Profile cover photo
Profile photo

Post has attachment
How Android Malware Steals Your Facebook Account Password
Add a comment...

22-Year-Old Hacker Pleads Guilty to 2014 Yahoo Hack, Admits Helping Russian Intelligence
Add a comment...

Post has attachment
Russian 'Fancy Bear' Hackers Using (Unpatched) Microsoft Office DDE Exploit
Add a comment...

Post has attachment
If you follow us on Twitter, you must be aware that since yesterday we have been warning Mac and Linux users of the Tor anonymity browser about a critical vulnerability that could leak their real IP addresses to potential attackers when they visit certain types of web pages.
Discovered by Italian security researcher Filippo Cavallarin, the vulnerability resides in FireFox that eventually also affects Tor Browser, since the privacy-aware service that allows users to surf the web anonymously uses FireFox at its core.
Dubbed by the researcher as TorMoil, the vulnerability affects Tor browser for macOS and Linux and not for Windows, but keeping in mind the security and privacy of Tor users, details about this flaw has not been yet publicly revealed.

Cavallarin, CEO of the security firm We Are Segment, privately reported the security vulnerability to Tor developers on Thursday (October 26), and the Tor developers have rolled out an emergency update Tor version 7.0.8.
According to a short blog post published Tuesday by We Are Segment, the TorMoil vulnerability is due to a Firefox issue in "handling file:// URLs."
Important: Tor Browser 7.0.9 is released (Linux/MacOS users) - Fixes a critical security flaw that leaks IP address
— The Hacker News (@TheHackersNews) November 3, 2017
TorMoil is triggered when users click on links that begin with file:// addresses, instead of the more common https:// and http:// addresses.
"Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address," the blog post reads.
"Once an affected user [running macOS or Linux system] navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser."
The Tor Project has currently issued a temporary workaround to prevent the real IP leakage.

So, macOS and Linux users may found the updated versions of the Tor anonymity browser not behaving properly while navigating to file:// addresses, until a permanent patch becomes available.
"The fix we deployed is just a workaround stopping the leak. As a result of that navigating file:// URLs in the browser might not work as expected anymore. In particular entering file:// URLs in the URL bar and clicking on resulting links is broken," the Tor Project said in a blog post published Friday.
"Opening those in a new tab or new window does not work either. A workaround for those issues is dragging the link into the URL bar or on a tab instead. We track this follow-up regression in bug 24136."
According to the Tor Project, users of both the Windows versions of Tor, Tails and the sandboxed-tor-browser that's in alpha testing are not affected.
The Tor Project also said there's no evidence the TorMoil vulnerability has been actively exploited by hackers to obtain the IP addresses of Tor users.
However, lack of evidence does not prove the bug was not exploited by nation-state attackers and skilled hackers, given the high-demand of Tor zero-day exploit in the market, where Zerodium is ready to pay anyone $1 Million for its exploit.
In an attempt to keep its users' privacy protected, the Tor Project has recently announced the release of Tor that includes support for the next generation onion services, with the integration of new cutting-edge encryption and improvement of overall authentication into its web service.
Add a comment...

Post has attachment
A massive data breach has seen the customer data of more than 46 million mobile subscribers in Malaysia leaked on to the dark web.
The leaked information includes mobile numbers, unique phone serial numbers, as well as home addresses.
Personal information from multiple Malaysian public sector and commercial websites was also stolen.
The Malaysian Communications and Multimedia Commission (MCMC) is now investigating.
The data breach was first discovered by Malaysian technology news website
The website was informed that someone was trying to sell huge databases of personal details for an undisclosed amount of Bitcoin on its forums.
Stolen data
The individual was trying to sell a huge amount of private customer information from at least 12 Malaysian mobile operators:
Enabling Asia
A huge amount of personal data was also stolen from and the:
Malaysian Medical Council
Malaysian Medical Association
Academy of Medicine Malaysia
Malaysian Housing Loan Applications
Malaysian Dental Association
National Specialist Register of Malaysia says it reported the incident to Malaysia's communications watchdog on 18 October, and that the MCMC initially made the website take its story down.
However, the MCMC confirmed the data breach a day later in a press statement released on Facebook, and then on Monday confirmed that 46.2 million mobile subscribers were affected by the data breach.
Entire country affected
It is believed that the entire country - Malaysia has a population of 32 million - might have been affected by the breach, as well as foreigners who were on temporary pre-paid mobile phone numbers.
Under Malaysian law, service providers are required to keep customers' personal data secure, so there will probably be legal repercussions.
Dr Mazlan Ismail, the chief operating officer of the MCMC, told the Malay Mail Online that it had met with all of the country's telecommunications companies to work out how the data breach had occurred.
"This is to ensure that they understand what is happening now, especially when the police, through the Commercial Crime Investigation Department, visit them to investigate," said Dr Ismail.
"Communications services cannot escape the security aspects, [service providers] must work together, and safety features are important to gain the trust of consumers."
Add a comment...

Post has attachment
A new widespread ransomware attack is spreading like wildfire around Europe and has already affected over 200 major organisations, primarily in Russia, Ukraine, Turkey and Germany, in the past few hours.
Dubbed "Bad Rabbit," is reportedly a new Petya-like targeted ransomware attack against corporate networks, demanding 0.05 bitcoin (~ $285) as ransom from victims to unlock their systems.
According to an initial analysis provided by the Kaspersky, the ransomware was distributed via drive-by download attacks, using fake Adobe Flash players installer to lure victims' in to install malware unwittingly.

"No exploits were used, so the victim would have to manually execute the malware dropper, which pretends to be an Adobe Flash installer. We’ve detected a number of compromised websites, all of which were news or media websites." Kaspersky Lab said.
However, security researchers at ESET have detected Bad Rabbit malware as 'Win32/Diskcoder.D' — a new variant of Petya ransomware, also known as Petrwrap, NotPetya, exPetr and GoldenEye.
Bad Rabbit ransomware uses DiskCryptor, an open source full drive encryption software, to encrypt files on infected computers with RSA 2048 keys.

ESET believes the new wave of ransomware attack is not using EternalBlue exploit — the leaked SMB vulnerability which was used by WannaCry and Petya ransomware to spread through networks.
Instead it first scans internal network for open SMB shares, tries a hardcoded list of commonly used credentials to drop malware, and also uses Mimikatz post-exploitation tool to extract credentials from the affected systems.

The ransom note, shown above, asks victims to log into a Tor onion website to make the payment, which displays a countdown of 40 hours before the price of decryption goes up.
The affected organisations include Russian news agencies Interfax and Fontanka, payment systems on the Kiev Metro, Odessa International Airport and the Ministry of Infrastructure of Ukraine.
Researchers are still analyzing Bad Rabbit ransomware to check if there is a way to decrypt computers without paying ransomware and how to stop it from spreading further.
How to Protect Yourself from Ransomware Attacks?
Kaspersky suggest to disable WMI service to prevent the malware from spreading over your network.
Most ransomware spread through phishing emails, malicious adverts on websites, and third-party apps and programs.
So, you should always exercise caution when opening uninvited documents sent over an email and clicking on links inside those documents unless verifying the source to safeguard against such ransomware infection.
Also, never download any app from third-party sources, and read reviews even before installing apps from official stores.
To always have a tight grip on your valuable data, keep a good backup routine in place that makes their copies to an external storage device that isn't always connected to your PC.
Make sure that you run a good and effective anti-virus security suite on your system, and keep it up-to-date.
Add a comment...

Post has attachment
Add a comment...

Post has attachment
Add a comment...

Post has attachment
Add a comment...

Post has attachment
Domino's blames data breach on former supplier's systems
Add a comment...
Wait while more posts are being loaded