Data Security News Headlines 8th September 2017

  1. Equifax Hack Exposes Personal Info of 143 Million US Consumers

Equifax Inc. is a consumer credit reporting agency in the United States, considered one of the three largest American credit agencies along with Experian and the TransUnion.  Equifax is the oldest of the three agencies and gathers and maintains information on over 800 million consumers and more than 88 million businesses worldwide. According to the latest report, been compromised, exposing personal information of as many as 143 million Americans—that’s almost half the country. The company suffered a massive data breach somewhere between mid-May and July, which was discovered on July 29. Stolen data includes consumers’ names, Social Security numbers, birth dates for 143 million Americans, in some instances driving license numbers, and credit card numbers for about 209,000 citizens. The company said that some personal information for Canadian and British residents was also compromised.  It is not cleared yet how the data is being compromised said company spokesperson.

Cyber Security Tips:  Users are strongly recommended that reset their password for mail account as well as bank account as soon as possible, keep eye on your bank statement, avoid sharing any details with unknown and if any incident happened immediately contact with cyber sell.

  1. Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound

A team of security researchers from China’s Zhejiang University has discovered a clever way of activating your voice recognition systems without speaking a word by exploiting a security vulnerability that is apparently common across all major voice assistants and the attack is called as dolphin attack. The attack technique works by feeding the AI assistants commands in ultrasonic frequencies, which are too high for humans to hear but are perfectly audible to the microphones on your smart devices. With this technique, cyber criminals can “silently” whisper commands into your smartphones to hijack Siri and Alexa, and could force them to open malicious websites and even your door if you have a smart lock connected. The attack works on every major voice recognition platforms, affecting every mobile platform including iOS and Android. The attack takes advantage of the fact that human ears generally can’t hear sounds above 20 kHz. But the microphone software still detects signals above 20 kHz frequency. Since smartphone allows users to do a broad range of operation via voice commands like dialing a phone number, sending short messages, opening a web page, and setting the phone to the airplane mode, the researchers were able to order an iPhone to dial a specific number. Once your smartphone compromised it instruct a device to perform several malicious tasks including visiting a malicious website, spying, inject fake information, Denial of service and much more.

Cyber Security Tips: Device manufacturers are recommended to make some hardware alterations to address this vulnerability and end users are strongly recommended that turn off voice assistant apps.

  1. Phishing Scam: Hackers Steal $11 Million from Canadian University

Hackers are targeting users using phishing to steal money. According to the latest report hackers stolen $11 million from the Canadian university. A couple of weeks ago on August 23rd in Edmonton, Alberta; Canada based MacEwan University revealed that their staff fell for a phishing scam resulting in a wire transfer of whopping $11.4 million. According to the official statement on August 31st, 2017, unknown hackers sent “a series of fraudulent emails and convinced staff to change the electronic banking information for one of the institution’s major vendors. Unfortunately, the staff sent the aforementioned amount to the account details provided by the hackers without verifying. The main reason behind the successful feat against MacEwan University was the lack of knowledge of their staff regarding online threats.

Cyber Security Tips:  To prevent yourself from such a hacking you are strongly recommended that beware of such spam mails, never transfer amount to the unknown person, if you received any mails regarding account change you are strongly recommended that verify the account details sent, contact with the client, vendor before transferring amount.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: