1. Tesco Bank hacked: Tesco Bank customers have had their money stolen from
their accounts after the banking arm of UK's biggest retailer fell victim to a
hacking attack last week. As a result of the hack, Tesco Bank had frozen online
transactions for few days, while only allowing the use of credit/Debit cards.
Tesco Bank has confirmed that a total of £2.5 Million was stolen from its 9,000
customers in the cyber-attack, the entire amount has been refunded to the
customers. Further details of the attack are yet to be disclosed and as of now
all account services have returned to normal.
2. Websites of 7 Indian embassies hacked,
database leaked: Indian embassy websites
in seven different countries have been hacked, and attackers have leaked
personal data, including full name, residential address, email address,
passport number and phone number, of Indian citizens living abroad. This
incident is extremely worrying because it involves diplomatic personnel working
in the embassies that have always been a favorite target of state-sponsored
hackers launching cyber espionage campaigns. Security pen-testers have claimed
responsibility for the hack and apparently the reason behind the hack was to
force administrators to consider the cyber security of their websites
seriously.
3. 5 major Russian Banks hit with powerful
DDoS attacks: Distributed Denial of
Service (DDoS)
attacks have risen enormously in past few months, and mostly they are
coming from hacked and insecure IoT. Recently, a similar DDoS attack against DNS
provider Dyn brought down a large chunk of the Internet. Researchers
said more than a half of the IoT botnet devices used in this attack, were
situated in the United States, India, Taiwan, and Israel. In a similar but
separate incident, a DDoS attack through hacked IoT devices
led to the disruption of the heating systems for at least two apartments in
Finland, literally leaving their residents in subzero weather. It is advised to
change the default settings and credentials of IoT devices and always protect
the devices behind a firewall.
4. Recruitment firm hacked: Michael Page, a global recruitment consultancy, has been
hacked and a wide range of personal information on 710,000 applicants has been
stolen. The company has formally admitted the attack. The leaked personal
information includes full names, email address, telephone numbers, locations,
sectors, job types and current positions. The company claimed in the statement
that due to the nature of the data, there is limited risk of fraudulent
activity, they also confirmed that no other data was compromised.
5. Gone in 60 seconds - Google phone
hacked: At the 2016 PwnFest - the brand
new Android smartphone launched by Google just a few months back has been
hacked by Chinese hackers in less than a minute. The team demonstrated a
proof-of-concept exploit that used a zero-day vulnerability in order to achieve
remote code execution (RCE) on the target smartphone. They also won $120K for
this effort, Google will now work to patch the vulnerability.
6. Hackers launch targeted Cyberattacks
hours after Trump’s win: Merely a few
hours after Donald Trump declared his stunning victory, a group of hackers that
is widely believed to be Russian and was involved in the breach
of the DNC (Democratic National Committee) launched a wave of attacks
against dozens of people working at universities, think tank tanks, NGOs, and
even inside the US government. It is very common for hackers to use major world
events to spread malware.
7. Facebook buys leaked Passwords from Black
Market: According to Facebook's Chief
Security Officer, the company buys passwords that hackers are selling in the
black market and cross-references them with encrypted passwords used on their
platform. Facebook then asks the users to re-think the password and change it.
While Password reuse is a big cause of harm on the internet, weak passwords
like '12345'/'password' add to the problem.
8. Russian court bans LinkedIn in Russia;
Facebook and Twitter could be next:
According to a new Russian data protection law, foreign tech companies are
required to store the personal data of its citizens within the country. As
LinkedIn violated this law, it will be banned in Russia. Other bigger
companies, including WhatsApp, Facebook, and Twitter, could be next on the list.
Some of the companies, including Google, Apple, and Viber, have reportedly
moved some of their servers to Russia. LinkedIn, which has some 5 Million users
in Russia, is considering arrangements that will allow it to avoid the ban. It
could also appeal against the court's decision.
9. SWIFT Hack: Bangladesh Bank recovers $15
Million from a Philippines Casino: Part
of the $81
Million stolen in February from Bangladesh bank's New York Federal
Reserve account earlier this year in the wake of the major malware attack on
the SWIFT interbank transfer network has been tracked down to a casino in the
Philippines and has been recovered.
No comments:
Post a Comment