Data Security News Headlines 10th February 2017

  1. Hitachi admits its systems were compromised

Hitachi Payments Services today accepted its systems were compromised by a sophisticated malware in mid-2016 that led to one of the biggest cyber-security breaches in India with 3.2 million cards affected and a scare over security of card-based transactions. The malware was able to work undetected and had concealed its tracks during the compromise period. The compromise period was identified between May 21 and July 11. The company acknowledged the system-wide trouble that was caused due to the lapse at its end saying banks had to take remedial action like blocking payments at international locations, reduced withdrawal limits, asking for PIN changes and monitoring of unusual patterns.

Cyber Security Tips: Change your ATM pins regularly. Banks and ATMs should use the latest version of software.

  1. New Windows Trojan Spreads MIRAI Malware To Hack More loT Devices

Researchers from Russian cyber-security firm Dr.Web have now uncovered a Windows Trojan designed to build with the sole purpose of helping hackers spread Mirai to even more devices. Dubbed Trojan.Mirai.1, the new Trojan targets Windows computers and scans the user’s network for compromisable Linux-based connected devices. Once installed on a Windows computer, the Trojan connects to a command-and-control (C&C) server from which it downloads a configuration file containing a range of IP addresses to attempt authentication over several ports such as 22 (SSH) and 23 (Telnet), 135, 445, 1433, 3306 and 3389.

Cyber Security Tips:  To protect yourself from such Trojan keep using updated antivirus in your systems, avoid to open spam mails as well as unknown links, keep monitoring your organization network

  1. First ever Word Macro Malware for Apple Mac OS Discovered in the Wild

Security researchers have now detected the first in-the-wild instance of hackers are making use of malicious macros in Word documents to install malware on Mac computers and steal your data – an old Windows technique. The hack tricks victims into opening infected Word documents that subsequently run malicious macros. However, after clicking on the malicious Word document and before running it on your system, Mac users are always prompted to enable macros. Denying permission can save you, but if enabled ignoring warnings, the embedded macro executes a function, coded in Python, that downloads the malware payload to infect the Mac PCs, allowing hackers to monitor webcams, access browser history logs, and steal password and encryption keys.

Cyber Security Tips: Deny permission to enable macros from running when opening a suspicious Word document. Avoid downloading software from third-party App Store or untrusted websites.

  1. Russian Authorities Arrest Nine for Stealing $17 Million from Banks

Russian Security Services officials have arrested nine hackers who are alleged to be members of a high-profile cybercrime group called Lurk. The state media news platform Tass reported that reason for their arrest is that the group has been stealing money from Russian banks since 2013 and so far it has managed to rake in more than a billion rubles. The hackers were arrested in January 2017, after a crackdown led by the FSB. The operation against Lurk gang was a nationwide crackdown in which every territory was involved including Moscow, Tver, Krasnodar, Sverdlovsk and St. Petersburg. Around 86 raids were carried out in 15 regions across Russia. Lurk is also the group’s computer Trojan that can steal login credentials including usernames and passwords and with the malware, the notorious hacker group attacked some of Russia’s largest and reliable financial entities.

Cyber Security Tips: Don’t click on link and attachments you receive from unknown source on emails or any other social networking sites.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: