Hackers claim to leak Ukrainian Ministry of Defense emails




“Hackers from Cyber Berkut group are claiming to hack and leak personal emails belonging to Colonel V.M. Pushenko. of the Ukrainian Ministry of Defense.”


Turkish Hacker Hacks United Nation Sub-Domain against Gaza Attacks.





“A Turkish hacker going with the handle of Turk Guvenligi has hacked and defaced the official sub-domain of United Nation Civil Society Participation (iCSO), against Israeli attacks on Gaza.”


Israeli TV hijacked by Hamas hackers


Graham Cluley



“Some satellite TV viewers in Israel got a surprise on Monday, when their regular programming was interrupted by an unscheduled transmission calling for an end to Israeli airstrikes in Gaza.

Al-Qassam Brigades, the military wing of the Palestinian political organisation Hamas, claimed responsibility for the hack, which took over the satellite feed of Channel 10 for a few minutes to broadcast images of wounded civillians and propaganda messages directed at Israeli citizens.”


Anonymous asks Elite hackers to join them in a massive cyber attack on Israel





“The online hacktivist Anonymous has a message for Israeli government in which the group has asked elite hackers from around the world to join them and conduct a massive cyber attack against the state of Israel.”


Six men charged in StubHub cyber-theft case




“Six individuals have been charged in the US in connection with an international cybercrime ring that was able to take over StubHub user accounts, steal personal identifying information, use victims’ credit cards to make fraudulent electronic ticket purchases, and transfer the proceeds through a global network of accomplices in the United States, United Kingdom, Russia, and Canada. Stubhub was defrauded of around $1 million.


Intentional backdoors in iOS devices uncovered


Zejlka Zorz



“A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.”


Pushdo Trojan infects 11,000 systems in 24 hours




“Bitdefender has discovered that a new variant of the Trojan component, Pushdo, has emerged. 77 machines have been infected in the UK via the botnet in the past 24 hours, with more than 11,000 infections reported worldwide in the same period. The countries most affected so far by the Pushdo variant are India, Vietnam and Turkey.”


Botnets gain 18 infected systems per second


Zejlka Zorz



“"According to industry estimates, botnets have caused over $9 billion in losses to US victims and over $110 billion in losses globally. Approximately 500 million computers are infected globally each year, translating into 18 victims per second," Joseph Demarest, assistant director for FBI's Cyber Division, has shared on Tuesday with the US Senate subcommittee on crime and terrorism.”


Digital fraudster ‘tetereff' gets five years hard time


Alastair Stevenson



“Estonian hacker Andrei Sergejev has been sentenced to five years in prison, following his arrest in March 2012. The UK National Crime Agency (NCA) announced his sentencing in a statement on Wednesday. The sentencing comes one month after Sergejev, known as "tetereff" online, pleaded guilty to 12 charges.”


100+ DDoS events over 100GB/sec reported this year




“Arbor Networks released global DDoS attack data derived from its ATLAS threat monitoring infrastructure. The data shows an unparalleled number of volumetric attacks in the first half of 2014 with over 100 attacks larger than 100GB/sec reported.”


Selectively re-using bad passwords is not a bad idea, researchers say


Zeljka Zorz



“For all the repeated advice to use different, complex password for each online account, users are still opting for easy-to-guess, short ones and use them repeatedly across many websites and online services.”


Almost 70 Percent of Critical Infrastructure Companies Breached in Last 12 Months: Survey


Brian Prince



“New research from Unisys and the Ponemon Institute underscores that many critical infrastructure companies remain challenged when it comes to security.”


Mobile Threat Monday: Fake Google Messenger Reads Your Texts, Records Your Calls


Max Eddy



“Malwarebytes says that this malicious app is called "Google Korean IM." During installation, it requests Device Administrator access. Some Android users might not recognize this as problematic, but granting that level of access gives the app far-ranging powers over your phone. Device Admin apps can, for example, lock your phone or completely wipe it. Usually, we only see security apps or certain Google apps requesting this level of access.”


Source code for tiny 'Tinba' banking malware leaked


Jeremy Kirk



“The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.”


Breaches exposed 22.8 million personal records of New Yorkers




“Attorney General Eric T. Schneiderman issued a new report examining the growing number, complexity, and costs of data breaches in the New York State.”



Nearly 70% of critical infrastructure providers suffered a breach




“New research from Unisys finds alarming gaps in the security of the world's critical infrastructure. Nearly 70 percent of companies surveyed that are responsible for the world's power, water and other critical functions have reported at least one security breach that led to the loss of confidential information or disruption of operations in the past 12 months.”



Consumers don't trust any industry with their personal data




“U.S. consumers have little faith that companies are able to keep their person data safe. The sentiment crosses nearly all industries with consumers saying that the lack of trust will likely affect purchase habits, according to Radius Global Market Research.”

Spamhaus pushes for arrests of alleged DDoS participants


Jeremy Kirk



“An antispam organization is pushing for quick law enforcement action against five people it alleges took part in one of the largest cyberattacks on record that caused Internet outages throughout Europe early last year.”

Computer whizzkid jailed for failing to provide password after cyber attacks on police


Rob Kennedy



“A computer whizzkid suspected of trying to hack into police websites has been jailed for refusing to hand over his password in the interests of national security. University student Christopher Wilson caused the Northumbria Police website to shut down after ringing the force using a voice changing device to warn of a cyber attack.”

Brazilian Payment Fraud Campaign Targets Boletos, Steals Millions


Michael Mimoso



“Hackers are targeting Brazil’s Boleto payment system, the second most popular payment method in the country, and have conducted hundreds of thousands of fraudulent transactions, though researchers differ over how much money has been stolen.”

Mobile banking users to exceed 1.75 billion by 2019




“Over 1.75 billion mobile phone users will have used their devices for banking purposes by the end of 2019, compared to 800 million this year, according to Juniper Research.”

Global cloud services market to reach $555 billion by 2020




“The global cloud services market is expected to grow at a CAGR of 17.6% from 2014 to 2020, reaching a market size of $555 billion in 2020, according to Allied Market Research.”

Estimated $3.75bn stolen by Brazil fraud ring


Zeljka Zorz



“An estimated $3.75 billion have been netted by a single fraud ring that took advantage of a popular Brazilian payment method - the Boleto - by wielding a frequently upgraded piece of malware that silently intercepted and rerouted payments to the crooks' bank accounts.”

Bug in WordPress plugin allows unauthorized file upload


Zeljka Zorz



“WordPress users who also use the MailPoet plugin are urged to update it as soon as possible, as all versions but the latest one are plagued with a critical flaw that could allow attackers to remotely upload any file on their vulnerable website.”

Physical location of data will become increasingly irrelevant




“The physical location of data still matters, but will become increasingly irrelevant and will be replaced by a combination of legal location, political location and logical location in most organizations by 2020, according to a report from Gartner.”

Cybercriminals Use Macro-based Attack to Target Money-Rich Industries


Eduard Kovacs



“Researchers from Cisco Systems have been monitoring the activities of a threat actor whose operations are aimed at high profile, money-rich industries such as oil, jewelry, banking and television. According to Cisco, the attacks launched by the group start with a spear phishing email that appears to be an invoice, a receipt or a purchase order. The malicious emails have a Microsoft Word document attached to them and look fairly standard, but the attachment is not currently blocked by most antivirus engines.”

NSA Swept up Phone Data of Millions of Americans, but only used it to Investigate 248


Noel Brinkerhoff



“Virtually every American last year had some of their phone records collected by the National Security Agency (NSA), but fewer than 250 U.S. citizens were actually investigated by the government. This disclosure was provided by the NSA in what’s been described as the “first-ever disclosure of statistics about how it uses its broad surveillance authorities,” according to The Guardian.”