1.
BEC hack scams company of $495,000: An investment company - Pomeroy
Investment Corp - was recently robbed of $495,000 through a common email fraud
method where the hacker, posing as a co-worker, had the funds transferred to
his account. A staff received an email from another "employee" of the
company asking for transfer of funds into a Hong Kong bank. The so-called email
appeared genuine to the recipient, who had the money transferred. It was few
days later the company realized they had been cheated via what is known as a business
email compromise (BEC). Police received a complaint about the incident
and have cautioned against transfer of any amount of money based on emails and
advised verifying messages before making any money transactions.
2.
Another Ransomware victim: Michigan Public Utility is currently
cleaning up its administrative systems after an undisclosed number of computers
were infected with ransomware. The agency has stressed that the cyber incident
"should have no impact on the delivery of water and electricity to its
customers". In February, a ransomware attack shut down medical record
systems at a LA Hospital and the hospital paid
$17,000 in Ransom to the criminals.
3.
Wendy's hit with lawsuit over data breach: A class action lawsuit has been
filed against Wendy’s
for alleged negligence in securing its computer systems and customer data.
According to the filing, Wendy’s did not update its computer system when
required, thus making it susceptible to hacks. Confidential details of millions
of customer credit cards were possibly leaked from various Wendy’s locations. The
lawsuit accused Wendy’s of using outdated credit card systems that do not
comply with federal guidelines, and for holding card details for too long.
4.
For sale - 272 million email passwords for just $1: A massive database of emails and passwords
for popular email services, including Gmail, Microsoft, and Yahoo, are being
offered for sale on the Dark Web for $1. An anonymous Russian hacker, who goes
by the moniker "the Collector," was first spotted advertising 1.17
Billion user records for email accounts on a dark web forum. A large number of
those 1.17 Billion accounts credentials turned out to be duplicate and that 272
Million records were unique. In an unrelated but similar incident - it was
revealed last week that a database containing the details of over 57 million email
accounts was put up for sale on the dark web.
5.
ImageMagick tool vulnerable to remote code execution: ImageMagick is
an open-source image processing library that lets users resize, scale, crop,
watermarking and tweak images. A serious zero-day vulnerability has been
discovered in ImageMagick, which could allow hackers to execute malicious code
remotely on servers by uploading a maliciously-crafted image. The vulnerability
will be patched in next versions, which are due to be released by this weekend.
6.
ADP data used in US bank employee W-2 breach: ADP is a
payroll processing provider, thieves used unregistered employee accounts to
create fake accounts and siphon W-2 information from the ADP portal. This
leaves the victims exposed to the risk of tax returns being filed fraudulently
in their names. Mattel,
Snapchat,
Seagate,
Polycom
have all been recently lost W-2 data.
7.
2016 Global threat report: INSIDER THREAT- THE MALICIOUS AND THE
ACCIDENTAL: Insider threats refer to attacks that either originate or
receive cooperation from sources within an organization. Attackers are
targeting insiders within organizations – or via business partners and third
party suppliers – and gaining access to networks by manipulating staff into
revealing their credentials. With these stolen credentials, criminals move
among networks, accessing and stealing sensitive data, often going unnoticed
until it’s too late. Industry measures the time that attackers spends in the
network as Dwell time - which begins when an attacker enters a network and
continues until they leave or are forced out. Minimizing dwell time reduces the
opportunity for an attacker to achieve lateral movement and steal data.
8.
Russian hacker who stole from banks ordered to pay $7 million: A Russian man
who spent about 3 years behind bars in the United States has been spared
further prison time due to his "substantial assistance" in the
investigation but ordered to pay $7 Million to cover damages he caused to banks
for using Gozi - a vicious computer virus. The hacker used to rent the Gozi
malware out for $500 a week to cyber criminals who in turn, used the malware to
steal money from bank accounts, he also would control all compromised computers
remotely as Botnet to steal data and access banks accounts.
9.
High-severity openSSL vulnerability allows hackers to decrypt HTTPS
traffic: OpenSSL
has released a series of patches against six vulnerabilities, including a pair
of high-severity flaws that could allow attackers to execute malicious code on
a web server as well as decrypt HTTPS traffic. One of the high-severity flaws,
allows a man-in-the-middle attacker to initiate a "Padding Oracle
Attack" that can decrypt HTTPS traffic if the connection uses AES-CBC
cipher. The other high-severity bug, is a memory corruption flaw in the
OpenSSL.
10. IRCTC denies hack, says committee is
examining alleged data theft: IRCTC has a total user-base of 39
million, and sells 500,000 railway tickets every month. Last week, cyber cell
found a CD containing 15K IRCTC data records in the market for sale. This led
to wide spread speculation that IRCTC was hacked. IRCTC has denied the hack, but
has formed a team to investigate the data theft.
Records in the IRCTC case are supposed to be 10 million Ajay. 15k is the price (INR) for which the DVD was being sold in Delhi.
ReplyDeletehttp://www.inforisktoday.asia/blogs/irctc-denies-hack-but-leaked-data-could-be-genuine-p-2124