1. Hyatt Hack: In
Issue 45, we spoke about Hyatt hack. More details emerged last week.
According to Hyatt, 318 hotels out of 627 in the firm's portfolio were infected
last year. Hyatt has published the list of properties that were compromised
across 54 countries - China, India and the United States are at the top of the
list for malware-ridden hotel systems, with 22, 20 and 99 infected sites
respectively. The malware stole financial data including cardholder
names, card numbers, expiration dates as they passed through Hyatt's infected
payment processing systems. Hyatt Regency Lost Pines, also figures in the list
and had suffered infection from Aug to Dec 2015.
2. US intelligence chief's personal email,
phone hacked: The hacker that targeted a CIA
director last year is back to claim another senior government scalp:
the Director of National Intelligence. Hackers claim to have broken into a
series of accounts associated with Director, including his personal email
account. The FBI warned last year that US police and officials were targets of
hacktivist groups, and should in particular "be aware of their online
presence and exposure."
3. Suspected members of Bitcoin extortion
group DD4BC arrested: DD4BC -- otherwise
known as Distributed denial-of-service for Bitcoin -- is a group dedicated to
extorting virtual currency from companies. Emerging in the middle of 2014,
DD4BC used the threat of DDoS attacks and held companies to ransom unless they
agreed to pay a fee in Bitcoin. For organizations such as banks, financial
institutions and even gambling websites, network downtime is equated with an
immediate loss of revenue, which can lead them to give in to demands. European
law enforcement has arrested and detained two alleged members of a hacking
group.
4. Windows users face a dangerous world
with end of support for older Internet Explorer versions: Microsoft ends support of Windows 7, 8 and IE 8,9,10.
The tens of millions of IE users, will be at risk almost immediately,
considering nearly every month IE remains one of the most likely target of
hackers and attackers. IE 11 would be the last version of the aging browser,
which first debuted in 1995. The browser has long been known for its security
flaws and issues, which have bogged both Microsoft and its users down for
years. When Windows 10 was released, the company began pushing its new Edge browser
more aggressively as an alternative. The browser was heralded as being safer
than its predecessor as it prevents adware and toolbars from hijacking dynamic
link libraries.
5. Serious security flaw in OpenSSH puts
private keys at risk: A major vulnerability has been found and fixed in
OpenSSH, an open-source remote connectivity tool using the Secure Shell
protocol. The flaw was the result of an "experimental" feature that
allows users to resume connections. The malicious server can trick an affected
client to leak client memory, including a client's private user keys. The
software is used on many commercial routers and firewalls, some versions of
Ubuntu & Red Hat operating system are affected by the flaw.
Developers and admins are advised to regenerate and rotate keys, the Bottom
line is - Patch now, and patch fast.
6. Simple eBay security flaw exposed
millions of users to spear phishing campaigns: EBay
has patched a severe XSS security vulnerability which exposed potentially
millions of users to phishing campaigns and subsequent data theft. Despite
being informed of the bug privately, the online auction trading site allegedly
left a critical XSS flaw open to abuse on the ebay.com domain, and only rallied
to fix the issue after the media caught wind of the flaw. The Cross-Site
Scripting (XSS) vulnerability, implemented through Java, allowed an attacker to
inject their own malicious page within eBay via an iframe.
7. Brazilian cyber-crime flourishes,
catching up to Russian, Chinese groups: For years Brazilian
operators used to be customers of Russian hackers but now they have started
using their own homegrown tools. In terms of technical expertise - they seem to
have caught up and they are now placed just behind Russia and China. Like the
Russians, they focus on financial institutions but unlike the Russians or
Chinese they do not have a relationship with their govt. While the basic skills
in each country are the same, there are regional differences - Japan's hackers
are focused on forging documents, Germany's underground is strong in
encryption, the U.S. underground focuses on illicit goods, and while Russia and
China are known for their espionage attacks against U.S. systems and focus on
financial crimes and the creation of criminal tools.
8. Juniper Networks moves to replace
vulnerable code: At
the end of 2015, Juniper Networks publicly disclosed that it had found
previously unknown backdoor code on some of its firewalls. Juniper patched the
issues and is now going a step further by replacing a core cryptography
component in its ScreenOS operating system to further reduce any potential
risk. Last week, a security researcher discovered a highly suspicious code in
Fortinet's FortiOS. A SSH backdoor with a hardcoded password (now leaked) that
can be used to access the firewall. A fact to be noted is anyone using this
backdoor account doesn't appear in the device's access logs, as the backdoor
might be tied to its FortiManager maintenance platform.
9. Hack WiFi password from smart doorbells: The
buzz around Internet of Things (IoT) is rapidly growing. Another household
device to join the IoT world is a Smart Doorbell. With these Internet-connected
Smart Doorbells, one can get an alert on the smartphone app every time a
visitor presses the doorbell and also view who's in front of the door. Security
researchers have discovered a critical security hole in Wi-Fi-enabled
video doorbell that could be used to expose the home network password. Hackers
can access a button behind the doorbell to slip the device in setup mode and
access the password in the config file using their mobile's wifi.
10. Indian Banks & Big industry targeted
in Ransomware racket demanding Bitcoin: Three banks and a
pharmaceutical company in India have been revealed as targets of a ransomware
that saw a ransom demand in bitcoin. In what is now the first known instance of
an online extortionist demanding ransom in bitcoins from Indian targets, the
Economic Times has revealed that hackers disrupted operations by crippling
computers at three banks and a pharma company. In all four cases, the hackers
are said to have used the Lechiffre ransomware. Having encrypted all files, the
hackers demanded one bitcoin each (about Rs 30,000 at current prices) per
computer for a total running into millions of dollars.
Thnansks
ReplyDeleteasa
ReplyDelete