1. Cyber strikes after surgical strikes: After India announced its Surgical strike in Pakistan,
Pakistani hackers have responded by defacing several Indian websites. Some of
the reports suggest as many as 7000 sites were defaced. Indian hackers
responded by launching Ransomware attacks on several Pakistani networks.
Indians have managed to render several Pakistani networks unusable. In many
cases they are not accepting any bitcoins to release the decryption key.
2. Spotify hit by 'Malvertising' in app: Spotify has become the latest service to be hit by ‘Malvertising’,
after a malicious advert pushed through the free tier of the music streaming
site started opening “questionable” website pop-ups for some users. Spotify has
confirmed the issue and have shut the adverts. Recently Spotify
was hacked and in a different incident its premium
accounts were exposed. Malvertising has hit some of the biggest
websites, including Yahoo,
the New York Times and BBC. The key reason being- most large sites sell
advertising space through third-party resellers, who pull in adverts on the fly
based on open auction. If malicious code can be smuggled on to the ad server,
it can often be sent to multiple sites.
3. 68 Million hacked Dropbox accounts now available for free
download: Issue
80, we discussed - the Dropbox hack. It was one of the mega breaches to
join the infamous list of LinkedIn,
MySpace,
VK.com,
Tumblr.
Last week it was found that the hacker has uploaded the full dump of hacked
Dropbox database online, it is now a free download. The best way to protect oneself
is to change Dropbox password immediately and not to use the same password
across various websites to prevent the Password reuse attack.
4. TalkTalk fined $510K:
TalkTalk, one of the biggest UK-based Telecos with 4 million customers was hacked
last year. This not only affected its stock
price but also attracted a fine of $510,000 for failing to implement
the most basic security measures. 3 teenagers have also been arrested in
connection with this hack and the investigation is still on.
5. Another NSA Contractor arrested for stealing 'Secret' documents: The FBI has busted another NSA contractor over a massive
secret data theft. He is charged with theft of highly classified government
material, including "source codes" developed by the NSA to hack
foreign government. If confirmed, this would be the second time (Snowden was first)
in last 3 years when someone with access to secret data was able to steal NSA's
classified information. If convicted, he faces up to 10 years in prison.
6. London police arrest Romanian ATM hacker who stole
Millions: A Romanian man has been
arrested and charged with conspiracy relating to his involvement in ATM theft.
He was arrested in Romania by London police and extradited to the United
Kingdom last week. He is believed to be a member of a European ATM hacking gang
that stole more than $2 Million from cash machines across the UK in 2014 using
ATM malware to bypass security controls. The gang would physically access the
ATMs to directly load malware onto the machines, allowing them to withdraw
"large amounts of cash." Recently ATMs
in Thailand were hacked and 12 Million Baht stolen.
7. Verizon wants $1 Billion discount on Yahoo acquisition deal
after recent scandals: In Issue
84, we discussed - 'Yahoo data breach may have hit over 1 Billion
users'. Verizon, which has agreed to purchase Yahoo for $4.8 Billion, is now
asking for a $1 Billion discount, according to recent reports. It is also
possible that the deal may just fall through. The acquisition deal is supposed
to close early next year, merging Yahoo's search, advertising, content, and
mobile operations with AOL to reach 1 Billion users.
8. Mac Malware can secretly spy on your Webcam and Mic: The researcher who build ransomware blocker for Mac
called 'Ransomwhere?',
has discovered a way for Mac malware to tap into live feeds from Mac's built-in
webcam and microphone to locally record without detection. He has developed and
released a free tool, dubbed OverSight, which not only monitors webcam and
microphone activities but also alerts the user when a secondary process
accesses the webcam. Oversight is a free to download, the other low-tech way
to keeping snoopers away is to tape
the webcam like Mark Zuckerberg does.
9. Hack a computer just using an Image: Researchers have disclosed a critical zero-day
vulnerability in the JPEG 2000 image file format parser implemented in OpenJPEG
library, which could allow an attacker to remotely execute arbitrary code on
the affected systems. Hackers can exploit the security vulnerability by
tricking the victim into opening a specially crafted, malicious JPEG2000 image
or a PDF document containing that malicious file in an email. Once downloaded
to the system, it would create a way for hackers to remotely execute malicious
code on the affected system. The vulnerability is categorized as a
high-severity bug and has been fixed in the latest release of OpenJPEG.
10. FBI seeking access to another locked iPhone: Months after the controversial battle of Apple
v/s FBI, now FBI is seeking access to iPhone of the criminal who
stabbed 10 people in a Minnesota mall before being killed. Last time FBI spend
more than million dollars to access the iPhone of the terrorist but got nothing
valuable in return.
No comments:
Post a Comment