1. Gigantic ad fraud:
A group of Russian hackers are believed to have built a bot called 'Methbot'
that can automatically generate ad views resulting in $3 to 5Million of revenue
per day for themselves. To make things look real - the bot is capable of
spoofing faked clicks, social network login information, and mouse movements.
The hackers run fake websites hosted in Dallas / Amsterdam to run real ads, the
bots generate fake traffic and fool the ad world.
2. Power outage in Ukraine - hackers suspected: Last weekend - Russian hackers are suspected to have
downed the power station in Ukraine rendering half of its capital powerless. The
power station was switched to manual mode and power was restored within 75
minutes. Over the last month - hackers have been attempting the disrupt the
energy and financial infrastructure of Ukraine.
3. Alice malware makes ATM's spit cash: Crooks with physical access to ATMs can insert this
malware called 'Alice' into the ATM via USB. The crooks also connect a keyboard
to authenticate and run their malware which will empty all the cash in the ATM.
Issue
79 - we discussed Thailand ATM hack and in Issue
92 - the European ATM hacks.
4. Post the Russian Ambassador's killing: After the Ambassador was shot dead by an off-duty police
man, conflicting reports in the media have emerged which claim that Apple has
been approached by Turkey/Russia to break the police Man's iPhone 4s. Some
reports claim Apple has not been approached. FBI had approached Apple in the
San Bernardino's attack resulting in the famous Apple
V/s FBI case.
5. Android malware found in Ukraine links Russia to DNC
hacks: An Ukrainian artillery officer
developed an App that could expedite the processing of targeting data for D-30
Howitzers. A Russian hacker group called Fancy
bear managed to insert its malware into this app, thereby compromising
the location of the officers and Howitzers. The same group was held responsible
for the DNC hack in the US, earlier this year.
6. Free Ransomware alert tool: A free tool called 'Ransomfree' has been released which
is capable of alerting the user to take action just before the Ransomware
starts to encrypt the files. The tool currently works for Windows. A similar
tool for Mac called 'Ransomwhere?'
was built by a researcher in April this year.
7. Flaws in In-flight entertainment system detected: A researcher has found holes in the Panasonic Avionics
in-flight system that is used in planes run by 13 major airlines. Using these vulnerabilities
hackers can spoof flight information like map routes, speed statistics,
altitude values, and access credit card information of frequent filers that is
stored in the automatic payment system. In 2015 - a cybersecurity researcher
Chris Roberts caused
an airplane's engine to climb after hacking its software.
8. NSA hack was
insider job: Issue
78 - we discussed the NSA hack by 'The Shadow Brokers' group which
dumped several NSA hacking tools online. Last week an Intelligence report
suggests that this was an insider job rather than outside hack. A rogue NSA
insider just handed over the tools to 'The Shadow Brokers'. It is important for
sensitive organizations to have tools that can monitor and block insider
threats.
9. Security and demonetization: There is widespread increase in digital transactions
across India, which is moving towards a 'less cash' society. The Security
challenges are now being discussed and addressed at various levels. The other
challenges and the areas that need to be immediately addressed are Internet
speeds, bandwidth. India also tops the world in terms of Ransomware attacks
with almost no hacker being convicted to date. The investigations into recent
big hacks in India - 3.2M
debit card details stolen or Legion
attacking Twitter accounts - have yielded no results yet.