Data Security News Headlines 21st March 2017

  1. Hyderabad: Cyber Crime Cell arrests two for harassing woman

Hyderabad (Telangana): Harassing women is increasing in India. The cyber-crime cell in Cyberabad, Hyderabad arrested two peoples for sending abusive messages and outraging the modesty of the complainant. The accused persons have been identified as Alapati Shivaiah age 35 years, Managing Director of Hyma consultancy and another woman aged 30 years, Tele caller of Hyma Consultancy. The victim working as a pharma executive in Hyderabad lodged a complaint wherein she stated that she was an ex-employee at the Hyma Consultancy along with the woman accused and was staying in the hostel. The complainant suspected the accused  Tele caller made a recording of the victim while she was changing her clothes on the order of Sivaiah. The two accused were traced and arrested by Inspector of Police Cyber Crimes, Cyberabad Ravinder Reddy and team.

Cyber Security Tips:  Women’s need to keep herself protected from such peoples, make yourself aware of the cyber incident and be aware of hidden cameras and recording.

  1. Disable TELNET! 0-Day in CIA Dump affecting over 300 Network Switch Models

Cisco warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The vulnerability resides in the Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software. If exploited, the flaw (CVE-2017-3881) could allow an unauthenticated, remote attacker to cause a reboot of an affected device or remotely execute malicious code on the device with elevated privileges to take full control of the device, Cisco says in its advisory. The flaw can be exploited during Telnet session negotiation over either IPv4 or IPv6. The vulnerability affects 264 Catalyst switches, 51 industrial Ethernet switches, and 3 other devices, which includes Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2/3 EtherSwitch Service Module, Enhanced Layer 2 EtherSwitch Service Module, ME 4924-10GE switch, IE Industrial Ethernet switches, RF Gateway 10, SM-X Layer 2/3 EtherSwitch Service Module, and Gigabit Ethernet Switch Module (CGESM) for HP. (check complete list here) according to news published by HackerNews. The exploitation could allow an attacker to execute malicious code remotely.

Cyber Security Tips:  There is no patch released by Cisco but temporary mitigation for users to disable the Telnet connection to the switch devices in favor of SSH.

  1. Millions of Accounts from 11 Hacked Bitcoin Forums Being Sold on Dark Web

Eleven Bitcoin forums database is sold for sell. According to latest news published by the HackRead,  the databases were stolen from 2011 to 2017 from widely visited forums providing information about Bitcoin mining and trading.  The combined number of data stolen from these forums is more than 12,000,000 including 536,727accounts from MerlinsMagicBitcoin.com which suffered a data breach in January 2017, 514,409 accounts from BitcoinTalk.org forum which was hacked in May 2015, 568,357 stolen from BTC-E.com back in October 2014, 21,439 accounts from BTC4Free.com which was hacked in January 2014, 21,439 accounts from BTC4Free.com which was also hacked in January 2014. 3,153 Bitcoin.Lixter.com which was breached in September 2014, 1,780 BitLeak.net accounts stolen back in March 2014, 28,298 DogeWallet.com accounts stolen in January 2014, 61,011 MtGox.com stolen in June 2011, 34,513 BitsCircle.com (breach date unknown) 10,855,376 BitcoinSec from 2014 breach and 3,149 accounts from TheBitcoinShop.pixub.com. Stolen data contains username, email address, personal text number, gender, date of birth, website title and URL, location and password

Cyber Security Tips:  Users are strictly recommended that change their username and password as soon as possible, keep watch on your account, check for your bank account and change password.

  1. Hacker Reveals Easiest Way to Hijack Privileged Windows User Session Without Password

You are aware of the fact that a local Windows user with system rights and permissions can reset the password for other users, but a local user can also hijack other users’ session, including domain admin/system user, without knowing their passwords? Alexander Korznikov, an Israeli security researcher, has recently demonstrated that a local privileged user can even hijack the session of any logged-in Windows user who has higher privileges without knowing that user’s password, using built-in command line tools. It working on all the versions of windows operating system and there is no need of privileges. The issue discovered by Korznikov. For successful exploitation, an attacker requires physical access to the targeted machine, but using Remote Desktop Protocol (RDP) session on a hacked machine; the attack can be performed remote. This can be done with task manager as well as command prompts.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: