Data Security News Headlines 29th June, 2016

  1. 95 lakh flyers hit as hackers break into loyalty scheme

Mumbai: Nearly two lakh Air India frequent flyers will lose out on benefits after the national carrier was forced to suspend its passenger loyalty rewards program, which was hacked into a few weeks ago. A probe by the Delhi Police revealed that hackers accessed the Air India website to steal points worth Rs 16 lakh on air travel miles accumulated by a total of 1.95 lakh flyers by creating fake frequent flyer accounts. The hackers have accessed user IDs and passwords of some of the website administrators to verify such fake accounts and claimed frequent flyer rewards.The anomaly was first noticed on June 8, when an Air India staffer verifying documents of a frequent flyer account holder noticed the account had already been verified. The document submitted towards identity proof was a driving license, which is not on the Air India list of accepted proof.

Cyber security tips: Air India need to verify all existing documents, immediately change passwords of employees, verify the different website administrator’s accounts, scan for vulnerabilities.

  1. IoT Botnet- 25,000 cctv cameras hacked to launch ddos attack.

Cyber crooks are hacking CCTV cameras to form a massive botnet that can blow large websites off the Internet by launching Distributed Denial-of-service(DDoS) attacks.Researchers at Security firm Sucuri came across a botnet of over 25,000 CCTV cameras targeting business around the globe while defending a small jewelry shop against a DDOS attack The jewelry shop website was flooded with almost 35,000 HTTP requests per second due to which its website was unreachable to legitimate users.However, when Sucuri attempted to prevent the network flood by using a network addressing and routing system called any cast, the botnet increased the number of HTTP requests on the store’s website to more than 50,000 per second and it had been remotely hijacked by cyber criminals to attack other services.

Cyber Security Tips: Prevention from such attacks is regularly monitor your services, Use Intrusion prevention system to prevent from DDOS attacks, use firewall to filter request, immediately block such IP.

  1. Zero-day warning! Ransomware targets Microsoft office 365 user

Cerber Ransomware is now targeting MS Office 365 email users with a massive zero-day attack that has the ability to bypass Office 365’s built-in security tools. According to a report published by cloud security provider Avanan, the massive zero-day Cerber ransomware attack targeted Microsoft Office 365 users with spam or phishing emails carrying malicious file attachments.The Cerber ransomware is invoked via Macros. Yes, it’s hard to believe but even in 2016, a single MS Office document could compromise your system by enabling ‘Macros’.

Cyber Security Tips: To prevent from these Ransomware update your antiviruses, regularly backup your files, disable macros, use IDS and IPS, and use SIEM tools.

  1. SWIFT hacker steal $10 million from Ukrainian bank

A Ukrainian bank has become the latest victim of the widespread cyber-attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT. Hackers have reportedly stolen $10 Million from an unnamed bank in Ukraine by exploiting the SWIFT international banking system, according to an independent IT monitoring organization called the Information Systems Audit and Control Association (ISACA).Hackers are target banks by sending malware and exploit the vulnerability present in system.

Cyber Security Tips: Prevention from such attacks is update antivirus, scan for vulnerabilities, if any vulnerabilities are present patch it, use IDS, use firewall, do not open spam mails.

  1. Hacker Group OurMine Is Sending a Message: No One Is Safe

OurMine has been hacking the Twitter accounts of CEOs and celebrities including Google CEO Sundar Pichai and actor Channing Tatum to prove the point that “nobody is safe.”Google CEO Sundar Pichai is among the latest members of an unhappy club: public figures that have been hacked by OurMine, a group of hackers who profess to be doing the world a favor by making clear how vulnerable most of us are online.They hack into accounts and leave public messages, as well as a suggestion to buy their own security services. “Hey, it’s OurMine, we are just testing your security, please visit OurMine to upgrade it,” they tweeted from Pichai’s account.

Cyber Security Tips: Prevention from such attacks are update antivirus, do not reply any spam mails, be careful while online, avoid unknown notification.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: