Sunday, November 27, 2016

Issue 92- Week of Nov 21st


1.      Madison Square Garden admits hackers spent a year harvesting visitor credit-card data: Card issuing banks noticed suspicious patterns and notified MSG. After investigation, MSG has revealed that for a year malware has been capturing payment-card data from a system that processes payments for several of its properties. MSG warned customers that the breach had exposed customer data held on the magnetic strip of credit cards, including card numbers, cardholder names, expiration dates, and internal verification codes. Exact number of victims is not known, though it is known fact that millions of people visit MSG every year.

2.      Hackers attack Canada Army site, redirect visitors to China: Canada’s Defense Ministry has confirmed that hackers recently attacked its armed forces recruitment website and changed configurations redirecting visitors to the Chinese government’s official page instead, says a Reuters report. Canadian authorities have in the past complained of the country’s official network being frequently targeted by hackers. An official complaint had even been lodged with Beijing in 2014 about Chinese hackers compromising a key network system.

3.      FBI hacked into 8,000 Computers in 120 Countries using a single warrant: While investigating a child pornography website, the FBI used a malware on the site to gather details of all its visitors. FBI admitted in a court filing that they used the single warrant to hack 8000 computers in 120 countries.

4.      Hackers are targeting ATMs and stealing wads of cash: Issue 79 - we discussed - 'ATMs in Thailand hacked; 12 Million Baht stolen'. Now according to a Russian cyber security firm, cyber crooks have remotely infected ATMs with malware in more than dozen countries across Europe this year, which forces machines to spit out cash. The world's two largest ATM manufacturers, Diebold Nixdorf and NCR Corp., said they were aware of the ATM attacks and had already been working with their customers to mitigate the threat.

5.      Telecrypt Ransomware cracked, free Decryptor released: TeleCrypt, is a typical ransomware. For Russian victims, the blackmailing message is in Russian and they demand a ransom of 5,000 rubles ($77). Some of its unusual features are that it abuses Telegram Messenger's communication protocol to send decryption keys and other communication. If the victim has an unencrypted version of the file, Researchers can use this as an sample to generate the decryption key and thus easily crack this Ransomware.

6.      Locky ransomware spreading on Facebook Messenger via JPG file: Early part of last week - it was reported that a Malware in the form of .SVG image files was being spread using Facebook Messenger. Compromised FB accounts were extensively used to spread the Malware. Later part of last week - experts discovered how cyber criminals are hiding malware in image files, and how they are executing the malware code within these images to infect social media users with Locky variants. We discussed Locky way back in Issue 52, it has since become the biggest and most common Ransomware.

7.      Stampado ransomware gets worm-like techniques to spread in network: Stampado ransomware is available for sale on the dark web for $39, the seller describes this as a easy to manage ransomware with life time license. This ransomware also has capabilities to spread in the network like a worm and re-encrypt already encrypted files. It installs itself in the %AppData% folder under the name scvhost.exe, a slight deviation on a genuine Windows process named svchost.exe, and creates a registry entry to load automatically. Researchers advise victims not to pay the ransom, stating that it's possible to decrypt files infected by Stampado on their own.

8.      Headphones can be used to Spy - even with disabled Microphone: Issue 70, we saw the picture of Mark Zuckerberg with his laptop’s Webcam and Microphone taped for Privacy. Researchers have now shown that even if one tapes his camera and microphone, it is possible to turn headphones into a microphone by turning the output channel on the laptop for input signal, in order to spy on all the conversations in the background without user's knowledge. This malware is dubbed as 'Speake(a)r'.

9.      NTP DoS exploit released: A proof-of-concept (PoC) exploit for a critical vulnerability in the Network Time Protocol daemon (ntpd) has been publically released that could allow anyone to crash a server with just a single maliciously crafted packet. The vulnerability has been patched by the Network Time Foundation with the release of NTP 4.2.8p9, which includes a total of 40 security patches, bug fixes, and improvements.

PM Modi urges India to go Cashless / Less-Cash: After the demonetization process started 3 weeks ago, there has been a great push towards cashless society, while this is a welcome move - the experts are cautionary. They say that Cyber Security is clear and present danger and it is here to stay. Major concerns include - Card cloning, Malware infections, Card theft and misuse. Building awareness can help in keeping the crime under check. If these security issues result in declined / failed transactions - people will revert to the older ways of handling cash, slowing down the process of going cashless


4 comments:


  1. I tried this software, it is a good and high quality, but the tracking interface is not convenient for me. Recently I found other software http://copy9.com/android-spy-apps/, use for 3 months, I like everything. Can someone come in handy. Good luck to you.

    ReplyDelete
    Replies
    1. dfg df
      real hacker my icq: 659915666
      email: hacktorich@gmail

      spy on cell phone, computer,want to hack email,Upgrade Your WAEC Result,take root privilege of any server
      Cpanel + SMTP + scam page + shell + RDP + roots + mailer + email Extractor + fresh lead, + exploits + doc-pdf exploits for .exe converting + any kind of spyware keylogger + sql advance tools for shop admins

      http://hacktoladen.blogspot.com/
      site

      icq: 659915666
      email: hacktorich@gmail

      >>> Randome Tools <<<
      simple ip smtp: 12 $
      domain smtp : 15 $
      cPanel : 12 $
      WHM : 35 $
      Rdp : 25 $
      Root : 40 $
      Ftps : 10$
      scame page : 25 $
      telnet host : 15 $
      Shells : 5 $
      Leads : 10$ 10k
      Latter : 3 $
      PhP Mailer : 8 $

      icq: 659915666
      email: hacktorich@gmail

      real hacker my icq: 659915666
      email: hacktorich@gmail

      spy on cell phone, computer,want to hack email,Upgrade Your WAEC Result,take root privilege of any server
      Cpanel + SMTP + scam page + shell + RDP + roots + mailer + email Extractor + fresh lead, + exploits + doc-pdf exploits for .exe converting + any kind of spyware keylogger + sql advance tools for shop admins

      http://hacktoladen.blogspot.com/
      site
      icq: 659915666
      email: hacktorich@gmail

      >>> Randome Tools <<<
      simple ip smtp: 12 $
      domain smtp : 15 $
      cPanel : 12 $
      WHM : 35 $
      Rdp : 25 $
      Root : 40 $
      Ftps : 10$
      scame page : 25 $
      telnet host : 15 $
      Shells : 5 $
      Leads : 10$ 10k
      Latter : 3 $
      PhP Mailer : 8 $

      icq: 659915666
      email: hacktorich@gmail
      real hacker my icq: 659915666
      email: hacktorich@gmail

      spy on cell phone, computer,want to hack email,Upgrade Your WAEC Result,take root privilege of any server
      Cpanel + SMTP + scam page + shell + RDP + roots + mailer + email Extractor + fresh lead, + exploits + doc-pdf exploits for .exe converting + any kind of spyware keylogger + sql advance tools for shop admins

      http://hacktoladen.blogspot.com/
      site
      hgj fghj fghj

      Delete
  2. I agree with, of course, all of these varients of solving that issue are great, but as for me, it is much easier just to use this app https://9spyapps.com/hidden-call-recorder/. It works very stable and good, try it.

    ReplyDelete
  3. Hello All
    I'm offering following hacking services
    ..hacking Tools
    ..Spamming Tools
    ..Scam pages
    ..spam tools scanners make your own tools
    ..Keyloggers+fud+xploits

    Other hacking svs
    ..Western union Trf
    ..wire bank trf
    ..credit / debit cards
    ..Perfect Money / Bintcoing adders
    ..email hacking /tracing
    ..Mobile hacking / mobile spam

    Fake peoples have just words to scam peoples
    they just cover their self that they are hacker
    but when you ask them a questions they don't have answer
    they don't have even knowledge what is hacking
    am dealing with real peoples who interested and honest
    also teaching hacking subjects in reasonable price
    with private tools and proof.

    Availability 24/7 contact only given below addresses
    salvrosti@gmail.com
    salvrosti@yahoo.com
    Icq: 718684828
    Skype: live:Salvrosti

    ReplyDelete