Data Security News Headlines 10th May 2017

  1. AAP MLA gives live demo of ‘EVM hacking’ in assembly

Electronic voting Machine (EVM) is voting using electronic means to either aid or take care of the chores of casting and counting votes. According to the election commission, the EVM cannot be hack but AAP MLA gives a live demo of ‘EVM hacking’ in assembly. Bhardwaj rigged a mock poll on a machine similar to an EVM machine. According to report AAP MLA Mr. Saurabh Bhardwaj comes with sample EVM machine and demonstrate how it can be hacked. Mr. Saurabh Bhardwaj said that EVM uses the secret code for every party and this coding process can be changed.  Bhardwaj said while demonstrating how secret codes can be fed into the machine while voting to manipulate the results. The claims have been denied by the election commission and further investigation is going on.

  1. AIFF website hacked

The All India Football Federation (AIFF) website got hacked on Tuesday by a group that calls itself the “Zero Cool”. According to the report, the hacking was identified in the evening when the Federation Cup match between Aizawl FC and Churchill Brothers was being played. Although there has been no confirmation, the language on the website sounded like it was the job of a Pakistani hacker. According to news published by Times of India, the hackers spoke of India’s demand for the release of Kulbhushan Jadhav, the Indian national who had been arrested in Balochistan, and hurled abuses on India. The hackers also threatened to send back only Jadhav’s dead body. The website had been working even in the afternoon and our IT team is working on the matter said AIFF.

Cyber Security Tips: To prevent from website hacking keep your web server secure, keep your software up-to-date, do Vulnerability Assessment and Penetration Testing (VAPT) to know weaknesses of your website. To get excellent VAPT service visit http://www.anacyber.com/

  1. Microsoft Issues Emergency Patch For Critical RCE in Windows Malware Scanner

Yesterday 8th may Google zero-day team found remote code execution vulnerability in Microsoft windows system called as Crazy Bad.  According to the researcher, this vulnerability could allow an attacker to execute remote code.  According to an advisory released by Microsoft, the remotely exploitable security flaw (CVE-2017-0290) exists in Microsoft Malware Protection Engine (MMPE) – the company’s own antivirus engine that could be used to fully compromise Windows PCs without any user interaction. Following are a list of affected software includes;

  • Windows Defender
  • Windows Intune Endpoint Protection
  • Microsoft Security Essentials
  • Microsoft System Center Endpoint Protection
  • Microsoft Forefront Security for SharePoint
  • Microsoft Endpoint Protection
  • Microsoft Forefront Endpoint Protection

According to the report, the flaw resides in the way the Microsoft Malware Protection Engine scan files. It is possible for an attacker to craft a malicious file that could lead to memory corruption on targeted systems. The vulnerability could be exploited by hackers in several ways, like sending emails, luring victims to sites that deliver malicious files, and instant messaging.

Cyber Security Tips:  Users are strongly recommended that apply patches as soon as possible.

  1. BitKangoroo Ransomware Deletes User Files

Ransomware attacks are increasing from few years. A piece of ransomware currently in development is deleting user’s files if the ransom isn’t paid within a given period of time. BitKangoroo ransomware is the name of a cryptovirus. The extension it places to all files after encryption is .bitkangoroo. After encryption, a ransom note window will be displayed with instructions on how to pay the demanded ransom. Once a computer has been infected, the malware starts encrypting user’s files using AES-256 encryption and appends the .bitkangoroo extension to each of the affected files. Once the process has been completed, the ransomware displays a window informing the victim that their files have been encrypted and that a 1 Bitcoin ransom should be paid to decrypt them. The note warns that one file will be deleted every hour until the ransom has been paid, and also displays a countdown. When deleting the encrypted file, the malware also resets the timer to 60 minutes, Bleeping Computer’s Lawrence Abrams reveals according to news published by Security Week.

Cyber Security Tips: To prevent from such ransomware keep using reputed antivirus, use antimalware and avoid opening spam mails, keep a backup of your data, avoid to click on any link without verifying.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: