sensors (temp sensor, pressure sensor, image sensor, motion detector sensor, and many more..)

    2.2 Smart City, Smart Meters

    • For example, Smart Parking, Smart street lighting, Waste management, Smart connected grid, and many more.
    • In other words, smart indoor electric appliances, connected utility meters, home security systems, smart locks are connected meters.

    3. 5G URLLC (Ultra-reliable and low latency communications):

    5G new radio communication (5G NR) addresses LTE latency issues and it is capable of much faster & smoother communication with a minimal delay (or latency) and high reliability.

    Above all URLLC is the most powerful and promising 5G capability, it is also termed as critical machine type communication.

    Ultra-high reliability: It means the network cannot have downtime even for few seconds.

    Ultra-low latency With URLLC latency of 0.5 milliseconds, it ensures almost zero time lag from the controlling point.

    URLLC

    3.1 Mission Critical Applications (Remote surgery, Robots)

    A remote surgical robot is able to conduct surgery from a distant controlling point where network reliability and very low latency are of utmost importance. Therefore, 5G secures zero time tag in the whole surgery process otherwise it might cause very severe consequences.

    3.2 Self Driving Car

    • Similarly, using URLLC service, the vehicles connect to each other, to other network services, to other cyclists, and guarantee no accident takes place.
    • Whereas the car infotainment system like music, gaming are other services deployed on the eMBB capability not on URLLC.
    Connected cars

    4. 5G FWA (Fixed wireless access):

    Finally & most importantly, CSPs have the unused spectrum band which they can monetize for the suburban areas by providing fixed wireless access with a minimum speed of 50 Mbps. The FWA revenue model works on top of the eMBB revenue model.

    4.1 Hotspots/ Public Transportation

    For instance, using consumer premise equipment (CPE) to boost indoor and outdoor coverage by the ethernet hotspot can be an FWA case.

    4.2 Broadband everywhere:

    Similarly, FWA also provides consistent broadband coverage at 50Mbps at rural cellular sites using the unused allocated spectrum.

  • shree's kitchen

    Delicious, moist Plum Cakes at Shree&...

    If you love to bite a slice of juicy, thick, flavoury plum cake in northern Kolkata, you can order it now at your doorsteps. Shree’s Kitchen, a newly opened kitchen near the Baranagar area is offering a good variety of cakes during this winter.

    Cake season normally starts during the X-MAS in Kolkata, you’ll find shelves of plum cakes but those are dry, over sweet, or a bit rough around the edges.

    Authentic plum cakes happen to be softer, moist, and have a rich flavor in them. Proper alcohol & fruit-based soaking, right mixing & precise temperature setting are the keys here.

    Shree’s kitchen started its journey with the bakery items from Baranagar & Hatibagan areas last December 2020 and already a popular name in North Kolkata. It takes orders from Shyambazar, Hatibagan, Bagbazar, Saltlake upto Baranagar, Dunlop, Sodepur areas.

    Some of the very popular ones are:

    Special Dry Fruit Plum Cake [Rs 460] : Rich with apricots, black & brown raisins, cashew, almond, pistachio, tooty-frooty, cherry and other dry fruits.
    Rich Dry Fruit Plum Cake [Rs 380 / Rs 190]: Having full of blueberry, raspberry, cranberry with all other dry fruits like apricots, raisins, almond, pistachio, tooty-frooty etc; it’s available in both Round /or Loaf shapes.
    Orange Flavored Fruit Cake [Rs 250]: Speciality is without any artificial essence real orange zest is used in this.
    Dundee Cake [Rs 400]: Full of almond powder and almond toppings, its less sweet and healthy option.

    To order you can contact at 8777295019

    Please order two days before

  • phishing attack

    What is Phishing | Whaling & Spe...

    Phishing means, like a baited hook attackers uses malicious email attachments, fake web links to grab sensitive customer information like passwords, credit card numbers, PINs, etc. Phishing is the oldest & simplest form of cyberattack and the most effective one. In other cases, attackers also use popular topics to infringe companies’ trademarks using Phishing techniques.

    Phishing represents 77% of all social-based attacks

    Phishing E-mail example
    Example of a Phishing email

    How Does Phishing Work

    Most internet subscribers are vulnerable to phishing attacks. It’s because often they use (i) Windows operating system, (ii) are persuasive, and (iii) do not have security software or antivirus in their system. Let’s have a look at how a phishing attack executes:

    1. Depending on the type of victim (individual, organization, a large group of users, etc.) firstly, the attacker first collects basic information about the target.
    2. Secondly, the attacker distributes emails with malicious attachments or constructs a fake eCommerce/ social engineering/ banking website as a trap.
    3. Thirdly and most importantly, the victim fails to understand these social engineering tricks and opens the email & attachment or visits the fake web link.
    4. Finally, the RAT (Remote access trojan) is installed in the target system, it is exploited.
    5. Additionally, RAT tries to access additional computers in that same network
    6. In conclusion, sensitive information is leaked by the attacker/ phisher

    Types of Phishing attack

    What is spear phishing?

    Depending on the type of victim, phishing turns to spear phishing which is target based attack, not a regular mass email attack. Typically this message contains the recipient’s name and information related to in-depth professional or personal matters.

    How does Spear Phishing work

    1. Initially, the hacker researches the names of employees of an organization and picks a victim.
      • IT manager who has full network access
      • Finance/ Marketing Manager who approves payment to the suppliers or vendors
    2. Moreover, from the organization page, or social media research like LinkedIn, Twitter, Facebook profile, the perpetrator gathers sufficient details about the victim.
    3. After that, perhaps acting superior or department colleague, the attacker sends out an email with a fake malicious link or attachment (for ex. invoice copy) to the victim, using a proper, standard email template.
    4. As a result, when the victim uses his credential to open the document or the link, the hacker captures his credential to gain the access to the corporate network.

    It is very hard to prevent spear phishing attacks as it is target driven; it already has made enough damages to many businesses and governments.

    spear phishing

    What is Pharming?

    Pharming starts with fake web links, forged Play store apps. If you click or download any of these apps, malicious codes are injected into your system to poison your DNS server.

    Pharming DNS Spoofing
    Pharming Attack

    To clarify this, your DNS name is your identity and it contains the private IP to public IP mappings vice versa. So, when you login next time your legitimate online banking link might land you to the hacker’s fake webpage using false entries at your DNS cache.

    What is Smishing or SMS phishing

    Smishing means using SMS texts, hackers spread phishing (malicious links) attacks. That is to say, there’re many gateways between IP networks and SMS networks. Therefore, an attacker can send SMS links from the Internet using Mobile operator’s forms to distribute SMS Phishing attacks.

    • Free Netflix Subscription link
    • COVID Donation link
    • Free COVID Insurance link & many more
    Smishing attack
    Smishing attack

    What is Vishing

    Like Smishing, Vishing is a voice phishing technique performing the same kind of scam. The attacker over the phone pretends as an income tax officer (IRS), or a bank employee, or a policeman.

    Eventually, they scare you with some kind of a problem & ask you to pay the fine immediately or insist to share your account details. The criminals gather details about the victim beforehand so it’s become easier to deceive them.

    What is a social engineering attack?

    People are the biggest vulnerability of any network. Social engineering is the art of persuading to gain illegal access to a building or to a corporate network. It’s certainly not technical hacking rather exploiting human psychology.

    Phishing is a kind of social engineering attack. so let’s explain it better.

    Commonly social engineering techniques are performed by these people (i) Customer service (ii) Delivery staff (iii) Phone calls (iv) Tech support

    Social engineering is dangerous to personal or corporate data. Once a social engineer is able to gain your trust, he can pose an IT helpdesk guy, to snoop on your corporate password to steal sensitive data. Moreover, acting as a delivery staff who forgets his key, a criminal can enter an office building with the help of a staff.

    How to protect against phishing attacks

    Avoid Phishing Emails

    • You should discard emails from an unknown person, unfamiliar address
    • Similarly, you should avoid emails containing untrusted attachments – just delete or report phishing.
    • For your info, most of the phishing emails generally contain subjects like Prizes, Lottery, Job offers, freebies, etc.

    Tips to avoid phishing scams

    Strictly follow Govt. approved webpages, mobile App

    • Strictly follow Govt. webpages, approved Apps for Covid-19 news and updates
    • Be careful about the site visit- try to avoid ‘HTTP://‘ pages, always visit ‘HTTPS://‘ pages
    • Avoid webpages with unfamiliar fonts, color, spelling errors

    Online Banking

    • Try to use office/ corporate computers for online banking, money transferring as they provide end-point protection against any malware, external threats
    • Double-check the UPI Id, validate the bank/ merchant name before payment

    SMS Links

    • It’s better to avoid untrusted Covid-19 links, forwarded messages, any job offers on WhatsApp or SMS
    • Be careful about KYC SMS links, don’t share until you verify the link

    Before you Accept/ Click

    • Don’t click on online widgets, flash images, pop-ups during browsing a webpage
    • Don’t Accept cookies from untrusted webpages, click ‘x’ and close

    Home PC, Mobile

    • It’s mandatory to install authentic antivirus, security apps & update them regularly
    • Use WPA2 encryption for your home WiFi router

    Avoid untrusted Sites

    • Don’t use pirated software, movie download sites, adult sites, untrusted eCommerce platforms

    Virus Scan

    • Periodically scan all files (incl. the zipped, hidden) in your PC, Tablet, Phone
    • Check if any site has your default password – if so change it
    • Change password for online banking, eCommerce sites, trading platforms every 2-3 month

    Avoid public Wi-Fi

    • Try not to avoid free WiFi at Airports, Coffee shops, or Railway platforms like areas; and never log in to your online banking page or make any financial transactions
  • what is ransomware attack

    What is Ransomware Attack | Know Type...

    A Ransomware attack is a type of Malware, that encrypts or locks a victim’s computer, and demands payment (in bitcoins) for recovery. If your computer is compromised with a ransomware attack, all files (.doc, .txt, .mpeg, .xlsx, etc.) would be encrypted using a public, private combination key. The hackers lock these sensitive files, takes the system control until you pay the ransom.

    Now the victim has no option left other than

    1. Pay in bitcoins (which can’t guarantee anything) or
    2. Ransomware removal by formatting the computer or server

    How Does Ransomware Work

    All types of endpoint systems, terminals are vulnerable to ransomware attacks. For example, IT servers, personal computers, point of sales (POS), printers, smartphones, any smart gadgets, even further Smar Cars, Smart Homes are also vulnerable to ransomware.

    Lets see how it works:

    1. Ransomware attack usually starts with a spam link sent by the hacker (not necessarily only through emails, could be third-party websites, any unknown link)
    2. As soon as, the user clicks on the link malware gets downloaded to the computer
    3. Then the malware automatically run in the computer and the virus makes a copy in the C drive (all the commands, shells are copied)
    4. Likewise, newly added registries are copied in the computer
    5. Now the hacker can connect to the computer using the corrupt registries
    6. Thereby hacker takes control of your data, uses a key to encrypt these crucial data, and locks the computer.
    7. Now the victim gets a message from the hacker asking for ransom unless data would be deleted or shared online.

    Types of Ransomware

    Scareware

    This is kind of a tech support scam, where you’ll get a pop-up message asking for payment against the removal of malware, discovered in your computer. But in this case, your files are safe. If you don’t pay you’ll get repetitive scary messages, that’s it.

    Screen lockers

    Lock screen ransomware locks your computer screen. You won’t be able to access it, a full-screen pop-up will appear with an authentic-looking Defense or Govt logo on it. It will now demand a fine for performing an illegal activity. However, this is just to defraud you, no police will freeze your account.

    Encrypting ransomware

    Cybercriminals take control of your system first and then seize the important files & folders to encrypt them using a sophisticated key. Next, they demand ransom in order to return the control back by decrypting the files. It’s so deadly that no security software or system restore can return the data. And even if you pay the ransom, no guarantee that the hackers will give those files back, all are gone (mostly happens).

    Ransomware Attack Types

    WannaCry

    The most popular and large ransomware, affecting millions of windows machines in 150+ countries, causing multi-billion dollar losses in 2017. It was a self-contained, self-propagated TOR program that spread autonomously from one computer to another. It pop-up appears after windows load as below:

    wannacry ransomware attack
    Wannacry ransom note with timer & bitcoin link

    Petya and NotPetya

    Petya, dawned around 2016, encrypts the computer hard-disk using a very sophisticated encryption algorithm. This makes the entire disk inaccessible. It’ll ask you to install the Tor browser (darknet) and then the steps for decryption to follow.

    Later it reoccurred with the new variant NotPetya, extremely dangerous than the former. NotPetya can propagate by own and is able to spread without human intervention. It asks for ransom in bitcoin and then you need to share your key to the hacker’s mail id for decryption. There’s almost no chance of getting back your files as the hackers used fake email ids.

    Petya and NotPetya use the same vulnerability from WannaCry to spread across computers and both infect Windows computers.

    Petya ransomware
    PETYA Ransomware, steps to decrypt your files

    CryptoLocker

    It’s a similar kind of file-encrypting ransomware, came up in 2013, the first kind of modern age ransomware. In early 2014 at its high, it infected more than half a million computers via an email attachment. It is obsolete now.

    Cryptol Locker
    Cryptolocker popup

    Cerber

    Cerber runs silently into the system to stop all windows security features & antivirus. Cybercriminals use this kind of service while encrypting the files using Windows vulnerabilities.

    Bad Rabbit

    It spreads across Europe and Asia back in 2017 by fake Flash player updates. Mainly the targets are located are news & media companies in Russia, Ukraine, Tukey, and Germany. However, it is possible to decrypt the files if you pay the ransom, unlike other ransomware variants.

    Maze

    Like other varieties of malware in the past, it also spreads across corporate networks & servers and encrypts data using a combination key so that it cannot be accessed. Very recently in 2020 Indiabulls, Cognizant servers were targeted by the Maze ransomware

    Modern variants of ransomware like Ryuk, Robinhood, Thanos emerge in recent years, are extremely harmful

    Recent variants of ransomware

    What is Mobile Ransomware

    Mobile ransomware is a kind of Android malware that affects mobile devices. It doesn’t commonly prevent access to files or steals sensitive data, rather blocks the mobile device. Mobile users don’t understand the risk of clicking fake web links or downloading malicious content. And that’s how this malware is distributed through malicious apps or social engineering attacks. In recent years both Cryptolocker ransomware attack found in both Andriod and Apple devices while Doublelocker affects many android devices PIN and encrypted stored data.

    Mobile Ransomware
    Mobile Ransomware

    If infected, you need to boot up your mobile device in safe mode and remove all apps in order to get back access. Also, to safeguard you need to install strong mobile security software & update patches regularly.

    How to Protect against Ransomware

    Normally, Govt agencies, Corporates, Banks are the foremost targets of ransomware attacks who hold sensitive customer data and can pay quickly. During the Covid-19 when corporate workplaces became residential, cyber crooks use this as an opportunity to spread more phishing emails & malware driven attacks.

    Here are some best practices that you can follow for protection & prevention against a ransomware attack:

    What is Ransomware Protection

    System backup

    Regular data backup is the crucial step, that can reduce the risk of encrypted data or any data loss. So you can format the affected server and restore data quickly for business continuity. If possible keep more than two copies of the backup in two separate locations.

    Firewall Activation, Endpoint Protection

    Recent Endpoint protection programs provide a good defense against WannaCry, Maze, or Petya type of backdoor attackers.

    Additionally, keep a paid antivirus or security app in your system and update them regularly. Though antivirus is not that successful against modern ransomware variants but can safeguard against the most.

    You should monitor or scan unusual files, viruses, network traffic, CPU loads.

    Avoid untrusted sites, unknown links, Emails attachments

    Mostly email phishing and spamming are the beginning of a ransomware attack. You should be always watchful towards malicious email attachments, fake job offers, or any unknown web links. Avoid clicking, or download or open these files and report phishing if possible.

    Secure Webgateway

    You should use secure web gateways, so configure WPA2 encryption for your home router. It scans the traffic and prevents any malicious web ads that could lead to a ransomware attack.

    It is preferable to avoid ‘HTTP://’ pages, and visit only ‘HTTPS://’.

  • Aashram Chapter 2 Review (MX Player): The Dark Side (2020)

    Aashram season 2 review: Baba Nirala&...

    Finally, the wait is over, the much-awaited web series Aashram season 2 is back on MX Player. Overall the story is a continuation of Aashram season 1 revealing the dark side of Baba Nirala. Yet if you think exposing Baba Nirala completely, no you’ve to wait until next season! Aashram season 2 only reveals how Pammi is managed to escape from the Aashram to get her revenge. The pace of Aashram 2 is very slow & too many useless characters & Plots (Tinka Singh’s music events, CM Sundarlal’s & Hukum Singh’s prolonged political affairs..) appear languid and certainly make you feel monotonous.

    Aashram season 2 rating:

    Ashram season 1 depicts the deep inside structure of fraud Hindu ashram considerably well. So now it’s time to uncover the truth behind the dark side of ashram but the slow pace of this web series couldn’t match up to the expectation. It’s dull & monotonous, so we rate it 4/10.

    Aashram season 2 release date and time: November 11, 2020

    Aashram Director: Prakash Jha

    Aashram cast:

    Baba Nirala: Bobby Deol gets well to the skin of the character. His rapist appearance in Chapter 2 is much more revealing yet he covers it well with his soft & quiet looks and manages to wield his fellow devotees; perhaps this is his career-defining best onscreen performance.

    Bhopa: He is my most favorite Aashram cast, Chandan Roy Sanyal was spot on in his cruel but calm attitude & heartless character. But surprisingly in chapter 2, he gets fewer appearances & dialogues make it feel dull.

    Bhopa Bhai
    One of the finest acting by Bhopa Swami in Aashram

    Pammi: Aaditi Pohankar made adequate justice to this bold & confident character. She is the face of women devotees who stand against Aashram and will be the gamechanger in Ashram’s next chapter.

    Baba Nirala with Pammi in Ashram

    Akki: Played by Rajeev Siddhartha, is given much importance than the previous season, excelled well in his supporting character.

    Two significant ladies Tridha Choudhury (as Babita), Anupriya Goenka (Dr. Natasha) look very ordinary. Although Darshan Kumaar (Inspector Udjagar), Tushar Pandey (Satti) are excellent in their respective roles.

    Tridha Choudhury as Babita in Aashram
    Aashram Season 1 review

    Aashram Chapter 2 Review (MX Player): 

    • Cunning Baba Nirala (Bobby Deol) has made Aashram a brothel, raped Babita (Tridha Chowdhury) by persuading his husband Satti (Tushar Pandey) to undergo castration as an act of purification.
    • Mohini’s sister Sohini is being killed by Ashram’s muscle men.
    • Ashram pushes drugs through Laddu and sells across the market, also has a de-addiction center, to look noble to the outer world.
    • Police Inspector Udjagar (Darshan Kumaar) & Sadhu (Vikram Kochhar) enters the Aashram as a drug addict with the help of doctor Natasha (Anupriya Goenka) and journalist Akki (Rajeev Siddhartha) & collected important evidence against the ashram but eventually deceived by his own department.
    • Meanwhile, Baba being the mastermind defeats chief minister Sundarlal and elects Hukum Singh – political affairs seem unnecessarily stagnated in this season.
    • Pammi, a blind believer of Baba, being fooled (through drugged laddu) and raped by Baba.
    • “Baba Laayenge Kranti”, Baba’s rockstar Tinka Singh (Adhyayan Suman) makes public gatherings but it ridiculously fails to impress.
    • Rebellion Pammi, at last, manages to flee with the help of Akki and preparing for revenge. After so much unnecessary flab in the long-running episodes, you’d be jaded.

    Aashram chapter 2 rating: Japnam flops

    Disappointing! Unlike chapter 1, after an intriguing pitch, everyone was eagerly waiting for the Aashram chapter 2 but alas! Chapter 2 episodes are boring with its monotonous pace. The screenplay could’ve been much better but ultimately all attempts to debunk the brutal reality of ashram are still missing! All said and done, you can skip it, not worth streaming.

    Aashram season 2 download: https://www.mxplayer.in/

  • nabapatrika

    Maha Saptami: Significance of Nabapat...

    Traditional Durga puja reaches its zenith on the sixth day of the Navratri which we also called ‘Maha Sasthi’. On the seventh day or ‘Mahasaptami’, rituals start at a very early morning, also called Nabapatrika.

    When is Maha Saptami in 2020: Mahasaptami will be celebrated on October 23rd

    Significance of Nabapatrika snan:

    Nabapatrika means nine leaflets (bunch) from nine different plants along with the Kolabou (banana stem) is worshiped in red-bordered yellow saree, given a bath in the holy Ganga or at any nearby pond at dawn. [Nabapatrika plants are described in Bengali here: 1. রম্ভা/ কদলী(কলা), 2. কচু 3. হরিদ্রা (হলুদ), 4. জয়ন্তী ,5. বিল্ব(বেল), 6. দাড়িম্ব (ডালিম), 7. অশোক ,8. মান and 9. ধান]. Common people sometimes misinterpret Kolabou as the wife of Lord Ganesha, but as per mythology, Lord Ganesha’s wives are Ridhi & Siddhi. Here Nabapatrika is the symbol of the warrior goddess Durga who destroys eight demons including Shumbho/ Nishumbha before she finishes Mahishasura. Maa Durga in Nabapatrika image returns from Ganga by the priest together with a grand procession and many drummers/ percussionists and is placed next to Lord Ganesha’s idol. As per spiritual belief, Nabapartika is the ritual to bring life to the temple, so that the rest of the days Durga idol can be worshipped with other idols. Nabapatrika was also part of Krittivasi Ramayan, the day of Lord Ram preparing for the battle against the Ravana, the ten headed demon of Lanka.

    Read more details in Bengali here….

  • mirzapur 2

    Return of Mirzapur season 2 on Amazon...

    With record-breaking viewership, Mirzapur season 2 on Amazon Prime is the most searched TV series of late followed by the Sacred games on Netflix. 9-episode Mirzapur season 1 was released in 2018 (Mirzapur release date was on 16 November 2018), a crime thriller in desi Indian backdrop has made Mirzapur a world of terror. Though Mirzapur has many similarities with Gangs of Wasseypur, in my opinion, the former one was way more natural than the Mirzapur web series, here excessive use of abusive & hard languages appears slightly forced.

    Mirzapur season 2 release date: October 23, 2020

    Mirzapur Plot & season 1 Climax: The story circle around the king of Mirzapur, Kaleen bhaiya and his arms & drug peddle; the plot forays into how two ordinary boys enmeshed into the dark world and linked to Tripathi house and thereby some extreme twists and turns follow.

    In the climax of Mirzapur season 1, at a friend’s wedding party in a shootout, Munna kills Bablu, Sweety, and brutally injures Guddu; and Kaleen kills two policemen to sustain the fear among the public. While in Tripathi house Beena gets very upset by his family/father-in-law and looking for a gun to get revenge.

    Mirzapur poster (P.C. Google)

    Mirzapur cast :

    Munna Bhaiya – He is my most favorite Mirzapur season 1 cast, Divyendu Sharma was spot on in his heartless, abusive character from the first episode until the last one; coming from a comedy background (Pyaar Ka Punchnama/ Chashme Baddor) he showed a lot of versatility.

    Mirzapur Guddu bhaiya – Played by Ali Fazal; he & his brother Bablu (Vikrant Massey) superbly get to the skin of the character with a local accent & college boy attitude.

    Mirzapur Kaleen bhaiya – In his role Pankaj Tripathi (father or Munna and King of Mirzapur) seems a bit subdued & sometimes straight-faced; with the potential he has, I think he’ll excel in coming Mirzapur season 2.

    Golu (Mirzapur golu real name is Shweta Tripathi) as Gajgamini seems a very bold and confident girl who stand against all odds and win against Munna in the college election; she will be a game-changer in season 2 from the looks of the recently released trailer

    mirzapur web series cast

    Though I didn’t like Kulbhushan Kharbanda (played the father of Kaleen & grandfather of Munna) & Rasika Duggal’s (Mirzapur actress who played Beena, wife of Kaleen bhaiya & sex maniac) characters in season one –

    • All over the season, Kulbhushan only watches animals mating on Discovery – unnecessary fantasizing!
    • Rashika’s role was more passive, though she & Shweta Tripathi are expected to be the game-changer in next season

    Mirzapur season 2 cast: As per the recently released Mirzapur trailer (season 2) Pankaj Tripathi, Divyendu Sharma, Shweta Tripathi, Ali Fazal, Isha Talwar, Vijay Varma, and Rasika Dugal played the pivotal roles. So, I’m expecting the edge of the seat thriller will continue in season 2 as well.

    Mirzapur poster (P.C. Google)

    Recently released Mirzapur 2 trailer review –

    From the looks of the Mirzapur 2 trailer, it’s apparent that Guddu will be coming back for revenge for his brother with the help of Golu. There’ll be some new entries of grey-shaded characters who are eagerly waiting to take down Tripathi & Mirzapur. But the key question is who will be the next King of Mirzapur? We saw how Munna is playing behind his father, Kaleen is supremely competent yet shaky in family matters and fierce Guddu has nothing to lose. But for sure more bodies will pile up again.

    As the season 1 cliff-hanging climax, the season 2 is expected to be a full-fledged action thriller again. However, I’ve to accept that the web series is somewhat overhyped and, in my opinion, nowhere near to Sacred Games /or Gangs of Wasseypur. Excel Entertainment (co-produced by Farhan Akhtar) must have worked hard to promote this web series.

    mirzapur vs sacred games

    When mirzapur season 2 will release : October 23, 2020

    Overall, my rating for season one is 8/10, and I’m hoping Mirzapur season 2 will exceed all expectations.

  • Aashram web series at MX player

    Aashram season 1 review: Japnaam soar...

    Aashram, the latest web series on MX player is an Indian crime drama engrossed with caste discrimination, blind followers of godman, and eventually becoming victims of these fake saints. With a gripping & convincing storyline, director Prakash Jha precisely has connected the dots of Hindu casteism, religion, politics, socio-political affairs that will make you thrilled. Not much of a typical strong language, sex, violence but with simple content, subtle screenplay, and solid performance makes you glued to the screen.

    Aashram chapter 1 rating: 7/10

    [For the deep inside structure of fraud Hindu ashram, though I wanted to reserve 1 extra for the climax in Season 2]

    Aashram Director: Prakash Jha

    The series forays into India’s caste discrimination system where a Dalit girl Pammi, (Aaditi Phankar) who is also a wrestler, became a victim of casteism. When Pammi & Satti (Tushar Pandey) are dejected fighting against all odds and about to give up every hope of life, godman “Kashipur wale Nirala Baba” (Bobby Deol) emerges as a messiah. Thus, Pammi became an avid follower of baba and chose the path of devotion and gave up her career, family to join the Aashram as Sadvi (female devotee of the ashram) with her brother Satti. Both Aaditi and Tushar are outstanding in their pivotal characters throughout the season.

    Aashram cast:

    Bobby Deol as a godman “Nirala Baba”, with his trusted man Bhopa (Chandan Roy Sanyal) made the Aashram a powerhouse of the society. The main intention of the Aashram is to control millions of poor, superstitious, underprivileged minds with eloquent prayers “Japnaam” & “Babaji ki Sada hi Jai”. But behind the scene, they smuggle drugs, influence elections, buy politicians, and are involved in rape, prostitution, murder, and many more.

    Bobby Deol, played the wicked baba who is the mastermind behind all con-activities, gets to the skin of the character and undoubtedly it’s his best onscreen performance. More so I’ve become a big fan of Bhopa with his strong screen presence as a manager of Aashram office with many grey-shaded fellows. Bhopa rarely uses a gun unless you’ll find him calmly preying with the folded hand “Baba Jaane sab ki Maan ki Baat, Japnaam Japnaam !!!”

    Baba and Bhopa

    Parallel to the Aashram’s inside story, there’s a murder mystery when a skeleton is discovered in town; sub-inspector Ujagar Singh (Darshan Kumaar), who is probing this case suspected some illegal activities going on inside the ashram. But with the growing Govt & political influence, it’s too difficult for Ujagar to continue the investigation. Towards the end of the season, Nirala baba wanted to attract youth to the ashram and by sexual desire, he intentionally emasculates (Suddikaran, as Aashram called it) Satti to get to his wife Babita (Tridha Chowdhury).

    Aashram season 2 prelude

    Will there be a window of opening for Ujagar to enter the ashram? How Pammi will take revenge when she’ll get to know the real baba? I’m very curious to know what is stored in the next season. With the recent developments in both Aashram’s inside and outside events, will that be enough to reveal the Aashram secret? Well, you’ll have to wait for the full picture in Aashram season 2.

    Overall, the best part of this web series is the message towards the society, when someone surrenders to a holy man based upon just blind faith, should ask questions why, how, what – otherwise can be exploited badly.

    Aashram chapter 2 review: Is it good or an average watch?

    “Hamaare desh main log vishwas karna shuru karte hai toh baad (flood) si aa jaati hai” – is the best one from baba in this series. This web series reminds me of the real story of Ram Rahim Baba and his trusted aide Honey Preet for their similar con activities a few years back, ultimately put to the Jail.

    Conclusion

    AASHRAM is currently streaming on MX player OTT platform which is free unlike Prime, Netflix, SonyLiv, or others; in season 1, there’re only 9 episodes around 45-50mins each.

    How much will you rate this web series out of 10, let us know in the comment box below?

  • Kolkata Biriyani

    The history behind Kolkata Biryani &#...

    The name Biryani is originated from two Persian words ‘Birinj’ (means rice) & ‘Biryan’ (means to roast), it’s an orthodox dish of roasted rice with meat. Though it was originated in Persia, brought to India by the Mughals. Nowadays a fusion way of cooking, even Fish (Hilsa), Prawn, or vegetables can also be roasted with rice to form different forms of fusion Biryanis.

    Why is Kolkata biryani different from others?

    In India, orthodox Biryani has mainly four gharanas (cooking style based on different places) – Mughal Biryani, Oudhi Biryani, Hyderabadi Biryani & South-Indian Biryani. Kolkata can offer you all the original style of Biryanis in yellow-colored aromatic basmati rice with added potato, tender meat along with a very special signature touch of saffron & kewra water. There’re some most popular Biryani cuisines in Kolkata, let’s unveil their uniqueness.

    Why does Kolkata biryani have potatoes?

    Potato or Aaloo is a very special ingredient in Kolkata Biriyani. It is said that when Nawab of Lucknow Wajid Ali Shah exiled to Kolkata by the British & settled in the Metiabruz area. He had a shortage of money, that’s why to restrict the cost & amount of meat in biryani, the deep-fried potato was added by his chefs, formed a new signature style. Slightly sweet in taste Kolkata biryani has the meat marinated in yogurt, red chili powder, turmeric & salt. Lighter use of whole spices like nutmeg, green cardamom, cinnamon, mace, cloves, and of course saffron, adds a very unique flavor indeed.

    Another version is the Portuguese bought potatoes in India. And that time the imported potato was a very special delicacy. Hence to make the biryani special, Kolkata biriyani meets potato.

    kolkata biryani recipe

    Arsalan Biryani-

    Here Biriyani is a bit oilier & spicier but very much consistent in taste & flavor. The quantity and quality are balanced too. The original branch is in Park circus though there’re many franchise outlets across the city and the one in Chinar park you shouldn’t miss out.

    28, Circus Avenue, Near 7 Point Crossing, Park Circus Area

    Arsalan Address

    Royal Biryani –

    Located in busy Esplanade area, here biriyani is a bit spicier but very interesting fact is unlike other biryani in Kolkata, Royal biryani comes without potato (aaloo). They replace the potato with small meatballs (called “moti”) and ‘makhna” (used mostly in rezala dishes). This innovative twist makes Royal biryani exceptional.

    Oudh 1590 Deshapriya Park

    Here the biriyani is Oudhi (Lucknow) style. This biryani is prepared in a little bit over-cooked style with richness but less spicy. This is invented to serve the need of Nawab Wajid Ali Shah (Nawab of Lucknow) and as a tribute to him. The Nawab had weak teeth so biryani must be soft on the palate. Oudhi gharana signature recipe overwhelmed your palate here.

    Shop 23/B, Desapriya Park

    Oudh 1590 Address

    Biriyani recipe

    Aminia Biryani-

    Biriyani here in Aminia is less spicy/ less oily but without compromising the taste of course. So comparatively it’s healthier when it comes to the famous double mutton biryani which also offers lesser rice. Don’t forget to ask for “virgin mojito” here. It also has many franchise outlets across the city to serve you over Swiggy/ Zomato.

    6A, S.N. Banerjee Road, New Market Area

    Aminia Address

    Zam Zam Biryani-

    Another authentic biriyani junction at Kidderrpore is of course Zamzam. Here most special delicacy is beef-biryani. If you can go with beef then, Beef biryani with beef-malai & ghol (yogurt sharbat) is a must here.

    (i) 28/A, Syed Amir Ali Avenue

    (ii) 9/1, Noor Ali Lane, Entally

    Zam zam address

    India Restaurants –

    This is at Kidderpore or Khidirpur, and here the biryani variety is ‘dariyabadi biryiani’, which is a form of ‘Kacchi Biryani’. It consists of dry fruits and the delicacy is very special.

    34, Karl Marx Sarani, Kidderpore

    India Restaurant

    Dada Boudi Biryani Barrackpore / Dada boudi Biryani Sodepur

    This restaurant is located far north of the city Barrackpore & Sodepur area. The Biryani here is very rich, spicier, and oilier but you’ll be surprised to see a large size chicken or mutton piece. The salad and special green chatni add a true delicacy to it.

    12/10, S.N. Bannerjee Road, Barrackpore

    Dada Boudi Biryani

    Shiraz Biryani- 75 years old this traditional outlet’s biryani is exceptional because of its delicate taste, meat recipe in biryani & the potato which adds a perfect symphony.

    135, Behind Neuro Science Hospital, Park Circus, Beniapukur, Park Street Area

    Shiraz Address

    Let us know which one is your favourite biryani corner in Kolkata in the comment box?

  • ms dhoni, captain cool

    Dhoni, the captain cool finishes off ...

    When I saw MS Dhoni’s Instagram post about his retirement, all his match winning thrilling knocks started playing in the flashbacks and especially the exclaimed commentary by Ravi Shastri at the World Cup final nine years back “Dhoni finishes off in style, a magnificent strike into the crowd, India lift the World Cup after 28 years…”.

    I can easily recall his debut days in 2003-04, ODI wicket keeping was more of a part timer position, Rahul Dravid already cemented himself with his unquestionable batting skills ahead of Parthiv Patel and Dinesh Karthik. Right then the flamboyant boy from Ranchi came, saw and conquered with the special “match winning” skill that Indian cricket team always lacks in the likes from a wicket keeper-batsman. He had a special knack of playing not-out winning knocks while India chasing in final overs (45th -50th over) that no one ever produced with such heavy hitting and consistency.

     

    A stumper, hard-hitter who turned into a natural captain and displayed how to win all three formats of ICC tournaments – ICC World Cup in 2011, T20 World Cup in 2007, ICC Champion trophy in 2013. Arguably the best runner between the wickets, started his cricketing career with a run out duck in 2004 and ironically ended his career in World cup semifinal 2019 getting run out again!

    ODI Top 5 of Dhoni in India colors, my personal favorites

    • 91* against Sri Lanka – World Cup 2011 (Six to seize the World Cup)
    • 183* against Sri Lanka – 2005 (With his charismatic long hair, a fantastic chasing once again, ten sixes in that innings)
    • 44* against Australia – at Adelaide in 2012 (giant six in the last over, a thriller to watch)
    • 50* against Sri Lanka – at Adelaide in 2008 (last over thriller again)
    • 46* in the rain shortened match against West Indies 2009 (Six in the last over, a thriller to watch)

    Dhoni’s Indian Premier League (IPL) career is even more glorified than his Test/ ODI career, he is the face of Chennai Super Kings franchise with three IPLs titles (2010/ 2011/ 2018) and two Champions League titles (2010/ 2014). He has made most number of dismissals, most number of catches, stumpings & many records in IPL so far. Thus CSK tweeted recently “MS will play for CSK as long as he wants as a captain”.

     

    Despite terrific bat swing, fierce hard-hitting capability it is very surprising how he could absorb all the emotions inside him even after hitting a six and win a World Cup for India, that’s why he is named “Captain Cool”, the most successful captain of Indian cricket team ever with 27 Test wins surpassed Sourav Ganguly’s 21 Test win record.

     

     

    He was also one of the fittest cricketers who led by example with numerous catches behind the stump and won countless matches for India with stumping, gloving skills.

     

    With his greatness Dhoni has been recipient of many prestigious awards like “Padma Bhusan”, “Padmashree” and honorary “Lieutenant Colonel” by Territorial Army. Wish him all the luck for his left over IPL’20 career and next innings of life.

     

    Let us share your memories, thoughts about the legend in the comment section.

  • tiktok banned

    Tik Tok is the beginning of ChinaR...

    When your TikTok video or TikTok song gets thousands of likes & tiktok followers within few hours, it naturally feels great to become the popular guy, isn’t it? During the pandemic, tiktok download crossed 2 billion mark worldwide while India (611 million), China (197 million) & USA (166 million) are the top three countries in the list according to the Sensor Tower report. It’s clear that with the popularity & simplicity of the tiktok app, people gets addicted too quickly and but just wait – WHO are these millions of tiktok followers & are they REAL or FAKE !!

     

    What is tiktok? Tik Tok’s parent company is a Chinese multinational, ByteDance Ltd and it is powered by ByteDance AI Lab. As we know there’s no freedom of press in China, every organization must share their data with the Chinese Govt so every Tik Tok user’s data are currently with Chinese Govt. Are you still thinking how can tiktok apk or  make such a difference for an individual?

     

    Tik Tok is the beginning of China’s ‘2030’ mission – becoming the global A.I. superpower

     

    Why is Trump banning tiktok : does tiktok collect data from you?

    • It tracks your exact location, GPS signal feed every 30 sec (Tik Tok never discloses it!)
    • Even if you turned off the location feed or using a VPN, it can still collect data from your SIM card or your social media account (Again ! hacking your social identity)
    • Images, audio, camera, SD card access (personal data of your device)
    • Device info like device id, memory, CPU, scree size etc. (personal data)
    • Your login IP address, DNS server, MAC address (loop holes for Cyber theft)
    • What other apps are installed and all historical apps data (previous transactions)
    • It monitors your keystrokesaccess files in your phone, may get the net banking details like user id/ password
    • Tik Tok uses ‘http’, not ‘https’ (not a secured server, lack of encryption)
    • Tik Tok does a local proxy server setup in your phone for transcoding the media (can host a BotNet attack)
    • Tik Tok stores your data even after you deleted your account (violation of privacy policy)

     

    Is Tiktok getting banned in the US?

    • In small scale it might look trivial but in larger perspective if Chinese Govt wants to use these data against any countriy it could be disastrous; China already combines a gigantic amount of data with talent, companies, research and capital to build the world’s leading AI ecosystem. And that’s why Indian Govt asked Google & Apple to take down ‘tiktok india’ from the App store while US, UK, Australia, HongKong are seriously considering .

    Trump banning tiktok? Trump told reporters he’ll use executive power to ban TikTok On the other hand, yesterday Trump agreed to give 45 days to ByteDance to negotiate TikTok sale to Microsoft Corp

    • Why is Trump trying to ban tiktok? China had previously hacked many defense servers of UK/ US, so it is very much possible for them to use the Tik Tok data to hack millions of smartphones of any country and use them as connected BOTs. And then perform DDoS (Denial of Service attack), spread malwares to steal sensitive information from Defense servers, Bank data and many more.
    • This App is also too dangerous for Kids hosting inappropriate contents, & pornography; one example could be the New Zealand mosque attack video. It has already been fined in the US for illegally collecting information on children.

    TikTok Pro:

    While tiktok banned in India in June’2020 but “TikTok Pro” came into the market just after that, which is sending a fake SMS/ WhatsApp messages: “Enjoy Tik Tok video & create creative video once again. Now tiktok 2020 is only available in (Tik Tok Pro) then download from below link…” And the download link contains malwares. Likewise let’s not click on any tiktok songs, tiktok videos or tiktok money calculator links, this could be a worm or trojan.

    Conclusion

    So this is a question of national security more than individual hacks when it comes to threats like Chinese hacking. Therefore in the latest move Indian Govt banned 47 more Chinese apps (TikTok Lite, Helo Lite, ShareIt Lite, Bigo Lite and VFY Lite etc.) operating as cloned ones of the 59 previously banned apps in India last month. 

     

    Last Sunday Microsoft confirmed that it plans to seal the TikTok deal (microsoft tiktok) with Chinese parent company ByteDance after having a discussion with president Trump and Microsoft also ensured that the data of American people will not be shared with any countries and everything would remain in America.

    Although we don’t know yet ‘Is Trump banning tiktok’, ‘did Microsoft buy tiktok’ or ‘who bought tiktok’, but now it’s your choice if you’re going to search again ‘most shared tiktok video’ or ‘cloud bread recipe tiktok’ ?

  • Free online VPNs are available, shoul...

    First, let’s understand that the internet is a public domain, so online privacy & data security are paramount important topics, especially during Covid-19 when people are asked to work from home by Organisations. Generally, over internet, we do lots of daily activities like emailing, online shopping, banking, social media browsing, and many more. To make our transactions secure and private we need a virtual private network (VPN).

    (i)             VPN provides data security, your data packets sent over the WiFi network through VPN become encrypted, scrambled, and thereby unreadable.

    (ii)          VPN keeps your browsing history private, meaning without a VPN whatever website you visit your ISP tracks your IP address and browsing history and sell it. As a result, you receive targeted advertisements. Hence in a way, VPN offers you online freedom being an anonymous internet user. 

    (iii)         It masks your IP address and your location information and makes it look like you logged in from thousands of miles away using a “virtual tunnel”. So, you can choose from a list of gateways (USA/ Japan… any name) even if you log in from any other country. 

    (iv)        Your Device details (if logged in from a mobile/ desktop/ tab …) are also kept protected when you use a VPN 

    We often login to public WiFi networks in Café/ Railway stations or Airports where it is easier for the hackers to obtain your WiFi user id/password and then capture your Online banking credentials, Credit card details etc – this is called Identity theft. So, VPN protects us from many degrees of online hacks which tries to steal your personal information.

     

    Free VPNs are available in the market

    VPN markets are overcrowded, and many of them are considered reputed like:

    a)    ExpressVPN

    b)    NordVPN

    c)     Surfshark

    d)   CyberGhost

    e)    IPVanish

    I wouldn’t recommend free VPN, these companies sell your personal data (email Id, demographics, browsing history, etc.) to their business partners and thereby you can be a potential target for Phishing, Ransomware type of attacks; although if you really want to go for a free VPN, try:

    a)    HotspotShield

    b)    WindScribe

    c)     ProtonVPN

    d)  Surfshark

     

    Should you always leave your VPN on:

    I’d recommend NO, because

    (i)          During one VPN session, the IP address would be the same so in a way, you should close the session when you’re done

    (ii)          It also hampers your broadband speed

  • Chinese hacking

    ‘Patriot Hacking’ by China over India...

    Last two decades national cross-border hacking is on the rise. There’re proofs that many Govt agencies hire a bunch of hackers to perpetrate other country’s military facilities, embassies, defense ministry, and many other sensitive departments.

    Recently we see while Chinese and Indian troops engaged in cross border face-offs, China is also orchestrating cyber-attack on every sector & digital platforms of India. This is a classic example of Patriot hacking like cyber warfare tries to shut down the internet facility of another country through invisible hackers. However, this is not the first time.

     

    Google v/s Chinese Govt:

    Google was launched in China in 2006 and was pull out sooner due to a massive hack on Google server by the Chinese Govt. Simply the reason was Chinese Govt wasn’t allowing its people to be anonymous over internet, so Govt asked Google to disclose people’s identity which Google denied. So Govt ran a campaign through Social Engineering attack to hack Chinese people’s systems who worked in Google that time. Here thousands of hackers pretend to be a different guy over social networking sites who talked over a period be friendly, shared files (injected worms/ malware) into victim’s computers and in a way break into Google’s firewall and secure databases. Google was obviously so pissed off and left China in 2010.

     

    Iran Nuclear Cookie recipe fraud

    Ten years back Iranian Govt was working on Nuclear weapons which the western countries didn’t like much. So American agents, CIA/ NSA, and Israelis jointly hacked the Nuclear facilities of Iran. It was the Stuxnet worm used to infect the computers & OS of the nuclear plant. It could be that the virus was either placed in Iranian scientist’s computers at some conference or planted in the servers much before they were shipped (Zero-day attack) to Iran. In the end, American/Israeli hackers replaced the important research papers, nuclear recipes by how to make Choco chips cookies recipe. Iranian Govt was naturally very furious and declared internet shutdown across the country as a result.

     

    China is considered to have the largest cyber hacking contingency in the world, hundreds of thousands of full-time hackers; they previously have hacked the US & UK dept of Defense, State depts, military facilities, and many more. Similarly, countries like North Korea and Pakistan, also depend on their full-time hackers to feed their Govt. These Govts earn billions of dollars a year through hacking, they normally hack banks to steal money or use Ransomware type attacks.

  • Phishing attack

    SBI and PSU Banks urges its customers...

    For last few days perhaps millions of banks account holders in India had received emails from”ncov2019@gov.in or with the subject lines COVID-19 Testing’, ‘COVID-19 support. As per warning from major PSU Banks they’re all phishing attacks, tries to steal customer’s sensitive login information. To warn its customers SBI tweeted:

    What is Phishing?

    It uses fake login pages, fake subject lines, sometimes fake job offers/ password expiry emails to defraud people. When you click on them sensitive information like username, passwords, key loggings are stolen. Advanced cyber attacks like Ransomware starts with Phishing.

    Example of Phishing:

    ·      Indiacovid19.com (any fake domain names)
    ·      Phishing emails from ‘accounts@gmall.cominstead of ‘accounts@gmail.com’
    ·      www.facebo0klogin.com (fake login pages)
    Depending on the types of victim (individual, corporation, Big fish like CFO etc) Phishing attacks differs like – Spear Phishing, or Smishing or Whaling or Pharming.
    Like Phishing, there’re many other ways to lure people with a “free subscription link”, “free insurance link” over WhatsApp, or using fake weblinks victim’s social media account page is comprimised and many more.

    How to safefuard against Phishing and related cyber attacks:

    Spot Phishing
    • Discard emails from unknown person, unfamiliar address
    • Avoid emails containing untrusted attachments – just delete the
    • Phishing emails generally contains info like lottery, job offers, freebies etc.
    Govt. webpage, mobile application
    • Strictly follow Govt. webpages, genuine Apps for Covid-19 news and updates
    • Don’t visit any ‘http://‘ sites, always visit ‘https://
    • Avoid webpages with unfamiliar fonts, color, spelling error
    Online banking
    • Try to use corporate computers more for online banking, money transferring as it provides end point protection against any malware, external threats
    • Double check the UPI Id, validate the bank/ merchant name before payment
    SMS links
    • It’s better to avoid untrusted Covid-19 links, forwarded messages, any job offers on WhatsApp or SMS
    • Be careful about KYC SMS links
    Don’t Accept/ Click
    • Don’t click on unknown online widgets, flash images, pop-ups when you’re browsing websites
    • Don’t Accept cookies from untrusted webpages
    Home PC, Mobile
    • Its mandatory to get an authentic antivirus/ security app installed and update them regularly
    • Use WPA2 encryption for your home router
    Avoid untrusted sites
    • Don’t use pirated software, movie download sites, adult sites, untrusted eCommerce platforms
    Virus Scan
    • Periodically scan all files (incl. the zipped, hidden) in your PC, Tablet, Phone
    • Check if any site has your default password – if so change it
    • Change password for online banking, eCommerce sites, trading platforms every 2-3 month
    Avoid public Wi-Fi
    • Never use free WiFi at coffee shops, Railway platforms, Airports
  • machine learning to detect phishing

    Detect malicious URLs using Machine L...

    Phishing, Pharming are very common types of fraud to deceive people on the internet using malicious URLs, links. In the current Covid-19 perspective, IT organizations are also struggling to secure the corporate network from all sorts of malware viz. Ransomware, Virus, Worm, etc. Correspondingly enterprises see AI/ML-based solutions has the potential to address phishing related threats in much more efficient ways. Machine Learning, Deep Learning based solutions expect labeled datasets, extensive datasets to flag suspicious URLs efficiently. Although today advanced Deep learning solutions are used more often than traditional rule-based or Machine leaning approaches, we start with a machine learning approach first to flag mal URL samples. We’ll try the same problem again with Deep learning later.

    Problem statement:
    To predict malicious URLs from a dataset containing legitimate and malware samples.
    Data Set:
    https://github.com/pmitra0407/Flag-Malicious-URLs/blob/master/Malicious%20URLs.ipynb
     
    The dataset contains both good & bad URLs
    File Parse:
    Once you read the data set, it comprises of 420K rows and 2 features (URL & label).


    Target variable is “label”, let’s look at the distribution

    Feature Extraction: It is about extracting the domain information from the URL. 
    Python TLD-extract package has been used to fetch the domain, subdomain, TLD information:
    Data preparation is performed using Scikit learn, label encoded
    Feature selection not being done as we’ve considered all features here, but we could use SelectKbest
    The classifier used: Decision Tree, Random forest
    Random Forest Classification::

    Decision Tree Classification::

    Conclusion:
    Both Random Forest and Decision Tree works fine here, although we can tune these models further. Will see how Deep learning works in our next assignment.
      
    For detail code lets visit:
  • cyber security using machine learning

    Malware Detection using ML

    Cyber Security is the major concern for industries today & it’s continuously growing in numbers. Enterprises see AI/ML based solutions has the true potential to address cyber threats in much more efficient ways. Machine Learning, Deep Learning based solutions expect labelled datasets, extensive datasets in order to flag Malwares. Although today advanced Deep learning solutions are used more often than traditional rule based or Machine leaning approach, but we start with a machine learning approach first to detect malware samples. We’ll try same problem again with Deep learning later.

     
    Problem statement:
    To predict malwares from a dataset containing legitimate and malware samples.
     
    Data Set: https://github.com/pmitra0407/Malware-Detection/blob/master/MalwareData.zip
    The dataset contains both legit & malware samples (.exe/.dll).
     
    File Parse:
    Once you read the data set, it comprises of 138047 rows and 57 features:

    Column Names:


    Target variable is “legitimate”, let’s look at the distribution

    Data preparation is performed using Scikit learn
    Feature selection not being done as we’ve considered all features here, but we could use SelectKbest
    Classifier used: Decision Tree, Random forest

     

    Random Forest Classification::

    Decision Tree Classification::

    Conclusion:

    Both Random Forest and Decision Tree works fine here, although we can tune these models further. Will see how Deep learning works in our next assignment.
     
  • Ransomware

    Cybercriminals use malware to hack yo...

    Globally all the business sectors are still struggling to get through the Covid-19 impact, but it’s business as usual for the cybercrooks, who likes more online traffic. Corporate security teams need to be ready with their security infrastructure against a series of cyberattacks during the Covid-19 pandemic when new technologies are adopted for remote collaboration and communication.

    A recent checkpoint published report shows, during pandemic lockdown how the malware attacks had grown rapidly with the increase in internet traffic:


    What is Ransomware?

    Ransomware attack is a type of Malware attack, which encrypt or lock a victim’s computer/ website, and demand ransom for recovery. The sensitive data, system control is locked until the ransom is paid, and usually, it is settled in Bitcoins later which can’t be traced.

    • Very recently Indiabulls and Cognizant servers were targeted by the ransomware “Maze
    • The famous and the biggest one was the “WannaCry” ransomware attack, thousands of Windows corporate computers were infected back in 2017
    • Mobile app-based ransomware is growing, completely locks your device 
    • “Locker” is another kind of ransomware which infects the victim’s OS & make it impossible to access the file system, applications



    Malware is a term widely used for malicious software that includes viruses, Trojan, Worm, and many other types. Typically, malware is used to slow down or crash the servers, spy over the remote computers, and sometimes shutting down the server as well.

    A virus is a trigger-based (normally .exe/ .bat files) software program that is put in the victim’s computer to do some specific con. It generally put in the servers, system registry 3-4 level down by the attackers so that antivirus, snippers won’t be able to see it.

    Trojans
    are genuine-looking files (text, video, image) used to infect the system memory, spy over the system logs, hijack traffic.

    Worm
     – It has the capability of replicating its copies across the victim’s network without user intervention/ any trigger; it overloads CPU processes to downgrade system performance and lead to even system crash down.

    Cybercrooks used these Malwares in many forms, unnoticed by the IT security guys :


    Timebomb attack – when a program is planted to do damage at a later date after a criminal is far away. Typically committed by internal folks who put this virus into a system with a trigger date after his last day in Organization

    Zero-day attack – Criminal puts malware in the new servers, switches before hardening so initially system looks okay but after some period vulnerability starts to open up 

    XSS attack – In Cross system scripting attack the fraudster hacks a genuine website and adds malicious links/ images in it using JavaScript malware; which will eventually take the visitor to certain pay per click sites. Used to deface the value of the website.

    Brute force attack – A program to try every single type of password; Most of the people don’t change the default password so it’s a very popular attack these days. for Ex. facebook brute

    Social Engineering attack – Trap Customers or collude ex-employees to reveal system weaknesses, passwords, etc.

    Denial of Service (DoS) attack– Attackers used techniques like HTTP flooding or using Botnets to shut down the server. It’s like thousands of browsing requests from many different computers (DDoS) from a range of attacking IP addresses.


    How to Protect against Ransomware:

    Usually, the Banks, Govt agencies, Large Corporates are the main targets of Ransomware attacks who hold sensitive data and can pay quickly. During the Covid-19 pandemic when the corporate workplaces turned residential many of these logical malware-driven attacks are inevitable. It’s required to educate employees, customers about it and protect against it:
    • It is advised to get an authentic antivirus/ security app installed and update them regularly
    • Use WPA2 encryption for your home router
    • Periodically scan all files (incl. the zipped, hidden) in your PC, Tablet, Phone
    • Check if any site has your default password – if so, change it
    • Don’t use pirated software, movie download sites, adult sites, untrusted eCommerce platforms
    • Change password for online banking, eCommerce sites, trading platforms every 2-3 month
    • Never use free WiFi at coffee shops, Railway platforms, Airports
    • Need to upgrade on to cloud-based applications, much secure, and can be rolled back; otherwise, get a system back-up to a hard drive.
    • Discard emails from an unknown person, unfamiliar address
    • Avoid emails containing untrusted attachments – just delete the Phishing emails generally contains info like a lottery, job offers, freebies, etc.