1. Rahul Gandhi and Indian National
Congress' Twitter accounts hacked: Last
week, Congress party, the key opposition party in India, confirmed that the
official Twitter accounts of its vice-president Rahul Gandhi had been hacked.
In less than 24 hours, Congress party's Twitter account was also hacked. A
series of offensive posts were posted on the party's account. In the recent
past, several celebrities like Facebook
CEO, Google
CEO, Twitter's
CEO, Twitter's
ex-CEO etc have had their Twitter accounts hacked. Courtesy the recent
big hacks and high volume password dumps from sites like Yahoo,
LinkedIn,
MySpace,
Tumblr,
etc, there are more than 1 Billion passwords available on the net. This coupled
with the human tendency to reuse most of the passwords, allows hackers to
easily break into Twitter and other social media accounts.
2. San Francisco Metro system hacked with
Ransomware; resulting in free rides: The
fare system of San Francisco's Metro got hacked by ransomware and station
screens across the city started displaying a message that reads: "You Hacked,
ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681
,Enter." Trains themselves were not affected by the malware attack. Though
it is yet not clear exactly who was responsible for the attack, but according
to local media reports, $73K was paid in Bitcoins to get the key and put the
Fare system back to normal. Issue
52 - A LA Hospital has paid $17K in Ransom.
3. Over 1 Million Google Accounts hacked by
'Gooligan' Android malware: A new
Android malware Dubbed 'Gooligan', has already breached more than 1 Million
Google accounts. The malware roots vulnerable Android devices to steal email
addresses and authentication tokens stored on them. Armed with this
information, the attackers are able to hijack the user’s Google account. The
malware is part of legitimate-looking Android apps on 3rd-party app stores,
when users download these apps, their device is compromised. Once installed the
malware also tries to generate revenue for its master by downloading some apps
and writing reviews on behalf of the user.
4. Cyber-attack knocks nearly a Million
Routers offline: More than 900,000
broadband routers belonging to Deutsche Telekom users in Germany were knocked
offline over last weekend following a supposed cyber-attack, affecting the
telephony, television, and internet service in the country. The hackers used Mirai
Botnet and the ports/protocols that were meant for the ISP to manage
the device remotely - to knock the routers off. Most of the routers were using
default passwords. Experts recommend to avoid using default passwords in any
internet facing device.
5. Rule 41 — FBI gets expanded Power to
hack any computer in the World: Hacking
multiple computers across the world just got easier for the United States
intelligence and law enforcement agencies. The changes introduced to the Rule
41 grants the FBI much greater powers to hack into multiple computers within
the country, and perhaps anywhere in the world, with just a single warrant
authorized by any US judge. Issue
92 - we saw " FBI hacked into 8,000 Computers in 120 Countries
using a single warrant".
6. Hacker who exposed Steubenville rape
faces longer Prison term than rapists: In 2012, Steubenville (Ohio)
high school's football team players gang-raped an unconscious teenage girl and
took photographs of the sexual assault. In December 2012, a member of the
hacker collective Anonymous hacked into the Steubenville High School football
fan website and leaked some evidence of the rape, including a video taken and
shared by the crime's perpetrators in which they joked about the sexual
assault. The rapists who were 16 years at that time were sentenced to 2 years
in jail. In 2013, FBI arrested the hacker who now faces 10 years in prison, the
sentencing is scheduled in Mar'17.
7. Anonymous Hacktivist 'Barrett Brown'
released from Prison: Barrett Brown was
arrested in 2012 for hacking and leaking 200GB data from a 'geopolitical
intelligence and consulting firm' called Stratfor. The leaked data largely
contained Emails, Credit Card Numbers and client lists. The hackers used the
stolen credit card information to make donations to various charities exceeding
one million dollars. Brown was convicted for five years in jail and nearly
$900,000 in restitution and fines. He was released last week.
8. Researcher shows how to bypass
BitLocker: Any laptop that relies on
Windows BitLocker Hard Drive Encryption software can be easily hacked if the
hacker gets physical access to the device and holds SHIFT+F10 during Windows 10
update procedure. This will allow the hacker to get CLI access and full access
to the computer's hard drive, even when the user has enabled BitLocker disk
encryption feature. Experts recommend users not to leave their PCs unattended
during the update procedure.
9. Firefox Zero-Day exploit to unmask Tor
users released online: Tor (The Onion Router) is an anonymity software that not
only provides a safe haven to human rights activists, journalists, government
officials, but also is a place where drugs, assassins for hire, child
pornography, and other illegal activities has allegedly been traded. Tor is a
repackaged version of Mozilla Firefox web browser. A JavaScript zero-day
exploit is currently being used to Unmask the identity of TOR users via a
memory corruption flaw in Firefox.
10. Malware used to steal Tesla car: Last week, researchers showed an easy way to steal a
Tesla car. Tesla app generates an OAuth token when a Tesla owner logs in to the
Android app for the first time and this token is stored in clear text in the
device’s system folder to help the user access the app without credentials
every time he logs into the app. Researchers have shown that if a Tesla owner's
phone is infected with Android malware and hackers access the OAuth token, the
hacker can locate, unlock and drive away a Tesla Model S. Tesla says it is not
the issue with its product but common social engineering tricks used by
attackers to first compromise victim's phone, rooting the device and then
altering its apps data. Issue
83 – “ Tesla car hacked by
Chinese security firm from 19km away using 'malicious' Wi-Fi hotspot”
Dude are you just scraping thehackernews.com site and publishing these articles?
ReplyDelete