Data Security News Headlines 23rd March 2017

  1. Man’s Facebook gets hacked, lewd message sent to female pals

Pune: On March 13, a Bibwevadi resident’s Facebook account was hacked into and the accused has also been getting in touch with his friends and infiltrated three accounts of his friends as well. After the account compromised hackers start contacting with his friends,  and some female including his sister and sent lewd messages. Hacker also sent malicious messages to his friend. On March 17, three days after he had registered a complaint with the cyber cell, FIR was going to be filed in his name in Mumbai by someone who had received a nude image from him.

Cyber Security Tips: Users are strictly recommended that keep your social media account secure with a strong password, keep changing your password, users must think before you click on any links and if any incident happened with you immediately contact with the cyber cell.

  1. Cyber cell arrested three for hacking mail account

The Cyber cell on Tuesday arrested three persons including a man and his two sons from Tamil Nadu. This three are involved in illegally hacking g-mail account of an Indore-based person. A complaint was registered by the victim in this regard with the Bhopal unit of the cyber cell. Inspector general (cyber cell) Shailendra Singh Chauhan said those arrested had been identified as Gopal Sabu and his sons Vishal and Vikash Sabu, all natives of Salem district in Tamil Nadu. The victim Rajkumar Sabu, a resident of Jawahar Road in Indore who is an owner of Shiva Trading Company. He reported the matter that someone had hacked his g-mail id and he was unable to access his account. Based on his complaint, a case under Section 66 (C) of IT Act was registered and further probe was started.

Cyber Security Tips: To protect from such hacking users are strictly recommended that keep your password strong, use two-way authentication and avoid to open any spam e-mails.

  1. Hackers Using Fake Cellphone Towers to Spread Android Banking Trojan

Chinese hackers are now targeting smartphone by using Smishing attack. SMiShing is a security attack in which the user is tricked into downloading a Trojan horse, virus or other malware onto his cellular phone or other mobile devices. SMiShing is short for “SMS phishing. Hackers are using rogue cell phone towers to distribute Android banking malware via spoofed SMS messages. Security researchers at Check Point Software Technologies have uncovered that Chinese hackers are using fake base transceiver stations (BTS towers) to distribute “Swearing Trojan,” an Android banking malware. The phishing SMS, which masquerades itself as the one coming from Chinese telecom service providers China Mobile and China Unicom, contains very convincing text with a link to download malicious Android APK. Once an application is installed successfully attacker sent phishing SMS to a victim’s contacts. The capability of malware is to steal bank credentials and other sensitive information from victim Android devices and to bypass two-factor authentication.

Cyber Security Tips: The attackers are mainly targeting the Chinese users, users are strictly recommended that avoid to click on such messages, and avoid to install an application from untrusted sites.

  1. Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom

iCloud securely stores your photos, videos, documents, music, apps and keeps them updated across all your devices. So you always have access to what you want, wherever you want it. But now bad news for iCloud users if you use iCloud to sync your Apple devices, your private data may be at risk of getting exposed or deleted by April 7th. It has been found that a mischievous group of hackers claiming to have access to over 300 million iCloud accounts is threatening Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes gift cards. The hacking group has given Apple a deadline until April 7 to pay up the ransom according to news published by HackerNews.

Cyber Security Tips: Apple users are advised to change their iCloud passwords immediately and enable two-step authentication to add an extra layer of security to your account.

  1. Flaws in LastPass Password Manager Allowed Hackers to Steal Credentials

A password manager is a software application or hardware that helps a user store and organize passwords. Password managers usually store passwords encrypted, requiring the user to create a master password: a single, ideally very strong password which grants the user access to their entire password database.  The researcher at Google project zero found critical vulnerability found in famous password manager LastPass. it was the LastPass version 3.3.2 which was reported to have the bug. Mr. Ormandy hasn’t made his finding public until now, and it looks like LastPass team is currently working on a patch. Mr. Ormandy also pointed out that the version 4.1.42 of the LastPass (both Chrome and Firefox) contained another bug which could allow an attacker to steal the passwords of the users. The vulnerability could allow an attacker to steal credentials.

Cyber Security Tips:  LastPass team is working on the issue and patches are not released yet, users are strictly recommended that disable LastPass until the issue solved and change your password as soon as possible.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: