1. About 100 FreeCharge clients lose money
after cyber-attack: FreeCharge is
e-wallet payment app, based out of India. Last week, Nearly 100 customers of
FreeCharge lost Rs.10,000 ($150) each, across the country in cities like
Chennai, Mumbai, Hyderabad, Delhi only to be restored later as the e-wallet's
system met with a phishing attack. The attacks happened between June and August
2016. The hackers used the e-wallet for online shopping, transferring the money
to various bank accounts.
2. Online Ad service ClixSense hacked; 6M
plain-text passwords leaked: ClixSense,
a website that claims to pay users for viewing advertisements and completing
online surveys, is the latest victim to join the list of
"Mega-Breaches" revealed in recent months, including LinkedIn,
MySpace,
VK.com,
Tumblr,
and Dropbox.
In addition to 6.6M passwords and email addresses, the dump database includes
first and last names, dates of birth, sex, home addresses, IP addresses,
payment histories, and other banking details of Millions of users. ClixSense
admitted the data breach and said some unknown hackers were able to get access
to its main database through an old server which the firm was no longer using,
but at the time, still networked to its main database server.
3. Olympic Athletes' medical data
compromised by Russian Hackers: Last
week, The World Anti-Doping Agency (WADA) revealed that its Anti-Doping
Administration and Management System database was recently hacked -- allegedly
by Russian hacker group Fancy Bear. Confidential data of athletes were stolen
and some released publicly. The International Olympic Committee called the
leaks an "outrageous" breach of confidentiality and have offered to
assist WADA in communicating with Russian authorities over the matter. In
total, 40 athletes have now had their TUE history disclosed. TUE - (Therapeutic
Use Exemption) is a certificate which allows an athlete to take an otherwise
banned substance.
4. Mystery surrounds possible BlueSnap data
breach: Around 324,000 users have likely
had their payment records stolen either from Payment Gateway BlueSnap or its
customer Regpack; however, neither of the company has admitted a data breach.
Whoever is guilty of this breach is also in line for a serious fine, because
they also stored CVV numbers, an action prohibited by financial authorities and
credit card companies.
5. British Hacktivist 'Lauri Love' to be
extradited to USA: British citizen and
alleged hacker Lauri Love will be extradited to the United States to face
allegations of hacking into US government computer systems - including FBI,
NASA and US Army. Love was involved in an online protest linked to the untimely
death of another activist, who committed suicide in 2013 while under federal
charges for data theft. He has few legal options left before he can be
extradited but if it happens, he will face 99 years in prison.
6. Xiaomi can silently install any App on
Android Phone using a backdoor: Xiaomi
in the past has been criticized for spreading malware, shipping handsets with
pre-loaded spyware/adware and secretly stealing users' data. Now, a researcher
has found that the smartphone runs a pre-installed app called
AnalyticsCore.apk, that runs 24x7 in the background and reappears even if
it is deleted. The app sends the phone data including IMEI number to the
company server every 24 hours to check for updates, which automatically gets
installed silently. The worry is that the handset maker- can remotely and
silently install any application on the device just by renaming it to
"Analytics.apk" and hosting it on the server. Hackers can also
exploit this backdoor.
7. Using 'Signal' app? install the patch: Two
Researchers have discovered a couple of vulnerabilities in Signal, the popular
end-to-end encrypted messaging app. One of those vulnerabilities could allow
potential attackers to add random data to the attachments of encrypted messages
sent by Android users, while another bug could allow hackers to remotely crash
vulnerable devices. The vulnerabilities have just been patched and the updated
version is available on Github but not yet on Google play.
8. Google’s Project Zero is offering upto
$200,000 to find vulnerabilities in Android:
Google’s security analyst team, Project Zero (that works on finding
vulnerabilities in the Android system) has announced the launch of its hacking
contest to discover flaws in the mobile ecosystem. The goal is to find a bug
chain that can give remote access to multiple Android devices by just knowing
their email address or phone numbers. The first prize in the competition is
$200,000; the second prize is $100,000 and the third prize is $50,000. There
will be additional awards for winning entries that are able to find flaws in
the Google’s operating system.
9. Instead of spending $1.3 million, FBI
could have hacked iPhone in just $100:
The infamous encryption fight of Apple
V/s FBI, where Apple paid $1.3M to hack the phone and got nothing
useful out of it, could have been done in just $100. A researcher has shown a
technique called NAND mirroring, in which he physically removes the NAND memory
chip from the iPhone - copies the data and brute forces the passcode. 4 digit
passcode takes few hours while 6 digit passcode take few weeks. The big problem
FBI faced with the iPhone was that the 11th attempt to open the phone with a wrong
passcode would have deleted all its contents, hence they had to hack the phone.
10. FBI Director says you should cover your
Webcam with tape: In issue
70, we saw a Photo that revealed even Zuckerberg tapes his Webcam and
Microphone for Privacy, last week, the FBI director in a conference, confirmed
that he too tapes his webcam. He said like we lock our cars and lock our door
at night, we should also tape the camera on our laptops for privacy. In
reality, taping the camera just solves a small issue, the bigger issue is IoT
devices like Security Cameras. Due to their insecure implementation, hackers
routinely hijack Security Cameras and use them as weapons in cyber-attacks
Want To Increase Your ClickBank Traffic And Commissions?
ReplyDeleteBannerizer makes it easy for you to promote ClickBank products with banners, simply visit Bannerizer, and grab the banner codes for your picked ClickBank products or use the Universal ClickBank Banner Rotator to promote all of the available ClickBank products.