- Two Arrested in UK for Hacking DC CCTV Cameras Before Trump Inauguration
Authorities in London, UK have arrested two hackers on suspicion of hacking CCTV cameras in Washington DC with ransomware just few days before President Trump’s inauguration. It must be noted that the hackers were able to hack 123 of the total 187 network video recorders installed inside the CCTV devices. The cameras could not record anything for more than 48 hours. According to The Sun, one of the arrested hackers is a Swedish woman and other a British man.
- WordPress Websites Exposed to Severe Vulnerability
The nasty bug resides in WordPress REST API that would lead to the creation of two new vulnerabilities: Remote privilege escalation and Content injection bugs. The vulnerability is easy to exploit and affects versions 4.7 and 4.7.1 of the WordPress content management system (CMS), allowing an unauthenticated attacker to modify all pages on unpatched sites and redirect visitors to malicious exploits and a large number of attacks. The issue was discovered on January 22nd, patched on January 26th and the fix was made available in release 4.7.2 to websites using the popular CMS.
Cyber Security Tips: WordPress admins who have not yet implemented the patch against the nasty vulnerability are strongly advised to update their CMS to WordPress version 4.7.2.
- Hackers offering Money to Company Insiders in Return for Confidential Data
The insider threat is the worst nightmare for a company, as the employees can access company’s most sensitive data without having to circumvent security measures designed to keep out external threats. According to a new report from the US-based risk security firm RedOwl and Israeli threat intelligence firm IntSights, staff at corporations is selling company’s internal secrets for cash to hackers on one of the most famous dark web markets Kick Ass Marketplace (Onion URL). Besides selling their company’s secret information, researchers also found evidence of rogue staff, in some cases, even working with hackers to infect their company networks with malware.
Cyber Security Tips: Corporations should take the insider threat more seriously by making use of IT security systems to carefully monitor their employees without violating their privacy