- Idaho Department of Labor hacked; personal data of 170,000 people at risk
Idaho Department of Labor Assists Idaho residents in finding jobs, and oversees workfare, migrant farm workers, unemployment insurance, and other labor related items. A hacking incident that occurred on March 12 and March 13 compromised more than 170,000 job seeker account. There are total 530,000 accounts registered with Idaho Department of Labor. The system under the attack, America’s Job Link, is a Kansas-based and connects multiple states that operate the department’s IdahoWorks job search engine. The compromised data include dates of birth, Social Security numbers, and names of some of the America’s Job Link customers. This hack potentially compromised the job search services provided by this system connect up to ten states, and a total of 4.8 million accounts according to news published by HackerNews. It is happened due to flaw present.
Cyber Security Tips: Users are strictly recommended that immediately change their password with the strong one. If your account compromised contact with the Idaho Department of Labo
- Android Forums hacked; password reset notice issued
Android Forums is the center of the Android Universe for help and discussion on Galaxy, Nexus, Droid, Evo and all your favorite Android phones and tablets! The website administrator of Android forum wrote that 40 members of the forum (2.5 percent) who registered between registered in 2016 and 2017 had their accounts compromised. The stolen data contains email addresses, hashed passwords, and salts but none of the usernames were taken. Furthermore, investigations are still in process. Therefore it’s too early to assume what happened or how attackers were able to access the database. Good news is that all passwords have been reset.
Cyber Security Tips: Users are strictly recommended that immediately reset their password.
- Cisco Finds Critical Flaw in Industrial Routers
Cisco has found a critical vulnerability in industrial routers which could allow an attacker to remote code execution. The flaw, identified as CVE-2017-3853, affects the Data-in-Motion (DMo) process of IOx and is caused by the lack of proper bounds checking. A remote, unauthenticated attacker can exploit the vulnerability to trigger a stack overflow by sending specially crafted packets that are forwarded to the DMo process for evaluation. Successful exploitation of the security hole can allow the attacker to execute arbitrary code with root privileges in the virtual instance running on the vulnerable device. The vulnerability affects Cisco IR809 and IR829 industrial integrated services routers running IOx versions 220.127.116.11 and 18.104.22.168 according to news published by Security Week.
Cyber Security Tips: Company has released patches for above mention vulnerabilities so that users and administrators are strictly recommended that immediately apply patches.
- Hacker steal $39m from Kenya Revenue Authority
One of the IT experts from Kenya has been charged for illegally hacking into the country’s tax authority and stealing $39m by Kenyan authorities, according to local media. Alex Mutunga Mutuku, 28, is accused of electronic fraud, who had stolen money from various institutions and companies in the East African nation, The Standard newspaper reported. However, he denies all the charges against him. According to reports of the Daily Nation newspaper, in 2015 he was arrested for hacking into the country’s biggest telephone network provider, Safaricom, and stealing airtime worth $150. In 2014 also, he has been accused of hacking into the system of a local bank according to news published by E hacking news.
Cyber Security Tips:: To protect from such hacking make sure that your bank data secured, secure your data center with security product.