- Bug in UPI app costs Bank of Maharashtra Rs 25 Cr in one of India’s biggest financial frauds
MUMBAI: In what is possibly the biggest financial frauds in recent years, NPCI today said Rs 25 crore has been moved out of Bank of Maharashtra (BoM) accounts due to a bug in its UPI application. The total amount of loss, as reported by BoM, is about Rs 25 crore. They’ve recovered some amount and some amount is still pending. Bank of Maharashtra had procured a Unified Payment Interface (UPI) solution from a vendor which had a bug that resulted in the fund moving out of the accounts without the sender’s account having the necessary funds. It is happening due to loophole present. There were three other banks, including Bank of India, which had bought a similar solution from the same vendor but they’ve not reported any mishap, according to news published by ETCIO.
Cyber Security Tips: To protect from such fraud make sure that you are using secure UPI for your banking application, scan for application vulnerability.
- Verizon to pre-install a ‘Spyware’ app on its Android phones to collect user data
If you are using Verizon’s AppFlash then you’re searching data is not private. Verizon has planned to pre-install spyware on customers’ Android devices in order to collect their personal data. ‘AppFlash’ a universal search bar that will come pre-installed on the home screens of all Verizon Android handsets for quickly finding apps and web content. AppFlash is simply a Google search bar replacement, but instead of collecting and sending telemetry data including what you search, handset, apps and other online activities to Google, it will send to Verizon. The Company said we collect information about your device and your use of the AppFlash services. This information includes your mobile number, device identifiers, device type and operating system, and information about the AppFlash features and services you use and your interactions with them according to news published by HackerNews.
Cyber Security tips: To stop from collecting your personal data you are recommended that either root your device and remove the app or only disable the app.
- Blizzard’s World of Warcraft fans hit by phishing scam
World of Warcraft is a massively multiplayer online role-playing game released in 2004 by Blizzard Entertainment. If your fan of this game, be aware of a phishing scam. According to the Graham Cluley, hackers are conducting phishing attacks on gamers using two types of emails to steal their login credentials. Hackers are sending emails to World of Warcraft players making them believe that they have won a prize followed by a link to claim it by putting their Blizzard account credentials. Once you click the email, a new window will appear asking you to enter the login details of your blizzard account, and if you do that, the hacker will receive your information, which can either be sold or used personally.
Cyber Security Tips: Users must very careful when you receive an email from an unknown sender, avoid to click on any emails.
- Google Patches Dangerous Vulnerabilities in Chrome 57
Google on Wednesday released an update for its Chrome web browser to address five vulnerabilities in the application: one rated Critical and four High risk. The first of the four High-risk flaws resolved in this release is a Heap buffer overflow in V8 (CVE-2017-5054), discovered by Nicolas Trippar of Zimperium zLabs. The other two flaws included a Use after free in Blink (CVE-2017-5056), discovered by a researcher who opted to remain anonymous, and an Out of bounds memory access in V8 (CVE-2017-5053), found by Team Sniper (Keen Lab and PC Mgr) and reported through ZDI (ZDI-CAN-4587).
Cyber Security Tips: Users and administrator are recommended that update their google chrome with latest patches.