- Hackers Breached Nearly 6,000 e-Commerce Sites
Nearly 5,900 e-commerce sites has been breached by hackers and installed malware that steals victim’s credit card details, according to a security researcher. According to Dutch security analyst Willem De Groot he said that, the hackers gained access to a store’s source code using various un-patched software flaws. Stolen credit card details are sold on dark web for US$30 per card. It includes card details card name, number, and date.
Cyber Security Tips: Now malwares are targeting bank details, to prevent from these malware must install antivirus on your system, do not share your credit card details with anyone.
- This Android App is Leaking Microsoft Exchange Server User Credentials
Nine – Outlook for Android app that allows corporate users to connect to their own Microsoft Exchange Server installations leaks user credentials, which can be easily decoded to their cleartext version. Corporate employees who want to connect to their company’s Microsoft Exchange Servers from their mobile devices can use a third-party app called Nine – Outlook for Android. Security researchers from Rapid7 have discovered that while the app uses SSL/TLS to encrypt communications from the user’s smartphone to the Exchange Server, the app doesn’t validate the source of the SSL/TLS certificates it receives. This lack of validation means the app is subject to MitM (Man-in-the-Middle) attacks, despite the usage of powerful encryption. If you and attacker is on same Wi-Fi then it can intercept your traffic, he credentials are transmitted using Base64 encoding, which can be easily reversed.
Cyber Security Tips: Company need to fix the certificate issue, best suggestion for employee avoid to connect open networks, avoid to install apk which turn on your hotspot, keep eye on your account.