1. Dridex malware is behind the recent draining of over £20
million from UK bank accounts. The
malware harvests banking details which are then used to steal cash. The victims
get infected when they open documents from seemingly legitimate emails. The
National Crime Agency in the UK said there might be thousands of infected
computers out there and most of these are Windows. An interesting development
last week was a regional move to target Australia. Dridex botnet related email
were being sent to potential victims in the land down under. The focus on
Australia in the email lure targeting was further confirmed by analysis of the
botnet configuration file. The configuration file downloaded by infected
computers included directions to take "Clickshots" when potential
victims access certain Australian banking websites.
2. Vodafone admits hack, customer bank details stolen: Vodafone has admitted to a security breach which has led
to the theft of sensitive information belonging to 1,827 customers in the
United Kingdom. Last week, the telecommunications provider released a statement
saying that "unauthorized account access" took place between midnight
on Wednesday 28 October and midday on Thursday 29 October. The company says the
cyber-attack took place through email address and password credentials
"from an unknown source" outside of Vodafone, and the firm's systems
have "not been compromised or breached in any way. Be that as it may -
1,827 customer accounts were accessed, giving the hackers data including names,
telephone numbers and the last four digits of their bank account -- potentially
leading to identity theft and fraud.
3. Anonymous exposes identities of 1000 KKK members: Under the informal handle #opKKK, Anonymous revealed the
impending reveal several days ago and now has released the identities of 1000
alleged KKK members in a data dump online.
4. In
Issue 31 we did discuss this offer - "Cybersecurity firm offers $1
million for Apple hack". In less than 2 months - Hacker claims $1
million iOS 9 exploit bounty: Last week the cybersecurity firm has
announced the payout of a seven-figure prize to a team which has provided a
remote exploit for Apple's latest mobile operating system. They said a team has
managed to provide an exclusive exploit for use against iPhone users running
iOS 9, leading to an award of $1 million. The winning team setup a compromised
web page and when the victim visited this webpage through Safari or Chrome
browsers, an arbitrary app was remotely installed, the compromise is also
possible through a text or multimedia text message.
5. BlackBerry promises monthly Android patches; can override
carriers for critical hotfixes:
BlackBerry has joined other Android phone makers by promising timely security
fixes. The smartphone maker said last week - it will join other device makers
by rolling out security patches within about a month of their initial
disclosure. BlackBerry, now an Android phone maker, following the debut of its
first phone running Android, said in a blog post that it was
"critical" to fix Android flaws in a timely fashion.
6. Hacking Team returns with encryption cracking tool pitch
to customers: As law enforcement
grumbles over the uptake in encryption services offered by technology firms,
Hacking Team is keen to get back in the game and restore its client list
through a new set of encryption-breaking tools. Companies including Apple and
Google are taking the personal security and privacy more seriously. Google's
latest mobile OS, Android L, will offer encryption by default, mirroring and
keeping up with Apple's iOS 8 operating system. In retaliation to these
movements, the FBI is complaining that encryption will cause terrorist and
criminal cases to " go dark," hampering efforts to prevent criminal
incidents. In middle of all this Hacking team finds a market. This
blog reported the hacking team hack on July 12th 2015.
7. Mobile malware evolves: Adware now breaks and roots your
phone: Mobile threats just raised their
game with adware-based malware which can root your device without your consent.
In the past, adware was little more than a nuisance and hackers had to entice
users to click on the banner or ad to infect the machine/device. Times have now
changed and it may only take a victim viewing a compromised Web page for
third-party apps to be installed without user consent. Another issue is
Repackaged apps. The cyber-attackers repackage and rebuild apps (ex: Candy
Crush, Facebook, GoogleNow, Twitter, Snapchat and WhatsApp) with malicious code
before releasing them back into the wild and third-party app stores. The
problem? It's not easy to tell what is legitimate and what isn't.
8. Racket on prowl for OTPs, too: The one-time password (OTP) security feature is your
best friend for online transactions. Cyber fraudsters are trying every trick in
the book to get past it. Most e-commerce sites now insist on a third-level
authentication — the four-digit or six-digit OTP. Given the nature of
transactions now, time-barred OTPs are sent by the banks only to the registered
mobile number of the customer. A roadblock which the fraudsters are trying to
breach. They call and try to convince or feign to be an authentic bank employee
and ask for the OTP. Banks are going to great lengths to create awareness about
this, Banks will never call customers seeking account or card related
information. Callers may have all the details of the victim's credit or debit
card number, expiry date and even CVV number. But given the third-level
authentication systems in place, they would need the OTP to carry out any
net-based transaction with the card.
9. Raytheon | Websense Security Labs researchers have
identified a recent malvertising campaign affecting a popular Indonesian
technology news site, Tabloid Pulsa.
Users browsing to this site are being redirected to an exploit kit and served
up malware, due to a compromised advertising script that is being used by the
site. The website has close to 1 million hits per month. It is worth noting
that no user interaction was required at any point--simply visiting the
compromised website was enough to end up with malware being executed on the
victim’s machine. Raytheon | Websense customers are protected against this
threat via real-time analytics in ACE, the Websense Advanced Classification
Engine.
10. Class 12 student finds Gauhati University website highly
insecure, says can be hacked through phone:
Students of the prestigious Gauhati University aren't aware that their mark
sheets stored on the servers of the university could be easily accessed by a
mid-level cyber expert with chances of serious compromise to the data. Last
December, a class 12 student found flaws in the network server of the
university and had accessed their complete database through his Android phone.
He informed the university registrar through a mail immediately. While he
thought the vulnerabilities he pointed out to the university were rectified, he
was shocked to find that the issue wasn't resolved till last week. He again
mailed to the university, but nothing was done. He told media, "I am a web
security enthusiast and while researching on security faults, I managed to
access the Gauhati University control panel with ease through my Android phone.
What if someone with bad intentions exploits the vulnerabilities and play with
the future of thousands of students studying in the university?"
No comments:
Post a Comment