1. Qatar National Bank Probes Possible Data Breach: Qatar National Bank is probing reports of an online leak
of confidential data of a large number of its customers, but has not confirmed
it suffered a data breach. The details leaked include names, passwords, and
banking information of several journalists, ruling family, government and defense
officials. Some 1.5GB of information was found online and Reuters reports
seeing recent transactions of overseas remittances. The bank is one of the
largest in the Middle East.
2. German Nuclear Power Plant Infected With Malware: A German nuclear power plant near Munich reportedly was
found infected with malware, It has confirmed that since the plant is cut off
from Internet, the malware infection did not affect or harm operations. Conficker
and W32.Ramnit malware were discovered in unit B of the Gundremmingen plant on
the computer system that operates the tools that move nuclear fuel rods.
Conficker is a worm that can spread quickly through networks, while W32.Ramnit
steals files from computers and is spread through USB sticks.
3. Spotify Hacked! Change your Password ASAP: If you are one of the millions of people around the
world who love to listen to music on Spotify, you may need to change your
password immediately. Spotify apparently suffered a security breach that leaked
hundreds of Spotify accounts details, including emails, usernames, passwords
and account type, which was published last week to the popular anonymous file
sharing website Pastebin. Spotify is investigating. Couple of months ago, hundreds
of spotify premium accounts were exposed online.
4. Nearly 93.4 Million Mexican Voter Data Leaked Online: A hacker discovered over 100 gigabytes of an extensive
database completely open on the Internet for anyone to download while the
hacker was browsing Shodan – a search engine for servers and Internet-connected
devices. The database turned out to be a voter registration database for the
country of Mexico that contained the personal information, including full
names, residential addresses, and national identification numbers, of virtually
all registered voters. Philippines
and Turkey too suffer similar hacks.
5. DDoS Extortionists made $100,000 without Launching a
Single Attack: Cyber crooks find a new and
ingenious way to make hundreds of thousands of dollars with no effort. An unknown cyber gang, pretending to be
Armada Collective, has made more than $100,000 in less than two months simply
by threatening to launch DDoS attack on websites, but never actually launched a
single attack. Armada Collective is the criminal gang that was responsible for
one of largest DDoS attacks against ProtonMail in November 2015 and extorted
$6,000 to stop sustained DDoS attack that had knocked its service offline.
6. Details emerge on the Bangladesh Heist: Investigators discovered that hackers who stole $81
million from the Bangladesh
Central Bank actually hacked into software from SWIFT financial
platform, a key part of the global financial system. The hackers used a
custom-made malware to hide evidence and go undetected by erasing records of illicit
transfers with the help of compromised SWIFT system. Recently, Bangladesh
police investigators uncovered evidence revealing that the Bank was using
second-hand $10 network switches without a Firewall to run its network, which
offered hackers access to the bank’s entire infrastructure, including the SWIFT
servers.
7. Former Tor Developer Created Malware for FBI to Unmask
Tor Users: Tor
is an anonymity software used by millions of people, including
government officials, human rights activists, journalists and, of course,
criminals around the world to keep their identity hidden while surfing the
Internet. According to an investigation, a cyber-security expert and former
employee of the Tor Project, helped the FBI with Cornhusker a.k.a Torsploit
malware that allowed Feds to hack and unmask Tor users in several high-profile
cases, including Operation Torpedo and Silk Road.
8. MIT University Launches Bug Bounty Program: The Massachusetts Institute of Technology (MIT) launches
its experimental bug bounty program this week, which aims at encouraging
university students and security enthusiasts to find and responsibly report
vulnerabilities in its official websites. The MIT becomes the first academic institution
to reward hackers, open only for university affiliates with valid
certifications. Other recent Bug bounty
programs – Uber,
General
Motors, Pentagon.
9. Irremovable Android malware poses as Google Chrome
update: A banking and personal
information stealing mobile malware posing as a Google Chrome update for
Android, and which can't be removed from the infected device, has been spotted
in the wild by cybersecurity researchers. The malware is capable of harvesting
banking information, call logs, SMS data and browser history which are all sent
to a remote command-and-control server. The Malware can't be removed as it
refuses to allow the user to remove administrative access. The only way to
remove the infection is to return the device to factory settings - an option
which causes all data stored on the phone to be lost.
No comments:
Post a Comment