Data Security News Headlines 18th May 2017

  1. Common people should not fear ransomware attack: Adv. Nevagi

Pune, May 17: Common people should not fear the Ransomware attack. It is affecting more to the big corporations and organizations such as banks, manufacturing and service industry than individuals. These organizations must start working on their cyber security immediately expressed Advocate Mr. Abhay Nevagi, noted High Court Lawyer and Cyber Law Expert. He was speaking at a press conference organized by ANA Cyber Forensic Private Limited to spread awareness about the ongoing Ransomware attack across the world. Mr. Bikram Chaudhuri, Partner, Mr. Dhanesh Rale, Partner and Mr. Chirayu Mahajan, a Cyber Forensic Expert from ANA Cyber Forensic Private Limited were also present during the conference.  Adv. Nevagi explained the ramifications of the recent ransomware cyber-attack and presented the important precautions that could be taken from now on. Mr. Chirayu Mahajan also revealed technical information and performed a demonstration of the ransomware attack. Mr. Chirayu also said that it is safe for common people to use their ATM cards and machines and perform online transactions or use internet banking as the ransomware is not affecting them. Mr. Chirayu also explained the technical details of the WannaCry ransomware. He explained that from May 12, the malicious software named ‘WannaCry’ has started affecting the systems. It spreads through malicious links from any website or by downloading files sent from unknown sources.

Cyber Security Tips:  To prevent yourself from WannaCrypt ransomware users are strongly recommended to  install  patch release by Microsoft, keep yourself up-to-date, if you are using unsupported windows system apply the emergency patch released by Microsoft today, modify your firewall configurations to block access to SMB ports over the network or the Internet, Disable SMB, Keep your Antivirus software up-to-date, Backup Regularly and be aware of phishing.

  1. Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

Joomla is a free and open-source content management system (CMS) for publishing web content. It is built on a model–view–controller web application framework that can be used independently of the CMS.  If your website is based on the popular Joomla content management system, bad news for you.  The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company. The team does not provide any technical details related to vulnerability. But the SQL vulnerability could allow an attacker to code injection. This critical vulnerability has been patched by the company.

Cyber Security Tips:  Administrators are strongly recommended that update your Joomla content management system as soon as possible.

  1. DocuSign Data Breach Led to Targeted Email Malware Campaign

Currently, all IT teams are busy in protecting themselves from WannaCry Ransomware, but according to new report two separate data breaches have been reported, one in DocuSign, and another in BELL, Canada’s largest telecommunications company.  DocuSign is a San Francisco- and Seattle-based company that provides electronic signature technology and Digital Transaction Management services for facilitating electronic exchanges of contracts and signed documents. An unknown hacker or group of hackers managed to breach one of the electronic signature technology provider’s email systems and steal a database containing the email addresses of DocuSign customers. The breached data includes names, physical addresses, passwords, social security numbers, credit card information or any other information had been accessed by the attackers.

Cyber Security Tips:  DocuSign users are strongly recommended to delete any email with the following subject line:

Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature

Completed: [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature

Avoid to open any spam emails and change your passwords with a strong one.

  1. Zomato Hacked; 17 Million Accounts Sold on Dark Web

Zomato is a restaurant search and discovery service founded in 2008 by Deepinder Goyal and Pankaj Chaddah. It currently operates in 23 countries, including India, Australia, and the United States. It provides information and reviews on restaurants, including images of menus where the restaurant does not have its own website. According to new report hacked Zomato and selling the data of its 17 million registered users on a popular Dark Web marketplace. The database includes emails and password hashes of registered Zomato users while the price set for the whole package is USD 1,001.43 (BTC 0.5587). The company does not give any statement on it.

Cyber Security Tips:  Users are strongly recommended that reset your password as soon as possible and use a strong password for it.

  1. PK’s Twitter account hacked!

Tollywood actor Pawan Kalyan’s twitter account has been hacked and unidentified elements recently. Pawan being a responsible person and star in the Telugu film industry, we are more than worried what the miscreants would post on his official page,” said the party’s vice president Mahendar Reddy. The cyber security team is also analyzing whether there are any political forces behind the hacking Sources have claimed that the Twitter account was hacked three days ago. Pawan had issued an official statement addressing the concern of fans and followers over the unexpected incident.

Cyber Security Tips:  To prevent from such account hacking make sure that you are using strong password, keep changing your password regularly, and enable two-way authentication

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: