Data Security News Headlines 03rd February 2017

  1. Two Arrested in UK for Hacking DC CCTV Cameras Before Trump Inauguration

Authorities in London, UK have arrested two hackers on suspicion of hacking CCTV cameras in Washington DC with ransomware just few days before President Trump’s inauguration. It must be noted that the hackers were able to hack 123 of the total 187 network video recorders installed inside the CCTV devices. The cameras could not record anything for more than 48 hours. According to The Sun, one of the arrested hackers is a Swedish woman and other a British man.

  1. WordPress Websites Exposed to Severe Vulnerability

The nasty bug resides in WordPress REST API that would lead to the creation of two new vulnerabilities: Remote privilege escalation and Content injection bugs. The vulnerability is easy to exploit and affects versions 4.7 and 4.7.1 of the WordPress content management system (CMS), allowing an unauthenticated attacker to modify all pages on unpatched sites and redirect visitors to malicious exploits and a large number of attacks. The issue was discovered on January 22nd, patched on January 26th and the fix was made available in release 4.7.2 to websites using the popular CMS.

Cyber Security Tips: WordPress admins who have not yet implemented the patch against the nasty vulnerability are strongly advised to update their CMS to WordPress version 4.7.2.

  1. Hackers offering Money to Company Insiders in Return for Confidential Data

The insider threat is the worst nightmare for a company, as the employees can access company’s most sensitive data without having to circumvent security measures designed to keep out external threats. According to a new report from the US-based risk security firm RedOwl and Israeli threat intelligence firm IntSights, staff at corporations is selling company’s internal secrets for cash to hackers on one of the most famous dark web markets Kick Ass Marketplace (Onion URL). Besides selling their company’s secret information, researchers also found evidence of rogue staff, in some cases, even working with hackers to infect their company networks with malware.

Cyber Security Tips: Corporations should take the insider threat more seriously by making use of IT security systems to carefully monitor their employees without violating their privacy

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: