Data Security News Headlines 10th July 2017

  1. Reliance Jio full database posted online

Reliance Jio is the largest 4G network in India offers high-speed mobile internet connection & an engaging digital ecosystem for a seamless digital experience. Millions of users are using reliance Jio today, according to the latest report, Reliance Jio customer data has been posted on a website by the name magicapk.com. Reliance Jio, which has over 120 million users in India, said prima facie. The site has since gone offline and is no longer accessible. The site has just a search box where you can enter any Jio number and get details of the customer in return. The researcher said that we tried with a number purchased on July 2, 2017, and the activation date, circle and name of customer showed up. The Aadhaar and email numbers were blank for this number. In a statement, a Reliance Jio spokesperson said prima facie the data appears to be unauthentic. “We want to assure our subscribers that their data is safe and maintained with the highest security. Data is only shared with authorities as per their requirement. We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken,” the spokesperson said in a written response.

Cyber Security Tips: Jio users are strongly recommended to reset their account password and keep monitoring your account.

  1. Navi Mumbai police’s website hacked

NAVI MUMBAI: The official website of the Navi Mumbai police department was recently hacked. The attacker had got access to the software programming, allowing the hacker to upload an audio visual clip. The clip was not political or communally sensitive but had a picture display with music in a foreign language. The breach was detected within 30 minutes and rectified by a Pune-based web designer. A FIR has been registered at CBD police station under the Information Technology Act and the cyber-crime cell cops have started an investigation. DCP (crime) Tushar Doshi said, “The hacking was detected by the police staff on July 1 around 7.15am. The post uploaded on the website was neither obscene nor provoking as the website is meant for public viewing across the world, it does not contain any sensitive data. Hence, the hacker could not have misused any information.

Cyber Security Tips: To prevent from such a website hack keep your website CMS up-to-date, keep your server secure, keep monitoring your website, utilize web application firewall to detect web-based attacks and do vulnerability assessment and penetration testing (VAPT).

  1. SpyDealer Rooting Malware Steals Data From Android Devices

Android devices have recently targeted by CopyCat malware, again new malware targeting Android devices called as SpyDealer. The Palo Alto network researcher has recently discovered this malware, which intercepting data from more than 40 apps.  The malware has a number of capabilities that allow it to extract personal information from a compromised Android device. According to the researchers, the malware has different versions. They are 1.9.1, 1.9.2 and 1.9.3. The latest version of the malware, 1.9.3, has all the configuration settings encrypted and contains an accessibility service which allows it to decrypt app databases. The malware takes data from 40 different apps that include Facebook, WeChat, WhatsApp and other social media and messaging apps. The malware is codenamed as GoogleUpdate and is available via third-party app stores. The malware works by gaining privileges in the infected device. It does this by rooting the device

Cyber Security Tips: To prevent from these malware users are strictly recommended that check while clicking any update notification, avoid to update using any link, beware of spam messages, avoid to click on any link and keep using updated antivirus.

  1. WWE Exposes Details of 3 Million Customers on AWS

The Kromtech researcher named Bob Dyachenko discovered that WWE left unencrypted personal details of more than 3 million customers exposed on AWS in at least two separate databases. The issue was reported to WWE on July 4, and the company swiftly removed them. WWE release statement on their website there is no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured. According to Forbes, all the stored data was held in plaintext, and included educational background, earnings and ethnicity, home and email addresses, birthdates, and customers’ children’s age ranges and genders where supplied.” Holding children’s age, sex and home addresses will be particularly concerning for privacy advocates.

Cyber Security Tips: To prevent from such a data leak, keep your data secure, keep your data stored in encrypted format, keep monitoring your database, improve the security of your cloud storage and check for the vulnerabilities.

  1. Authorities Shut Down Major Dark Web Child Porn Platform

Law enforcement authorities in Germany have shut down a major Dark Web child pornography website known as “Elysium.” The website which had around 87,000 members was a popular platform for people to exchange explicit images of children displaying physical and sexual abuse including toddlers. According to German federal police, Elysium was not a regular child abuse platform since its users also arranged meetings to abuse children physically. Elysium was run by a 39-year-old man from Hesse region of Germany while most of its visitors were from Austria and Germany. He was arrested on 12th June when his apartment was raided, and the police seized a server.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: