The security threat of unsanctioned file sharing

http://www.net-security.org/secworld.php?id=17563

Excerpt:

“Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies and place company data in jeopardy, say the results of the “Breaking Bad: The Risk of Unsecure File Sharing” report by Intralinks Holdings and Ponemon Institute.”

 


Dyre malware targeting Swiss bank customers

 

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2902

Excerpt:

“The Dyre/Dyreza banking Trojan has lately become very popular with cyber criminals - so much so that the US-CERT has issued an alert warning about the danger”"

 


Post Snowden, most users have changed Internet habits

 

http://www.net-security.org/secworld.php?id=17555

Excerpt:

“On the heels of Edward Snowden’s advice to switch from Dropbox, Facebook and Google to services that place a high priority on security and privacy, F-Secure is releasing survey results that show that many people are willing to do just that.”

 


Biggest ever cyber security exercise in Europe is underway

 

http://www.net-security.org/secworld.php?id=17558

Excerpt:

“More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).”

 


Fake "Online Ebola Alert Tool" delivers Trojan, unwanted apps

 

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2900

Excerpt:

“Cyber scammers continue to take advantage of the fear and apprehension surrounding the proliferation of the Ebola virus. While Ebola-themed online hoaxes are nothing new, malware peddlers have recently started pushing their wares via phishing emails impersonating the World Health Organization and, according to Malwarebytes' Jovi Umawing, offers of a "early warning system tool" that supposedly alerts users of any Ebola outbreaks near the area in which they live.”

 


Beware of Ebola-themed phishing, malware campaigns and hoaxes

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17509

Excerpt:

“US-CERT released an advisory warning users about email scams and cyber campaigns using the Ebola virus disease as a theme."Phishing emails may contain links that direct users to websites which collect personal information such as login credentials, or contain malicious attachments that can infect a system," they pointed out.”

 


Leader of Team Digi7al sentenced today to serve twenty-four months in federal prison

 

http://www.databreaches.net/leader-of-team-digi7al-sentenced-today-to-serve-twenty-four-months-in-federal-prison/

Excerpt:

“Daniel Trenton Krueger, one of two leaders of the computer hacking group known as Team Digi7al, was sentenced today to serve twenty-four months in federal prison for hacking the U.S. Navy, National Geospatial-Intelligence Agency, and over 50 public and private computer systems, U.S. Attorney Danny C. Williams Sr. announced.

 


Websites of Azerbaijani Embassies Hacked by Armenian Hackers

 

Waqas

http://hackread.com/azerbaijani-embassies-hacked-by-armenian-hackers/

Excerpt:

“Armenian hackers from Monte Melkonian Cyber Army – (MMCA) are back in action with yet another high-profile hack. This time the group has hacked and defaced the official website of Azerbaijan Association of judges of specialized courts, Azerbaijan Bank training Center, Azerbaijan embassy in Belgium and Poland.”

 


FBI informant ordered LulzSec to Hack British Tabloid ‘The Sun’

 

Pushpa Mishra

http://hackread.com/fbi-sabu-the-sun-cyber-attack/

Excerpt:

“The FBI is in the midst of yet another controversy: it aided the Anonymous Lulzsec hacker in attacking the media empire of publisher Rupert Murdoch in 2011. The FBI turned a blind eye to the hacker-turned informant, Hector Xavier Monsegur a.k.a. Sabu, who targeted Murdoch’s media publications in July 2011, reported Motherboard.”

 


'Hurricane Panda' hackers used Microsoft zero-day, CrowdStrike says

 

Jeremy Kirk

http://www.pcadvisor.co.uk/news/security/3580627/hurricane-panda-hackers-used-microsoft-zero-day-crowdstrike-says/

Excerpt:

“One of the zero-day flaws patched by Microsoft on Tuesday had been used for some time by a group with suspected Chinese government ties that targets technology companies, CrowdStrike's chief executive said Tuesday.”

 


 

#OpHK: Anonymous Takes Down Chinese Government Websites, Leaks Data

Waqas

http://hackread.com/op-hong-kong-anonymous-hacks-chinese-government/

Excerpt:

“In support of pro-democracy protests in Hong Kong, the online hacktivist Anonymous previously announced ‘Operation Hong Kong’ against the government and its supporters. Now the group has taken down high profile Chinese government websites and leak hundreds of IP addresses, email address, passwords and phone numbers.”

 


Dropbox credentials leaked by third-party, change your password immediately

 

Brad Sams

http://www.neowin.net/news/dropbox-has-been-hacked-change-your-password-immediately

Excerpt:

“If you use Dropbox, you need to change your password immediately; by all indications, there has been a breach in account security. In a leak on Pastebin (which we won't link, as it contains sensitive account information), the user claims to have the usernames and passwords of nearly 7 million Dropbox users. To prove that the information is real, 420 usernames and passwords have been posted.”

 


Anonymous Hackers Threaten Chinese Government with Website Blackouts and Data Leaks

 

Anthony Cuthbertson

https://www.ibtimes.co.uk/anonymous-hackers-threaten-chinese-government-website-blackouts-government-data-leaks-1469366?

Excerpt:

“Anonymous has threatened to shut down government websites in China through a massive DDoS attack(Anonymous). Online activist group anonymous has warned authorities in Hong Kong and China that it will launch a massive attack on websites and leak tens of thousands of government email address details.”

 


Smart meter hack could leave homes in the dark

 

Rene Millman

http://www.itpro.co.uk/security/23251/smart-meter-hack-could-leave-homes-in-the-dark

Excerpt:

“Millions of homes could be at risk from a vulnerability found in smart electricity meters that could shut down power to them.According to studies carried out by two security researchers, smart meters lack basic security and this leaves them open to being taken over by hackers. Criminals could use the flaws in meters to shut down power to homes or carry out billing fraud.The research, carried out by Javier Vazquez Vidal and Alberto Garcia Illera, said the flaw affects smart meters installed by a Spanish utility company.”

 


Trojans-SMS Are Top Threat on Android, INTERPOL and Kaspersky Say

 

Ionut Ilascu

http://news.softpedia.com/news/SMS-Trojans-Are-Top-Threat-on-Android-INTERPOL-and-Kaspersky-Say-461195.shtml

Excerpt:

“In a joint effort against cybercrime, a study conducted over the period of one year by Kaspersky and INTERPOL revealed that SMS Trojans are among the most frequent threats Android users face.”

 


The Unpatchable Malware That Infects USBs Is Now on the Loose

 

Andy Greenberg

http://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/

Excerpt:

“It’s been just two months since researcher Karsten Nohl demonstrated an attack he called BadUSB to a standing-room-only crowd at the Black Hat security conference in Las Vegas, showing that it’s possible to corrupt any USB device with insidious, undetectable malware. Given the severity of that security problem—and the lack of any easy patch—Nohl has held back on releasing the code he used to pull off the attack. But at least two of Nohl’s fellow researchers aren’t waiting any longer.”

 


LulzSec supersnitch led attacks on UK, Australia – report

 

John Leyden

http://www.theregister.co.uk/2014/10/02/sabu_hack_targets_revealed/

Excerpt:

“Hacktivist kingpin turned FBI snitch Hector Xavier "Sabu" Monsegur orchestrated attacks against 30 countries, including systems in the UK and Australia, according to a report that joins the dots between sealed court docs and leaked IRC chat logs.”

 


Criminal gangs use Tyupkin malware to steal millions from ATMs

 

Pierluigi Paganini

http://securityaffairs.co/wordpress/28993/cyber-crime/tyupkin-malware-steal-atms.html

Excerpt:

“Criminal gangs have stolen millions of dollars from ATMs worldwide using the Tyupkin malware which forces machines to dispense cash. Criminal gangs in Eastern Europe are increasing the number of attacks against automated teller machines (ATMs), not only tampering the machine with card skimmers which steal debit card data, but also using malware”

 


1-15 September 2014 Cyber Attacks Timeline

 

Paolo Passeri

http://hackmageddon.com/2014/09/29/1-15-september-2014-cyber-attacks-timeline/

Excerpt:

“This month will be probably remembered for the Home Depot breach. Yet another one caused by the same POS malware family that hit Target, with a similar dramatic extension: unfortunately the retailer believes that 56 million of credit cards could have been compromised in this case. After such a similar gigantic breach there is not so much to add as far as Cyber Crime is concerned, as it overshadowed all the rest.”

 


Xbox hackers snared US Army Apache Gunship ware - Feds

 

Darren Pauli

http://www.theregister.co.uk/2014/10/01/hack_attack_netted_apache_copper_training_software_say_feds/

Excerpt:

“Hackers from the US, Canada and Australia have been arrested over a sting that took in the US Army, gaming companies and Microsoft. The Department of Justice accuses the alleged perps of copying software worth more than US$100m.”

 


Hackers cut deal to work for gov’t

 

Buth Reaksmey Kongkea

http://phnompenhpost.com/national/hackers-cut-deal-work-gov%E2%80%99t

Excerpt:

“Two members of “hacktivist” group Anonymous Cambodia convicted of computer hacking yesterday will be spared further jail time. Instead, they have been ordered to put their “excellent” IT skills to use combating cybercrime in the Ministry of Interior.

 


Researcher release BadUSB attack code

 

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2876

Excerpt:

“When, two months ago, researchers from German security consultancy SR Labs demonstrated a new and potentially very deadly class of attacks executed via malware injected in the firmware of USB-connected devices, they didn't want to share the attack code with the public.”

 


ATM hacking suspects held

 

http://www.thesundaily.my/news/1191766

Excerpt:

“Police said several individuals have been arrested over the hacking of 18 automated teller machines (ATM) of four banks that lost over RM3 million two weeks ago. Inspector-General of Police Tan Sri Khalid Abu Bakar who disclosed this today did not elaborate on the identities of the individuals.”

 


Tyupkin Malware Hacking ATM Machines Worldwide

 

Mohit Kumar

http://thehackernews.com/2014/10/hacking-ATM-machine-tyupkin-malware.html

Excerpt:

“Money is always a perfect motivation for cyber criminals who tries different tricks to solely target users with card skimmers that steal debit card numbers, but now the criminals are using specialized malware that targets ATM (Automated Teller Machine) systems to withdraw cash even without the need of a card.”

 


Infected ATMs give away millions of dollars without credit cards

 

http://www.net-security.org/malware_news.php?id=2880

Excerpt:

“Kaspersky Lab performed a forensic investigation into cybercriminal attacks targeting multiple ATMs around the world. During the course of this investigation, researchers discovered the Tyupkin malware used to infect ATMs and allow attackers to remove money via direct manipulation, stealing millions of dollars.”

 


Hackers exploit Shellshock bug, compromise Yahoo, WinZip servers

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17458

Excerpt:

“A group of hackers has successfully leveraged the recently discovered Bash Shellshock vulnerability to compromise a number of servers belonging to Yahoo, Lycos and Winzip, and are using them to probe for other potential victims.”

 


Modes of defense against security breaches in healthcare

 

Jason Riddle

http://www.net-security.org/article.php?id=2136

Excerpt:

“It’s no secret that data security has serious implications for healthcare providers. A major breach can seriously undermine public trust – and result in hefty fines.”

 


Banks boost security

 

http://www.nst.com.my/node/39055

Excerpt:

“Customers of banks whose automated teller machines (ATM) were hit by a spate of hack-ing and theft can rest assured that their account balance and personal data have not been compromised.”