1. Github accounts Hacked: Popular code repository site GitHub is warning that a number of
users' accounts have been compromised by unknown hackers reusing email addresses
and passwords obtained from other recent data breaches. The recent widespread
"mega breaches" of LinkedIn,
MySpace,
Tumblr,
and the dating site Fling, that have dumped more than 642 Million passwords
over the past month is the cause. Last issue we discussed a similar 'Password
reuse attack', wherein Mark
Zuckerberg’s Twitter and Pinterest accounts were hacked.
2. Acer online store hacked, a year's worth of credit cards
stolen: Acer has informed the
authorities that its online store was attacked by hackers. Acer admitted that
an unauthorized outside party had taken a year's worth of full credit card
data, names and addresses between mid-May 2015 and late-April this year. The
company said it hasn't found any evidence yet that passwords or logins were
affected, but didn't outright rule it out. Similar news - Canadian media giant
VerticalScope admitted it had been hacked, leaking close to 45 million users'
details, including email addresses and passwords.
3. 51 Million accounts leaked from iMesh file sharing service: A defunct peer-to-peer file sharing service called iMesh
has been hacked and its data has been leaked by the same Russian hacker who was
behind the massive breaches in some of the most popular social media sites
including LinkedIn,
MySpace,
Tumblr,
and VK.com.
It is estimated that the breach took place in Sep'13. This can potentially
result in many more 'Password reuse
attacks', it is high time users change their online passwords and have
different passwords for different accounts.
4. Russian Hackers Breach Democrats to steal data on Trump: Russian hackers, have compromised the networks of the
Democratic National Committee (DNC), particularly targeting "opposition
research" information on GOP candidate Donald Trump. The intruders so
thoroughly compromised the DNC’s system that they also were able to read all
email and chat traffic. Hillary Clinton was also targeted in the attack.
5. Insider threat - US charges Chinese ex-IBM employee with Espionage: The US federal authorities have boosted charges against a
former IBM Corp. software developer in China for allegedly stealing valuable
source code from his former employer in the US. The Chinese national was
arrested by the FBI in December last year, when he was charged with just one
count of theft of a trade secret. However, he has been charged with six counts
now including three counts of economic espionage and three counts of theft of a
trade secret. If convicted he could face up to 75 years in prison.
6. Android Ransomware now targets your Smart TV: After targeting hospitals, universities, and businesses,
Ransomware has started popping up on Smart TV screens. A new version of the
Frantic Locker (better known as FLocker) Ransomware has now the ability to
infect and lock down your Smart TVs until you pay up the ransom. After infection
the C&C delivers the payload and a HTML file with a JavaScript (JS)
interface enabled. This HTML page has the ability to initiate malware
installation, take photos of the affected user using the JS interface, and
display the photos taken in the ransom page.
7. For $6, buy access to hacked Govt. server: Experts have exposed an underground trading platform that
is selling access to compromised servers of governments, businesses and
universities at a price starting as low as $6. Inventory offered- 70,000
servers from 173 countries. They also sell add-ons such as -software designed
to launch denial-of-service and spam campaign attacks on networks, break into
online or retail payment systems and illegally produce Bitcoin.
8. Ponemon report on Data breaches: The average cost of breaches at organizations has jumped
past $4 million per incident, a 29% increase since 2013 and 5% increase since last
year. The study found that average dwell
time for breaches stands at 201 days, with organizations requiring another
70 days to contain breaches once they'd been identified. The cost per record
lost is at $158 for unprepared organizations and $16 for the ones that are
prepared. A ponemon study in Sep’15 confirmed that 3
out of 4 organizations aren't 'resilient' to cyber-attacks.
9. North Korean hackers
steal thousands of military files from S. Korea: Hackers aligned with North Korea have always been
accused of attacking and targeting South Korean organizations, financial
institutions, banks and media outlets. Recent reports indicate that North
Korean hackers have hacked into more than 140,000 computers of at least 160
South Korean government agencies and companies, and allegedly injected malware
in the systems.
10. Indian defense forces on alert after Chinese cyber-attack: A cyber-attack on
government and commercial organizations in India by Chinese military, has
raised alarm bells. An alert has been issued to the Indian Army, Navy and Air
Force that a Chinese Advanced Persistent Threat (APT) group called Suckfly, is
targeting Indian organizations. India’s defense establishment is its prime
target. Sensitive information is exfiltrated, and this information is being
used to undermine the national security and economic capabilities. India keeps
a tight vigil on Pakistani
hackers as well.
Great post! Interesting information and cute writing style http://awriter.org/custom-writing-org-review/
ReplyDelete