1. Medical procedures cancelled after network attack: Hundreds of planned operations, outpatient appointments,
and diagnostic procedures have been canceled at multiple hospitals in Lincolnshire,
England, after a "major" computer virus compromised the National
Health Service (NHS) network last week. Some patients, including major trauma
patients and high-risk women in labor, were diverted to neighboring hospitals.
Although the majority of systems are now back and working, the NHS Trust has
not provided any specific information about the sort of virus or malware or if
it managed to breach any defense. Issue
52 - we discussed the Ransomware
attack in which Hospital paid hackers $17,000 in Bitcoins.
2. Hack attacks cut internet access in Liberia: A small African country - Liberia, has been repeatedly
cut off from the internet by hackers targeting its only link to the global
network. Experts said the same group that caused world-wide
disruption recently is behind this hack. Mirai
botnet have been used in this attack and vulnerable IoTs continue to be misused
to launch massive DDoS attacks. Most IoT users are unaware that a simple step
like changing default password can go a long way in making the world far more
secure that it is now. The other steps can be disable universal Plug and Play
(UPnP) & remote management thru’ Telnet.
3. Hacker providing DDoS-for-Hire service arrested: A 19-year student created a tool called ‘Titanium Stresser’-
that offers DDoS as a service. The tool was used to launch hundreds of attacks between
Dec'13 to Mar'15 and also earned him $385K. The hacker was arrested in 2015 and
will be sentenced in Dec'16.
4. Microsoft fires back at Google for Windows 0-Day disclosure: Microsoft says Google's disclosure last week of a
zero-day security vulnerability in Windows prior to a patch being issued put users
"at increased risk." The flaw, which Google revealed under its policy
of reporting bugs after 7 days if they haven't been fixed. The bug is a local
privilege-escalation flaw in the Windows operating system kernel that can be
used to bypass a security sandbox. Some of the hacker groups have been spotted
exploiting this bug already.
5. Cisco job applicants warned of potential mobile site data
leak: Users of Cisco's Professional
Careers mobile site, mjobs.cisco.com, have been warned of a potential leak of
their data, which the networking giant is pinning on an incorrect security
setting. Cisco said the impact was restricted to a "limited set of job
application-related information", however the personal data that could
have been exposed included name, address, race, gender, veteran status,
disability status, username, password, answers to security questions,
education, professional profile, cover letter, and resume text.
6. Tracking cell-phones using Wi-Fi: A controversial cell phone spying tool, known as ‘IMSI catchers’, is used to track and monitor
mobile users by mimicking a cellphone tower and tricking their devices to
connect to them. Sometimes it even intercepts calls and Internet traffic, sends
fake texts, and installs spyware on a victim's phone. In a presentation at BlackHat Europe, researchers have
demonstrated a new type of IMSI catcher attack that operates over WiFi,
allowing anyone to capture a smartphone's IMSI number within a second as the
users' pass by. The captured IMSI would then allow attackers to track the user's
movements. Mobile manufactures have begun working to ensure the future
protection of the IMSI number.
7. MalwareMustDie spotted a new IoT Linux/IRCTelnet malware: Security researchers at MalwareMustDie have discovered a
new malware family designed to turn Linux-based insecure Internet of Things
(IoT) devices into a botnet to carry out massive DDoS attacks. Dubbed ‘Linux/IRCTelnet’,
the nasty malware is written in C++ and, just like Mirai
malware, relies on default hard coded passwords in an effort to infect
vulnerable Linux-based IoT devices. The malware works by brute-forcing a
device's Telnet ports to infect it, which then connects to a malicious IRC
channel and reads commands sent from a command-and-control server.
8. XSS flaw that places millions of websites at risk: An XSS vulnerability discovered on the Wix.com platform
is putting millions of websites and their users at risk of attack. The website hosting
provider, which provides free drag-and-drop website building tools, hosts
millions of websites with 87 million registered users -- and all of which are
currently vulnerable to an XSS bug which can be utilized by attackers to create
worms capable of taking over administrator accounts. This, in turn, gives
attackers full control over websites. A Spokesperson from Wix has confirmed
that the issues have now been addressed.
9. OAuth 2.0 - can be hacked to hijack mobile apps: OAuth 2.0 is an open standard for authorization that
allows users to sign in for other third-party services by verifying existing identity
of their Google, Facebook or other accounts. So, when a user wants to log into
a travel app, he can request Facebook to authenticate him. Facebook sends a
'Access Token' to the user which is forwarded to the travel app. Now
Researchers have found a loophole - the hacker can download the travel app,
change the username to the person he wants to hack and request for the token from
Facebook and get access to the user's data on the travel app. The Researchers
presented their research paper at BlackHat
Europe conference last week.
10. Jharkhand emerges hotbed of low-tech cyber-crimes: Jamtara, a predominantly tribal district in Jharkhand is
one of the biggest centers of organized cyber-crime in India. As per estimates,
close to 150 gangs are involved in developing cyber fraud as a cottage
industry. There are training centers in Jamtara, where for as low as ₹7000
($100) for a four day training - hackers are taught to make fake phone calls,
mostly in the guise of a bank employee, and seeking information like the CVV or
ATM pin for urgent account verification. This is followed by prompt illegal
transfer of money. There are also cases of card cloning and Ransomware.
No comments:
Post a Comment