Data Security News Headlines 21st September 2017

  1. Kareena, Sonam Kapoor’s Veere Di Wedding Instagram Hacked

New Delhi: The shoot for Kareena Kapoor Khan, Sonam Kapoor and Swara Bhaskar’s much-talked-about movie Veere Di Wedding is underway. The makers of Veere Di Wedding created an official account on social media in order to keep everyone posted on the latest happenings at the sets of the movie. But according to the report, the profile image of Veere Di Wedding’s Instagram account was reportedly changed to a sketch of a monkey and the description read, “I am paki papu bhai (sic)” along with a Pakistan flag emoticon. The social-networking company retrieved the account and traced the hacker’s origin to the neighboring country.

Cyber Security Tips:  To prevent from such hacking you are strongly recommended that keep your account secure with a strong password, enable two-way authentication and beware of the phishing scam.

  1. Hacker Can Steal Data from Air-Gapped Computers Using IR CCTV Cameras

An air gap, air wall or air gapping is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network. According to the latest report hackers can steal data from these computers, Security researchers from Ben-Gurion University in Israel have previously demonstrated several ways to extract sensitive information from air-gapped computers. Now, the same University researchers have discovered another way to steal confidential information from air-gapped computers – this time with the help of infrared-equipped CCTV cameras that are used for night vision. Researchers have developed a new attack scenario, dubbed aIR-Jumper, which includes an infected air-gapped computer and an infected CCTV network, assuming that both networks are isolated from each other, and none of them is Internet-connected. To read and send data, the aIR-Jumper malware installed on air-gapped computer and CCTV network blink IR LEDs in morse-code-like patterns to transmit files into the binary data, i.e. 0 and 1. Using this method attackers can simply capture the blink of the CCTV using their own camera and can decrypt the data later.

Cyber Security Tips: To protect from such hacks users are strongly recommended that always keep your devices up-to-date, change default credential and keep using antivirus to detect such a malware.

  1. Viacom Left Sensitive Data And Secret Access Key On Unsecured Amazon Server

Viacom is an American multinational media conglomerate with interests primarily in cinema and cable television. It is currently the world’s sixth largest broadcasting and Cable Company in terms of revenue— behind Comcast.  According to the latest report, Viacom left sensitive data and secret access key on unsecured amazon s3 server. A security researcher working for California-based cyber resiliency firm UpGuard has recently discovered a wide-open, public-facing misconfigured Amazon Web Server S3 cloud storage bucket containing roughly a gigabyte’s worth of credentials and configuration files for the backend of dozens of Viacom properties. These exposed credentials discovered by UpGuard researcher Chris Vickery would have been enough for hackers to take down Viacom’s internal IT infrastructure and internet presence, allowing them to access cloud servers belonging to MTV, Paramount Pictures, and Nickelodeon. Among the data exposed in the leak was Viacom’s master key to its Amazon Web Services account, and the credentials required to build and maintain Viacom servers across its many subsidiaries and dozens of brands.

Cyber Security Tips:  To prevent your data from being exposing you are strongly recommended that Enable AWS VPC Flow Logs, Use AWS Identity and Access Management (IAM), Enable AWS Cloud Trail logs for your account, enable alert by email, keep your account secure with strong password, make sure that you are using strong encryption methods  and keep monitoring your servers.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: