Sunday, December 11, 2016

Issue 94- Week of Dec 5th


1.      NDTV and Vijay Mallya hacked: Days after a hacking group called Legion hacked Rahul Gandhi and INC's Twitter accounts, they went on to hack India's famous loan defaulter Vijay Mallya's Twitter account. Mallya is based in London for the past 9 months. This morning the news broke out that Senior journalist Ravish Kumar’s and NDTV Barkha Dutt's official Twitter handle has also been hacked by ‘Legion’. In a tweet Legion has threatened to release over 1TB of confidential data and also said the next attack will be on Lalit Modi - Another absconder of Indian Law based in London.

2.      Daily Motion Hacked: 85 million accounts hacked,  Email addresses, usernames and some passwords were stolen. If you have an account with Daily Motion, kindly reset your password and if you were using the same password across many sites - it is time you reset all your passwords. It is safer not to reuse passwords across various platforms. Daily Motion was in news last year for serving malvertising to its visitors.

3.      'Distributed Guessing Attack' hacks Visa card in 6 seconds: Researchers at Newcastle University have built a toolkit which can guess a Visa card’s details such as Expiry date and CVV number in 6 seconds. The tool will send different values to different e-commerce websites and will get confirmation from one of them. For e.g. to guess the expiry date, the tool will send different dates to 60 e-commerce sites, for CVV number it sends the request 1000 times to these e-com sites. This attack works on Visa as it does not detect multiple incorrect attempts across different sites. MasterCard has a centralized payment network and they can detect such frauds quickly.

4.      'Popcorn Time' Ransomware launches victim reference program: Like any other Ransomware, Popcorn Time also encrypts the files and demands ransom in bitcoins. The unusual aspect of this Ransomware is that it offers the victims the decryption key for free- if the victims can infect 2 others and get them to pay the Ransom. All the victim has to do is to send a link shared by the hackers to 2 other people, if they pay after getting infected the victim will get his files back for free.

5.      Stegano malvertising discovered: Researchers have discovered a Malvertising campaign dubbed Stegano, which has remained undetected for nearly 2 years now. Hackers hid the exploit code inside the Image's Alpha channel, packaged it as an Ad and managed to display this ads in several popular websites - potentially infecting millions. Whenever a user visits a site that is hosting this malware, the exploit kit reports system info to C&C server. Depending the system vulnerabilities like unpatched browsers or flash players, the malware can do a silent redirect to a malicious site to download the dropper file and infect the system. It could either lead to Ransomware or stealing of local data. Spotify was hit by Malvertising recently.

6.      Yahoo flaw allows access to any Yahoo Inbox: As part of its bug bounty program, a researcher was awarded $10k for discovering and privately reporting a XSS bug that allowed the attacker to view any Yahoo mail box. The bug has since been fixed. The researcher said that finding the bug was difficult but exploiting it was very easy as it only requires to send a specially crafted email to the victim.

7.      Linux Kernel Local Privilege Escalation Flaw Discovered and patched: A critical, local code-execution vulnerability in the Linux kernel was patched last week, this bug has been around since 2011. This bug allowed a local attacker to gain kernel code execution from unprivileged processes. Issue 87 - we saw a nine year old Linux bug called 'Dirty COW'  - being discovered and patched.

8.      Gamification of DDoS attacks: A hacker group in Turkey is inviting users to launch DDoS attacks on identified targets and win points in return. These points can be accumulated and redeemed to win various hacking tools. Dubbed 'Sath-ı Müdafaa', this attack was discovered by Forcepoint researchers.

9.      Red Star OS can be hacked: North Korea's Linux operating system called Red Star can be easily hacked by just sending it a link. Ever since the full install of Ver 3.0 was leaked outside North Korea - researchers have been regularly finding holes in this OS. This OS was designed to keep the western OS out as North Koreans find them suspicious. Red Star is strikingly similar to Mac OS and this severe vulnerability was found in its Firefox derived browser called Naenara 3.5.

Uber wants to track your location 5 mins after the ride: Earlier in the year - Uber was tracking the battery life of a user's phone and charging differently. They believe a person with low battery is likely to accept a higher price for a ride than a person with full battery life. Now with the latest App, Uber wants to track the users even after the ride is over, so that they can offer the most precise transportation service around. In the latest version of the app, a popup will ask the users to 'allow / don't allow', location access even when they are not using the App.

No comments:

Post a Comment