1.
TalkTalk Hack: UK ISP TalkTalk which was hacked
recently has conceded that it could face a compensation bill running into
millions, for customers whose bank accounts were raided after the telecom
company was targeted in a huge cyber-attack. While TalkTalk was forced to shut
down its website temporarily, Police arrested two teenage boys in relation to the
"significant and sustained cyber-attack", they were later given bail.
A 20 year old has also been arrested. The CEO of TalkTalk has apologized to
customers and said, "This is a crime, a criminal has attacked TalkTalk
systems and we are not the only ones, whether it is the US government, Apple, a
whole host of companies."
2.
Train rider has his contactless card
e-pickpocketed:
Contactless bank payments usually rely on RFID or on Near Field Communication
(NFC). These cards enable fast, low-value payments, typically with no signature
or PIN required, merely by holding a card near a reader. Last week, in a
crowded train, a man deliberately bumped into another man for a bit too long.
The Victim did suspect the incident and called his bank to realize that his
card was used in the train for an unauthorized transaction of £20. Users of
such cards are using special sleeves, pouches and wallets but they do not
always help, best thing is to always keep an eye on your bank statements, If
you notice anything that doesn't look right, contact your bank immediately.
3.
Joomla flaw exploited in the wild
within hours of disclosure: Joomla is a free and open-source content management system (CMS) for
publishing web content. Joomala released 3.4.5 last week and announced that the
new release patches three vulnerabilities, including a critical SQL injection
issue. Within 4 hours of this release, hackers began to exploit the older
versions of Joomla. It is reported that there have been 12000 daily hits on
websites using Joomla. This data tells us is that the webmaster of an average
site has less than 24 hours to patch after a serious disclosure like this and
only a couple of hours for a popular site.
4.
000webhost hacked, 13 million
customers exposed:
Free website hosting service 000webhost has suffered a data breach which has
placed the service's security practices under scrutiny. 000webhost is a free
web hosting service which supports both PHP and MySQL, catering for millions of
users worldwide. Last week, the firm told users in a Facebook message that the
company had suffered a data breach on its main server. A hacker used an exploit
in an old, unpatched version of PHP to upload malicious files and gain access
to the service's systems. Not only was the full database containing the
usernames, plain text passwords and email addresses compromised, but this
information has been dumped online as well.
5.
Google to Symantec - Clean up your
act or be branded unsafe: Google is evidently not very pleased about security firm Symantec's
recent performance when it comes to issuing secure Web certificates and has
outlined a list of demands to prevent the same mistakes from happening again.
In September, Symantec fired a number of employees following glaring mistakes
in issuing transport layer security (TLS) certificates. The company said
"employee error" caused cryptographic certificates to be issued
online without the consent of either Google or Symantec, allowing attackers to
impersonate Google pages protected by HTTPS.
6.
MySQL servers hijacked with malware
to perform DDoS attacks: Attackers are compromising MySQL servers with the Chikdos malware to
force them to conduct DDoS attacks against other targets. Researchers have
discovered malware that targeted MySQL servers to make them conduct distributed
denial-of-service (DDoS) attacks against other websites. The majority of the
compromised servers are in India, followed by China, Brazil and the
Netherlands.
7.
Pentagon creates cybersecurity
exchange program with industry: The U.S. Defense Department is sending its personnel on
tours with private cybersecurity companies and bringing in specialists from
those companies to gain the skills necessary to defend military networks from
hackers. Last week Pentagon's CIO said, "There's not a time when I'm not
being attacked somewhere in the world and We're looking to industry to help us
solve problems in some specific areas."
8.
A security researcher claims that
all Fortune 500 companies have been hacked: In an interview with Bloomberg the researcher has said
that all Fortune 500 companies have experienced successful hacks. He said - If
you have a big enough infrastructure, you won’t be able to secure all of it. In
a related study it has been found that media coverage and awareness of data
breaches is actually a top factor driving increased budgets and board level
support for cybersecurity.
9.
Cybersecurity skills gap continues
to grow:
Cybersecurity is finally getting the attention - and dollars - it deserves from
the C-Suite. The challenge now is finding the talent to take full advantage of
these technology investments. Several CISOs in a recent study reported that
they weren’t able to take full advantage of their technology investments because
security staff couldn’t fully consume all of the features and advanced
applications. In another survey, young adults just aren't flocking to the
cybersecurity field, despite the industry's hot job market and talent gap.
There's a lack of awareness of cybersecurity career opportunities, and young
women are less interested and informed about the field than men.
10.
Online swindlers stalking e-commerce
sites: E-commerce
is growing and so is fraud on such sites. Times of India has reported that
experts are witnessing a disturbing trend across the country where fraudsters
are setting up fake e-commerce portals to trap victims. Fraudsters even
advertise their websites in Facebook to attract victims. The primary objective
of such sites is to steal credit card information. The mantra with ecommerce is
go for Cash on Delivery whenever possible and remember - If a deal seems too
good to be true, it probably is not true. Bigsop[.]com, was one such site that
was based in Bangalore and had reportedly cheated public for over $200k before
it was busted (in Nov 2014).
If login issues are to be fixed on TalkTalk mail then in that case, it is advised to check the internet connection and also the login credentials if it is about the internet then the router or the modem should be given a reset if the reset procedure creates a problem for the user then in that case the user can ask the help of the experts available at TalkTalk support.
ReplyDeleteTalkTalk Help Number UK.