Data Security News Headlines 24th November, 2016

  1. $55 surveillance camera hacked by Mirai botnet within 98 seconds

The latest flaw in the severely hyped IoT devices was discovered by a tech industry veteran Robert Stephens, identified that his security camera could be compromised within 98 seconds only as soon as it gets connected to Wi-Fi. It is happened due to vulnerability present in camera. According to hackread news when he was able to compromise the camera he carefully kept observing the traffic in order to check attempts from third-parties to control the vulnerable device. After 98 seconds, the camera was plagued with a Mirai type worm and it became apparent to Stephens that the default login and password were exposed. The worm started checking out the device it had newly captured and completely downloaded itself on the camera.

Cyber Security Tips: To prevent from such hack update your devices firmware with latest one, change default username and password, keep your Wi-Fi secured with strong password and monitoring your devices.

  1. Users Reporting Electronic Arts and PlayStation Servers are Down

Users are reported that they are unable to access your Electronic Arts and PlayStation Network account. Looking at Play station’s status page it can be seen that several online services including Account Management, Gaming and Social, PlayStation Now, PlayStation Video, PlayStation™Vue, PlayStation Store and PlayStation Music are down. Same Electronic Arts servers where users are reporting server issues yet there has been no official response from the company. According to researcher it may be happened due to DDOS attack or any technical issue.

Cyber Security Tips:  Company need to check and fix the issue, user are strictly recommended that once you able to access your account change your login credentials.

  1. Ask Toolbar Update Feature Hacked to Drop Malware

Ask toolbar pushing third-party offers to users and making them download software without their consent or knowledge. It is a well-known fact that Ask toolbar has been categorized by security software vendors like Microsoft as a Potentially Unwanted Program. But, the latest report from an IT security firm Red Canary has revealed that attackers attempted to convert Ask Toolbar’s latest update into a malware. The toolbar update feature was actually delivering a malicious virus. The firm detected suspicious activity that was directly traced to the Ask Toolbar Update. Hackers are exploiting this update features for attacking purpose. According to report after installing the unwanted software on the users’ computer system, the malware brings in secondary malware like banking Trojans or similar online-fraud code.

Cyber Security Tips: Avoid to use ask toolbar until issue has been solve, if you are using this toolbar then check notification before clicking, user has strictly recommended that use updated antivirus.

  1. Your headphone can spy on you

According to group of Israeli security researchers at Ben Gurion University. Hackers can turn your headphones into a microphone to spy on all your conversations in the background without your knowledge. As per report Dubbed “Speake(a)r,” the malicious code (malware) is disturbingly able to hijack a computer to record audio even when its microphone is disabled or completely disconnected from the computer. Speake(a)r actually utilizes the existing headphones to capture vibrations in the air, converts them to electromagnetic signals, alters the internal functions of audio jacks, and then flips input jacks (used by microphones) to output jacks (used for speakers and headphones). Using this attacker is able to record audio, though at a lower quality, from computers with disabled or no microphone or from computers of a paranoid user, who has intentionally removed any existing audio components.

Cyber Security Tips: The only way to deal with this issue is to redesign and replace the chip in current as well as future computers, Also user need to secure their system to detect malicious code.

  1. NTP DOS exploit released- Update your server to patch 10 flaws

A critical vulnerability in the Network Time Protocol daemon (ntpd) has been publically released that could allow anyone to crash a server with just a single maliciously crafted packet. The vulnerability is fixed by Network Time Foundation and release NTP 4.2.8p9, which includes a total of 40 security patches, bug fixes, and improvements. The flaw was used by hackers to abusing the NTP servers by sending small spoofed UDP packets to the vulnerable server that requests a significant amount of data to be sent to the DDoS’s target IP Address.

Cyber Security Tips: Administrators are strictly recommended that immediately update NTP with latest release

  1. Data breach: 73 SBI cardholders reported fraud withdrawals

NEW DELHI: 73 cardholders of the country’s largest bank SBI had reported fraudulent withdrawals aggregating Rs 39.18 lakh till November 4 following data breach that hit millions of debit/ATMs. SBI. “SBI has also informed that 73 cardholders have complained about claims aggregating to Rs 39.18 lakh up to November 4, 2016,” he said. On September 8 that details of certain cards issued by some banks had been possibly compromised at ATMs linked to the ATM Switch of one of the service providers. About 32.14 cards of public and private sector banks was breached. Following the data breach, 19 banks had recalled the compromised cards. The investigation is going on said report.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: