Sunday, October 30, 2016

Issue 88- Week of Oct 24th


1.      Indian origin teenager hacker arrested for disrupting 911 service with DDoS attack: 18 year old Indian origin teen discovered an iOS vulnerability that could be exploited to manipulate devices, including trigger pop-ups, open email, and abuse phone features. He posted links of his exploits on his Twitter account, which has a follower base of 12000 people, all those who clicked on that link had their iPhones hacked and ended up automatically calling 911 non-stop. This resulted in the disruption of 911 service in state of Arizona. Authorities swung into action and traced the issue to the teen and have arrested him.

2.      Hacker gets 18 months in Prison for hacking Celebrity nude photos: The hacker who stole nude photographs of female celebrities two years ago in a massive data breach — famous as "The Fappening" or "Celebgate" scandal — has finally been sentenced to 18 months in federal prison. The hacker  ran phishing scheme between November 2012 and September 2014 and hijacked more than 100 Identities using fake emails disguised as official notifications from Google and Apple, asking victims for their account credentials. Many of the compromised accounts belonged to famous female celebrities including Jennifer Lawrence, Kim Kardashian.

3.      LinkedIn hacker also charged with Dropbox hacking: Last issue we discussed the arrest of the LinkedIn hacker from Prague. Now, US authorities have officially indicted the 29-years-old Russian national, for hacking not just LinkedIn, but also the online cloud storage platform Dropbox. The hacker remains in custody in Prague, Czech Republic. The FBI is waiting for a Czech court to decide on his extradition to the United States.

4.      Chinese IoT cameras used in Dyn DDos attack: Issue 87 - we discussed the DDoS attack on DNS provider Dyn by an army of hacked IoT devices. A Chinese IoT firm admitted its products inadvertently played a role in the massive cyber-attack against DynDNS. More such attacks are expected to happen and will not stop until IoT manufacturers take the security of these Internet-connected devices seriously. The company has rolled out patches and has advised its customers to update their product's firmware and change their default credentials. The company also said it will also recall up to 10,000 webcams.

5.      Mirai Botnet that attacked Dyn is itself Flawed: A Botnet called Mirai was used in the Dyn DDoS attack.  The author of the Botnet released the source code and a researcher found that the botnet itself contains several vulnerabilities that might be used against it in order to destroy botnet's DDoS capabilities and mitigate future attacks. The researcher has now released his exploit. The DDoS attack that hit French Internet service and hosting provider OVH with 1 Tbps of junk traffic, which is the largest DDoS attack known to date, also came from Mirai bots.

6.      Chinese Hackers won $215k for Hacking iPhone and Google Nexus at Mobile Pwn2Own: For hacking Apple's iPhone 6S (with the latest iOS 10), the hackers exploited two iOS vulnerabilities – a use-after-free bug in the renderer and a memory corruption flaw in the sandbox – and stole pictures from the device, for which the team was awarded $52.5k. They won another $60k for installing an app on the iPhone though it did not survive a reboot. For hacking the Nexus 6P, the hackers used a combination of two vulnerabilities and other weaknesses in Android and managed to install a rogue application on the Google Nexus 6P phone without user interaction. They were awarded them a whopping $102,500 for the Nexus 6P hack.

7.      AtomBombing is a design flaw in Windows that cannot be patched: Security researchers have discovered a new technique that could allow attackers to inject malicious code on every version of Microsoft's Windows operating system, even Windows 10, in a manner that no existing anti-malware tools can detect. Dubbed "AtomBombing," the technique does not exploit any vulnerability but abuses a designing weakness in Windows. AtomBombing attack abuses the system-level Atom Tables, a feature of Windows that allows applications to store information on strings, objects, and other types of data to access on a regular basis. This issue cannot be patched as it is a design issue.

8.      You can hijack nearly any Drone mid-flight using this tiny Gadget: A Security researcher has devised a small hardware, dubbed Icarus, that can hijack a variety of popular drones mid-flight, allowing attackers to lock the owner out and give them complete control over the device. Besides Drones, the new gadget has the capability of fully hijacking a wide variety of radio-controlled devices, including helicopters, cars, boats and other remote control gears that run over the most popular wireless transmission control protocol called DSMx. The loophole relies on the fact that DSMx protocol does not encrypt the 'secret' key that pairs a controller and flying device.

9.      Now – iPhone can also be hacked with an Image: Attackers can take over a vulnerable Apple's iOS device remotely – all they have to do is trick the user to view a maliciously-crafted JPEG graphic or PDF file, which could allow them to execute malicious code on the mobile. That's a terrible flaw (CVE-2016-4673), but the good news is that Apple has released the latest version of its mobile operating system, iOS 10.1, for iPhones and iPads to address this remote-code execution flaw, alongside an array of bug fixes. Users running older versions of iOS are advised to update their mobile devices to iOS 10.1 as soon as possible. Last year, Stagefright bug in Android allowed hack via just a text message, while in Issue 81 – we saw how an image can be used to hack the unpatched Android devices.


10.   Big spike in cybercrimes in India: Latest statistics released by the National Crime Records Bureau (NCRB) reflect a massive spike in cybercrimes in India. In Issue 77 - we saw "Pune based Indian Manufacturing Co. losing $175k". Last week it was few Hyderabad based Pharma companies that fell victim to a typo-squatting attack when they received fake details of change in bank in an Email, from what appeared to be their suppliers. They ended up sending huge sums of money to Scamsters instead of their suppliers. There are also cases where hackers hacked the email servers and send emails to the company's customers informing about a fake change in bank details to swindle money. These kinds of hacks are also called BEC - Business Email Compromise.



Sunday, October 23, 2016

Issue 87- Week of Oct 17th


1.      Massive ATM hack hits 3.2 Million Indian Debit cards: India is undergoing the biggest data breaches to date with as many as 3.2 Million debit card details reportedly stolen from multiple banks and financial platforms. The massive financial breach has hit India's biggest banks including State Bank of India (SBI), HDFC Bank, Yes Bank, ICICI Bank and Axis, and customers are advised to change their ATM PIN immediately. Hackers stole the data by allegedly using malware to compromise the Hitachi Payment Services platform — which is used to power country's ATM, point-of-sale (PoS) machines and other financial transactions.

2.      An army of Million hacked IoT devices almost broke the Internet: A massive Distributed Denial of Service (DDoS) attack against Dyn, a major domain name system (DNS) provider, broke large portions of the Internet on Friday, causing a significant outage to a ton of websites and services, including Twitter, GitHub, PayPal, Amazon, Reddit, Netflix, and Spotify. Though the exact details of the attack remain vague, it is suspected that it could have been using hijacked IoT devices - very similar to the  1 Tbps DDoS attack on France-based hosting provider OVH.

3.      Weebly & Foursquare join the massive Data breach family: Weebly and Foursquare are the latest victims of the massive data breach, joining the list of "Mega-Breaches" revealed in recent months, including LinkedIn, MySpace, VK.com, Tumblr, Dropbox, and the biggest one -- Yahoo. Website building service company - Weebly, lost details of 43 Million users, which includes usernames, email addresses, passwords, and IP addresses. The passwords were encrypted and salted, so it will be difficult for hackers to obtain the real passwords. Location based search-and-discovery service mobile app company - Foursquare, lost details of 22.5Million customers.

4.      LinkedIn hacker arrested: The 29 year old Russian hacker responsible for massive 2012 data breach at LinkedIn, has been arrested in Prague. The breach had affected 117 Million users. He had managed to break into the company's computers in March 2012 by stealing the username and password of a LinkedIn employee who worked at the company's Mountain View, California, headquarters. This stolen data was put on sale by a hacker called 'Peace', who also put data dumps of MySpace, Tumblr, VK.com, and Yahoo! on the dark web marketplace. As of now it is not sure if the arrested person and ‘Peace’ are the same.

5.      Details emerge after the NSA contractor's arrest: Issue 85 - we discussed -  "Another NSA Contractor arrested for stealing 'Secret' documents". Now, according to a court document filed last week, the FBI seized at least 50 terabytes of data from the contractor that he had siphoned from government computers over two decades, he also took several physical documents, many of which were marked "Secret" and "Top Secret." The stolen data also contained the hacking tools that were recently leaked by 'The Shadow Brokers', further investigation will determine if there is any connection between these events.

6.      Dirty COW — critical Linux kernel flaw being exploited in the wild: A nine-year-old critical vulnerability Dubbed "Dirty COW", has been discovered in virtually all versions of the Linux OS and is actively being exploited in the wild. The flaw is a privilege-escalation vulnerability, that is part of every distro of Linux - RedHat, Debian, and Ubuntu and it can be easily/reliably exploited. The flaw gets its name from the copy-on-write (COW) mechanism in the Linux kernel, which is so broken that any application or malware can tamper with read-only root-owned executable files to gain administrative (root-level) access to the device and completely hijack it.

7.      This free tool protects PCs from master boot record attacks: In Issue 58 -we discussed - Petya Ransomware which not only encrypts the files but also locks down the entire computer by attacking the Master boot record. Now Cyber security experts have developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. Dubbed ‘MBRFilter’, the tool is nothing more than a signed system driver that puts the MBR into a read-only state, preventing any software or malware from modifying data of the MBR section.

8.      Ransomware update: Ransomware has exploded in 2016 and is increasingly targeting business networks instead of individual users. The total cost of damages related to these attacks is set to cross $1 billion this year. The primary drivers of Ransomware growth have been that attacks are easy to carry out and victims are willing to pay to get their data back. The bad news is that ransomware doesn't show any signs of slowing down and it's likely to only become a bigger problem during 2017. Building awareness, regular back-ups and a good Web Security solution can go a long way in protecting networks from Ransomware.

9.      St. Jude Medical and Muddy Waters update: Issue 81 - St. Jude Medical (STM) sued Muddy waters to set the records right. Last week - Muddy waters launched a new website, posting more demo videos and information about vulnerabilities in STM's implantable cardiac devices. STM claims that MedSec and Muddy Waters falsely issued warnings about insecure medical devices in order to intentionally drop the share value of STM - with an objective to profit from it. Meanwhile, STM has announced plans for a Cyber Security Medical Advisory Board which will handle all issues related to cybersecurity standards of its medical devices.


10.   Indo-pak cyberwar update: Pakistani hackers often tap into the frequencies that Indian airlines use to communicate with ATC while landing in border towns like Jammu. The hackers then block the communication and start transmitting Pakistani patriotic songs. Indian pilots quickly coordinate with other Airforce ATC in the vicinity to change the frequency to restore communications. For all its IT prowess, cyberspace is one frontier on which India remains seriously vulnerable. Steps are being taken to plug the gaping holes. The ambitious Digital India program will also need to factor in Cybersecurity. We can also learn from the Yahoo breach and protect our own billion+ user database – Aadhar.

Sunday, October 16, 2016

Issue 86- Week of Oct 10th


1.      Indo-Pak cyber war continues: Patriotic Indian hackers continue to damage crucial Pakistani websites. They have been defacing Pakistani Govt. websites and launching Ransomware attacks. Pakistan has been responding and at least 50 IT companies in Hyderabad have come under cyber-attacks from Pakistan-based hackers over the past 10 days, the Society for Cyberabad Security Council (SCSC) revealed. The Cyber Security Forum officials said Pakistani hackers have used servers in Turkey, Somalia and Saudi Arabia to launch attacks. Meanwhile in Delhi - Pakistan Cyber Army tried but failed to breach the Delhi Police website and steal the GPS data of the PCR vans.

2.      Air Force computer outage hits drone center: The US Air Force is investigating the failure of its classified computer network at Creech Air Force Base, a key nerve center for worldwide drone and targeted killing operations mainly in Syria, Afghanistan, Pakistan and Somalia. Military officials would not say whether the critical failure was due to internal technical issues, a cyberattack, or something else. Within weeks of the network crash at Creech, there were a series of airstrikes that went terribly wrong. It will be difficult to connect these events with each other. The investigation into the issue is ongoing.

3.      BlockChain.info Domain hijacked; site goes down: Blockchain.info, the world's most popular Bitcoin wallet and Block Explorer service, was down for few hours last week. It is believed that a possible cyber-attack had disrupted the site. The site has more than 8 million Digital Wallet customers. It was a DNS issue that led to their Domain name getting hijacked. It could be possible that the attacker wanted to host a fake web page on the same domain in an effort to steal bitcoin wallet credentials. The site is back now and there is no statement from the Blockchain.info team that suggests any hacking or compromise of its users bitcoin wallets.

4.      Turkey Blocks several sites to censor RedHack leaks: RedHack, a 20-year-old hacktivist group leaked 17GB of files containing some 58,000 stolen emails dating from April 2000 to Sep'16. In order to suppress the circulation of these stolen emails - Turkey has blocked access to cloud storage services including Microsoft OneDrive, Dropbox, and Google Drive, as well as the code hosting service GitHub. Like China, Turkey has long been known for blocking access to major online services in order to control what its citizens can see about its government on the Internet.

5.      New Android banking Trojan discovered in Singapore and HK: A recent version of a banking Trojan called Acecard - pretends to be a video plugin/Flash Player/app/video codec. If it gets installed on Mobile phones, it waits for victims to open any financial app. The Trojan then overlays itself on top of the legitimate app where it proceeds to ask users for their payment card number and card details such as card holder's name, expiration date, and CVV number. It also requests for personal information including a selfie of the victim holding his ID card under the face. With all this info - Hackers can make illegal transfers and take over victim's online accounts.

6.      Hackers leverage 12-year-old OpenSSH vulnerability for IoT attack: We have seen examples of DDoS attack launched from hacked Smart devices. Now, Researchers have discovered a new attack that was using compromised IoT devices to act as proxies for malicious traffic. Dubbed "SSHowDowN Proxy," this attack uses different types of IoT devices, from Wi-Fi routers and internet-connected NAS devices to DVRs and wireless cameras. More importantly, the SSHowDowN Proxy attack exploits a default configuration flaw in OpenSSH that was first discovered and addressed in 2004. It is recommended that end users always change the factory default credentials of any internet-connected device; disable SSH services on the devices unless they are required to operate; and establish firewall rules that prevent SSH access to and from IoT devices.

7.      Social media apps used for surveillance: It was disclosed last week that Facebook, Instagram, Twitter, VK, Google's Picasa and Youtube were handing over user data access to the developer of a social media monitoring tool called Geofeedia — which then sold this data to law enforcement agencies for surveillance purposes. The company has marketed its services to 500 law enforcement and public safety agencies. Facebook, Instagram, and Twitter have all moved to restrict access to Geofeedia after learning about the tool's activities when presented with the study's findings.

8.      Beware of Security Fakeware: A hacker group called StrongPity has been using watering hole attacks to distribute compromised versions of WinRAR and TrueCrypt. By setting up fake distribution sites that closely mimic legitimate download sites, StrongPity is able to trick users into downloading malicious versions of these encryption apps in hopes that users encrypt their data using a Trojanized version of WinRAR or TrueCrypt apps, allowing attackers to spy on encrypted data before encryption occurred. The top five countries affected by the group are Italy, Turkey, Belgium, Algeria and France.

9.      Microsoft and Adobe patch vulnerabilities: Microsoft has released its monthly Patch Tuesday update including a total of 10 security bulletin, and you are required to apply the whole package of patches altogether. MS has removed the ability to pick and choose which individual patches to install. Adobe also released a new version of Flash Player that patched a dozen of vulnerabilities in its software, most of which were remote code execution flaws. Users are advised to apply Windows and Adobe patches to keep away hackers and cybercriminals from taking control over your computer.


10.   MITRE will award $50,000 for a solution that detects rogue IoT Devices: The non-profit research and development organization MITRE has challenged security researchers to propose new methods and technologies that could help in detecting rogue Internet of Things (IoT) devices on a network. It will give a $50,000 reward to the researchers who will propose a non-traditional method for enumerating IoT devices through passive network monitoring. Recently IoT botnets were observed launching massive DDoS attacks against the OVH websites and on Infosec websites.




Sunday, October 9, 2016

Issue 85- Week of Oct 3rd


1.      Cyber strikes after surgical strikes: After India announced its Surgical strike in Pakistan, Pakistani hackers have responded by defacing several Indian websites. Some of the reports suggest as many as 7000 sites were defaced. Indian hackers responded by launching Ransomware attacks on several Pakistani networks. Indians have managed to render several Pakistani networks unusable. In many cases they are not accepting any bitcoins to release the decryption key.

2.      Spotify hit by 'Malvertising' in app: Spotify has become the latest service to be hit by ‘Malvertising’, after a malicious advert pushed through the free tier of the music streaming site started opening “questionable” website pop-ups for some users. Spotify has confirmed the issue and have shut the adverts. Recently Spotify was hacked and in a different incident its premium accounts were exposed. Malvertising has hit some of the biggest websites, including Yahoo, the New York Times and BBC. The key reason being- most large sites sell advertising space through third-party resellers, who pull in adverts on the fly based on open auction. If malicious code can be smuggled on to the ad server, it can often be sent to multiple sites.

3.      68 Million hacked Dropbox accounts now available for free download: Issue 80, we discussed - the Dropbox hack. It was one of the mega breaches to join the infamous list of LinkedIn, MySpace, VK.com, Tumblr. Last week it was found that the hacker has uploaded the full dump of hacked Dropbox database online, it is now a free download. The best way to protect oneself is to change Dropbox password immediately and not to use the same password across various websites to prevent the Password reuse attack.

4.      TalkTalk fined $510K: TalkTalk, one of the biggest UK-based Telecos with 4 million customers was hacked last year. This not only affected its stock price but also attracted a fine of $510,000 for failing to implement the most basic security measures. 3 teenagers have also been arrested in connection with this hack and the investigation is still on.

5.      Another NSA Contractor arrested for stealing 'Secret' documents: The FBI has busted another NSA contractor over a massive secret data theft. He is charged with theft of highly classified government material, including "source codes" developed by the NSA to hack foreign government. If confirmed, this would be the second time (Snowden was first) in last 3 years when someone with access to secret data was able to steal NSA's classified information. If convicted, he faces up to 10 years in prison.

6.      London police arrest Romanian ATM hacker who stole Millions: A Romanian man has been arrested and charged with conspiracy relating to his involvement in ATM theft. He was arrested in Romania by London police and extradited to the United Kingdom last week. He is believed to be a member of a European ATM hacking gang that stole more than $2 Million from cash machines across the UK in 2014 using ATM malware to bypass security controls. The gang would physically access the ATMs to directly load malware onto the machines, allowing them to withdraw "large amounts of cash." Recently ATMs in Thailand were hacked and 12 Million Baht stolen.

7.      Verizon wants $1 Billion discount on Yahoo acquisition deal after recent scandals: In Issue 84, we discussed - 'Yahoo data breach may have hit over 1 Billion users'. Verizon, which has agreed to purchase Yahoo for $4.8 Billion, is now asking for a $1 Billion discount, according to recent reports. It is also possible that the deal may just fall through. The acquisition deal is supposed to close early next year, merging Yahoo's search, advertising, content, and mobile operations with AOL to reach 1 Billion users.

8.      Mac Malware can secretly spy on your Webcam and Mic: The researcher who build ransomware blocker for Mac called 'Ransomwhere?', has discovered a way for Mac malware to tap into live feeds from Mac's built-in webcam and microphone to locally record without detection. He has developed and released a free tool, dubbed OverSight, which not only monitors webcam and microphone activities but also alerts the user when a secondary process accesses the webcam. Oversight is a free to download, the other low-tech way to  keeping snoopers away is to tape the webcam like Mark Zuckerberg does.

9.      Hack a computer just using an Image: Researchers have disclosed a critical zero-day vulnerability in the JPEG 2000 image file format parser implemented in OpenJPEG library, which could allow an attacker to remotely execute arbitrary code on the affected systems. Hackers can exploit the security vulnerability by tricking the victim into opening a specially crafted, malicious JPEG2000 image or a PDF document containing that malicious file in an email. Once downloaded to the system, it would create a way for hackers to remotely execute malicious code on the affected system. The vulnerability is categorized as a high-severity bug and has been fixed in the latest release of OpenJPEG.


10.   FBI seeking access to another locked iPhone: Months after the controversial battle of Apple v/s FBI, now FBI is seeking access to iPhone of the criminal who stabbed 10 people in a Minnesota mall before being killed. Last time FBI spend more than million dollars to access the iPhone of the terrorist but got nothing valuable in return.


Sunday, October 2, 2016

Issue 84- Week of Sep 26th


1.      Zerodium offers $1.5 Million bounty for iOS Zero-day exploits: Exploit vendor Zerodium has tripled its bug bounty for an Apple's iOS 10 zero-day exploit, offering a maximum payout of $US1.5 Million. That is seven times more than Apple's $200k Bug bounty program. Last year (Issue 31) - the same vendor had offered $1Million for an iOS 9 exploit and few weeks later - a team of hackers won that money. The company has also doubled its bug bounty for Android 7.x (Nougat) remote jailbreaks to $200,000. The hike in the price is in line with demand and the tougher security of the latest iOS and Android operating systems, and to attract more researchers, hackers and bug hunters to seek complex exploit chains in iOS 10.

2.      World's largest 1 Tbps DDoS attack launched from 152,000 hacked Smart devices: France-based hosting provider OVH was the victim to the record-breaking Distributed Denial of Service (DDoS) attacks that reached over one terabit per second (1 Tbps) over the past week. As the Internet of Things (IoT) or connected devices (like televisions, cars, refrigerators or thermostats) are growing at a great pace, they continue to widen the attack surface at the same time, giving attackers a large number of entry points. The worst part: There is no security updates in line for these insecure IoT or internet-connected devices. In Issue 54, we discussed a 400 Gbps attack that could be rented.

3.      Jive resets passwords after August data breach: US based, Jive Software is a provider of communication and collaboration solutions for business. After the company discovered a data breach, it has reset customers passwords. The breach was discovered in its Producteev task management software, as its logins were held in a file outside the normal encryption procedures of the company. No other Jive products were impacted by the breach.

4.      'Syrian Electronic Army (SEA)' Hacker pleads guilty in US court: One of the FBI's Most Wanted Hackers who was arrested in Germany earlier this year has pleaded guilty to federal charges for his role in a scheme that hacked computers and targeted the US government, foreign governments, and multiple US media outlets. SEA hackers were allegedly engaged in a long-running cyber-propaganda campaign and used "spear-phishing" tactics to target computer systems. The hacker faces up to 5 years in prison and is scheduled to be sentenced on 21st October.

5.      Yahoo data breach may have hit over 1 Billion users: Last issue- Yahoo confirmed 'state-sponsored' hackers stole personal data from 500m accounts, Now a report indicates that the number of affected Yahoo accounts may be between 1 Billion and 3 Billion. Yahoo's back-end system's architecture is designed in such a way that all of its products use one main user database (UDB) to authenticate users, this central database is what got compromised.

6.      Multiple backdoors found in D-Link Router: D-Link DWR-932B LTE router is allegedly vulnerable to over 20 issues, including backdoor accounts, default credentials, leaky credentials, firmware upgrade vulnerabilities and insecure UPnP (Universal Plug-and-Play) configuration. If successfully exploited, these vulnerabilities could allow attackers to remotely hijack and control any router, as well as network, leaving all connected devices vulnerable to man-in-the-middle and DNS poisoning attacks. The  hacked router can be easily abused by cybercriminals to launch massive Distributed Denial of Service (DDoS) attacks. One of the vulnerabilities includes - sending "HELODBG" string as a secret hard-coded command to UDP port 39889, which in
6.return launch Telnet with root privileges without any authentication.

7.      First-ever Ransomware for smart Thermostat: Ransomware is known for its attacks on Computers, Smartphones, TVs, now two white hat hackers have showed the first proof-of-concept (PoC) ransomware that infects a smart thermostat. The hackers hacked a US thermostat that runs a modified version of Linux, and used the SD card slot meant to load custom settings. The downside of the PoC was it required physical access to the IoT but since Internet of Things is currently being deployed in a large variety of uses throughout homes, businesses, hospitals, and even entire cities that are called Smart Cities, it gives attackers a large number of entry points to attack some or the other way.

8.      Majority of enterprises admit they are vulnerable to insider threats: The majority of enterprise players admit they are vulnerable to insider threats to their networks and a third have already become victims, according to new research. Insider threats are not always due to malicious, unprincipled employees. While it is possible that such staff members could access corporate data for sale or trade illegally, it is often accidental insider threats which are the source of data breaches -- such as in the case of Snapchat this year, when a cybercriminal posed as the firm's CEO in order to dupe HR into handing over staff payroll data. In the majority of organizations, employee training, identity management solutions, data leakage prevention solutions and Insider threat solutions - were seen as effective tools to combat insider threats.

9.      Clinton, Trump debate 'Twenty-First Century War' of Cyberattacks: Both Clinton and Trump stressed the importance of cybersecurity for the next administration. Both candidates to date have had some very public cybersecurity woes of their own: Trump with his Trump International Hotels data breach, and Clinton with the Democratic National Committee (DNC) breach. She blamed Russia for the DNC hack while he disputed that conclusion and said nobody knows who the actual hackers are. Most experts welcome this political discussion on Cyber-security but would like to hear more in terms policies for mitigating cybersecurity threats and prevention of Data leakage that affect governments and private businesses.

Ransomware attack on Kerala Govt.: Kerala state forest department has suffered a Ransomware attack. Computers containing crucial data pertaining to accounts and finance were locked out. The IT team and CERT tried in vain to retrieve the data. They have now decided to forgo the data. Meanwhile in Mumbai - Someone hacked Bollywood actress Kareena Kapoor's Income Tax account and filed a false return claim. A police compliant has been filed and investigation is on.


Source: Zerodium website