1. Madison Square Garden admits hackers spent a year
harvesting visitor credit-card data:
Card issuing banks noticed suspicious patterns and notified MSG. After
investigation, MSG has revealed that for a year malware has been capturing
payment-card data from a system that processes payments for several of its
properties. MSG warned customers that the breach had exposed customer data held
on the magnetic strip of credit cards, including card numbers, cardholder
names, expiration dates, and internal verification codes. Exact number of victims
is not known, though it is known fact that millions of people visit MSG every
year.
2. Hackers attack Canada Army site, redirect visitors to
China: Canada’s Defense Ministry has
confirmed that hackers recently attacked its armed forces recruitment website
and changed configurations redirecting visitors to the Chinese government’s
official page instead, says a Reuters report. Canadian authorities have in the
past complained of the country’s official network being frequently targeted by
hackers. An official complaint had even been lodged with Beijing in 2014 about
Chinese hackers compromising a key network system.
3. FBI hacked into 8,000 Computers in 120 Countries using a
single warrant: While investigating a
child pornography website, the FBI used a malware on the site to gather details
of all its visitors. FBI admitted in a court filing that they used the single
warrant to hack 8000 computers in 120 countries.
4. Hackers are targeting ATMs and stealing wads of cash: Issue
79 - we discussed - 'ATMs in Thailand hacked; 12 Million Baht stolen'.
Now according to a Russian cyber security firm, cyber crooks have remotely
infected ATMs with malware in more than dozen countries across Europe this
year, which forces machines to spit out cash. The world's two largest ATM
manufacturers, Diebold Nixdorf and NCR Corp., said they were aware of the ATM
attacks and had already been working with their customers to mitigate the
threat.
5. Telecrypt Ransomware cracked, free Decryptor released: TeleCrypt, is a typical ransomware. For Russian victims,
the blackmailing message is in Russian and they demand a ransom of 5,000 rubles
($77). Some of its unusual features are that it abuses Telegram Messenger's
communication protocol to send decryption keys and other communication. If the
victim has an unencrypted version of the file, Researchers can use this as an
sample to generate the decryption key and thus easily crack this Ransomware.
6. Locky ransomware spreading on Facebook Messenger via JPG
file: Early part of last week - it was
reported that a Malware in the form of .SVG image files was being spread using Facebook
Messenger. Compromised FB accounts were extensively used to spread the Malware.
Later part of last week - experts discovered how cyber criminals are hiding
malware in image files, and how they are executing the malware code within
these images to infect social media users with Locky variants. We discussed
Locky way back in Issue
52, it has since become the biggest and most common Ransomware.
7. Stampado ransomware gets worm-like techniques to spread
in network: Stampado ransomware is
available for sale on the dark web for $39, the seller describes this as a easy
to manage ransomware with life time license. This ransomware also has capabilities
to spread in the network like a worm and re-encrypt already encrypted files. It
installs itself in the %AppData% folder under the name scvhost.exe, a slight deviation on a genuine Windows process named svchost.exe, and creates a registry
entry to load automatically. Researchers advise victims not to pay the ransom,
stating that it's possible to decrypt files infected by Stampado on their own.
8. Headphones can be used to Spy - even with disabled
Microphone: Issue
70, we saw the picture of Mark Zuckerberg with his laptop’s Webcam and
Microphone taped for Privacy. Researchers have now shown that even if one tapes
his camera and microphone, it is possible to turn headphones into a microphone
by turning the output channel on the laptop for input signal, in order to spy
on all the conversations in the background without user's knowledge. This
malware is dubbed as 'Speake(a)r'.
9. NTP DoS exploit released: A proof-of-concept (PoC) exploit for a critical
vulnerability in the Network Time Protocol daemon (ntpd) has been publically
released that could allow anyone to crash a server with just a single
maliciously crafted packet. The vulnerability has been patched by the Network
Time Foundation with the release of NTP 4.2.8p9, which includes a total of 40 security
patches, bug fixes, and improvements.
PM Modi urges India to go Cashless / Less-Cash: After the demonetization process started 3 weeks ago, there has been a
great push towards cashless society, while this is a welcome move - the experts
are cautionary. They say that Cyber Security is clear and present danger and it
is here to stay. Major concerns include - Card cloning, Malware infections,
Card theft and misuse. Building awareness can help in keeping the crime under
check. If these security issues result in declined / failed transactions -
people will revert to the older ways of handling cash, slowing down the process
of going cashless