Data Security News Headlines 15th March 2017

  1. Beware; 36 Android Devices Shipped with Preinstalled Malware

The latest news regarding Android devices is that various types of pre-installed malware were identified by two tech firms who received a consignment of their ordered android phones. All in all, 36 devices were already infected with malware. The presence of malware on these 36 Android phones was discovered by Check Point Software Technologies while the names of the tech firms that received these devices haven’t yet been disclosed. The names of the devices have, however, been shared by the research team. These include: Lenovo S90, Oppo R7 Plus, Xiaomi Redmi, Galaxy Note 2, LG G4, Galaxy S7, Galaxy Note 4, Galaxy Note 5, Galaxy Note 8.0, Galaxy A5, Lenovo A850, Xiaomi Mi 4i, ZTE x500, Galaxy Note 3, Galaxy Note Edge, Galaxy Tab 2, Oppo N3, Asus Zenfone 2, viva X6 Plus and Galaxy Tab S2 according to HackRead. According to researcher it is happening due to the ROM firmware.

Cyber Security Tips: To remove the malicious apps, the phones will need full re-installation of the ROM firmware.

  1. Misconfigured Drive Leads to Data Leak of Thousands of US Air Force Officials

Researchers at MacKeeper Security have identified a “misconfigured device,” which was available for public access due to misconfiguration. According to researcher it contained sensitive personal/official information, backup data and confidential documents belonging to the US Air Force. The leaked device has made thousands of US Air Force documents vulnerable. There is sensitive information like passport and social security numbers of high-ranking and senior USAF officials as well as celebrities like Channing Tatum. The entire data is equivalent of several gigabytes. According to investigation it got leaked because it was stored on an unprotected web-connected backup drive and also it was not password protected.

Cyber Security Tips: To protect from such a hacking keep your data secure with strong password, check security options while storing your data online.

  1. HSBC Users Targeted With Fake Security Software

A recent spam campaign impersonating UK-based banking giant HSBC is attempting to distribute malware masquerading as legitimate security software, Symantec researchers warn. The spam emails were designed look as though they had been sent by HSBC, and even display an “@hsbc.com” email address. The messages claim to be distributing malware detection software Rapport from Trustee, which is a legitimate security program designed to protect online bank accounts from fraud. However, users are being connected to a malicious information stealing application instead. What’s more, the malware uses Windows GodMode to keep itself hidden on the compromised machines, the researchers say. According to report published in Securityweek, emails contains .7zip file, the .7z file includes the fake Rapport executable and an Instruction.jar file. When executed, the malware creates a folder for itself, and then hides it by leveraging the Windows.  Once successfully infected system, the malware modifies registry entries and a series of system tools, in an attempt to shield itself. Next, the Trojan starts the communication with the command and control (C&C) server, allowing the remote attacker to steal information from the compromised machine as per news published by securityweek.

Cyber Security Tips:  HSBC team need to check the issue and need to improve their cyber security while users are strictly recommended that avoid to open such emails which contains .7zip files.

  1. 200,000 Wi-Fi Cameras Wide Open To Hacking

If you own IP cameras then be aware there are 200,000 IP cameras found vulnerable and open for hacker due to zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. According to researcher security issue in one IP camera quickly turned into seven major vulnerabilities that affects over 1,000 camera models and left nearly 200,000 cameras wide open to attack. According to Kim, who did a little more research after he discovered the security flaws, almost 200,000 cameras should be considered vulnerable. While the bulk of the cameras manufactured stayed in China, almost 20,000 of them made it into the USA. For a full list of exactly what IP Cameras are affected, follow this link, https://pierrekim.github.io/advisories/2017-goahead-camera-0x00.txt

Cyber Security Tips:  Users are strictly recommended to check your cameras from mentioned list, immediately patch vulnerability if patches available or contact your vendor.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: