Issue 26 - Week of Aug 17th

1.       Ashley Madison hackers released two data dumps last week. The first dump was on details of the registered members and the second dump focused on private internal company information. The data is leaked on various sites, but the data itself is not easily searchable by folks who aren’t familiar with raw database files. However, several sites have since popped up that allow anyone to search by email address to find if an email address had an account at AshleyMadison.com. In Canada, where Ashley Madison is based, a class-action lawsuit has been lodged against the firm, seeking damages of up to $760 million on behalf of Canadians whose data has been leaked online. In a spoof, the company's original slogan 'Life is Short. Have an Affair' became "Life is short; Hire an Attorney." Indeed, divorce lawyers maybe the only ones laughing all the way to the bank.

2.       Retail Giant Target suffered one of the biggest breaches in 2013. Last week, Visa and Target have reached an agreement that reportedly will reimburse card issuers a total of up to $67 million for fraud losses and other expenses. The breach had exposed an estimated 40 million credit and debit cards. On Feb. 25, Target reported that its card breach cost the retailer $252 million, with $162 million of that amount not covered by insurance. As reported in this blog on May 31st - A proposed $19 million settlement reached between Target and MasterCard fell apart.

3.       Microsoft issues emergency patch for all versions of Windows "Microsoft has released an emergency out-of-band patch for a "critical"-rated security vulnerability, affecting all supported versions of Windows. The software giant said in an advisory Tuesday that users visiting a specially-crafted website can lead to remote code execution on an affected machine." The zero-day flaw (classified as CVE-2015-2502) works by exploiting a flaw in how Internet Explorer handles objects in memory. If successfully exploited, an attacker could "gain the same user rights as the current user," the advisory said. Those running administrator accounts are particularly at risk, it said.

4.       IRS breach claims 220,000 additional US taxpayers "The United States Internal Revenue Service (IRS) has revealed that in excess of 220,000 taxpayers may have had their personal information accessed, in addition to the 100,000 originally reported, as a result of a data breach.  Thieves used the IRS' "Get Transcript" system to clear a multi-step authentication process, including several personal verification questions that typically are only known by the taxpayer, to access the personal taxation information of individuals.

5.       After Stagefright, Google patches another 'high severity' bug in Android affecting Android versions 2.3 to 5.1.1, which experts say could be used to abuse device owners' privacy. The bug, likely to be fixed in Google's next monthly security update for Nexus devices, could allow attackers to abuse Android's mediaserver program to spy on device owners. Unlike Stagefright, which could be exploited simply by sending a malicious media file to affected Android devices, in this case an attacker would need to trick victims into installing a malicious app.

6.       A hacking group suspected of operating from China has had success stealing information from mostly Indian targets, often pertaining to border disputes and trade issues. The gang mostly uses spear phishing techniques- sending genuine looking emails from seemingly known people to identified targets. If the target opens the email and clicks on the link, their machine gets compromised. Some of the latest spear-phishing emails have an attached Microsoft Word document, which contains an exploit for a now-patched vulnerability in Word. The vulnerability is “really ancient,” but still, it’s effective in organizations that haven’t patched their systems. Once compromised - the attackers leverages Windows Management Instrumentation (WMI) to explore computers and the network.

7.       Major discoveries in H1-2015: Adobe Flash vulnerabilities on the rise; Angler dominates the exploit kit market; Emboldened by the success Ramsomware have had - they are now investing more in development of newer and deadlier attacks; Criminals are increasingly using TOR and I2P(Invisible Internet Project) to avoid detection; Microsoft Macros are once again being used to deliver malware; Some exploit kit authors are incorporating text from Jane Austen’s classic novel Sense and Sensibility into web landing pages that host their exploit kits. Antivirus and other security solutions are more likely to categorize these pages as legitimate after “reading” such text; Hackers have found ways to evade the sandbox by failing to detonate when it detects sandbox activity; SPAM volume goes up; exploits involving Java have been on the decline in the first half of 2015.

8.       A white Hat Hacker claims that websites of several leading varsities can be hacked, including that of DAVV-Indore and Mumbai University. He said that the sensitive information like names, roll numbers and marks of students can be altered. The hacker shared screen shots of these databases and also showed how data can be altered. He also said that he had contacted the universities but has not received any positive feedback from them yet.

9.       The website of the Karnataka State Higher Education Council was hacked on Thursday by a group calling itself Clinkz48. The homepage of the website (http://kshec.ac.in/) has an image of a man laughing and holding a wine bottle saying: “Cyber Team Rocks” and the message “Hacked by Clinkz48.” The hackers have also said: “Your data belongs to me. F*** Your System India :P Noob!! its lol `”