Support our Sponsors

uClip Clipping Path Service

Main Menu
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions

feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
Feds Catch Hacker Supposedly Responsible for Hacking Linkedln PDF Print E-mail
Written by Administrator   
Tuesday, 25 October 2016 07:00

FBI is looking for a 29-year old Russian man, name was yet to be disclosed, to face the charges related to hacking targets in US. The police issued a statement saying that the man was arrested in Prague, capital of the country, after red notice issuance by Interpol early this month for arrest of the suspect.

On Wednesday, Linkedln Corp (LNKD.N) says that arrest was in connection to a breach happened in 2012 at the company. The social networking company claimed that the breach might have compromised user credentials of 100 million, and thus prompted to launch huge password resetting operation. posted on October 19th, 2016, as per the statement issued by Linkedln that "following the 2012 breach of LinkedIn member information, we have remained actively involved with the FBI's case to pursue those responsible."

The company further said that "we are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity".

Czech police told that the court would take a decision on whether to deport suspect to United States. TASS, the news agency of Russia, hinted that Russia might fight any attempt of extradition. US and Czech authorities refused to confirm whether this man was the suspect in Linkedln breach, or reveal the filed charges against him. Although, suspect was not connected with the recent cyberattacks in US, which were politically motivated.

Now the court will decide about the suspect, whether or not he will be deported to United States. Russia is believed to fight against this attempt. This year the Linkedln attack has reappeared after lying dormant for four years, once the stolen accounts number during the breach increased from over 6 million accounts to more than 117 million. The leak source was a seller, named Peace. This seller also became famous for selling the accounts related to dating sites Badoo and Fling, as well as VK.Com, which is a social networking giant of Russia.

This month, US government blamed Russia for cyber attacks campaign against the Democratic Party organisations just ahead of presidential election to be held on 8th November. However, Vladimir Putin, Russian President, has said that Russia has no benefit in any hacking scandal.

Read more... - Feds Catch Hacker Su...
Massive Card Theft in India Raises Alarm PDF Print E-mail
Written by Administrator   
Tuesday, 25 October 2016 07:00

India is going through the turmoil of a very big data hack as cyber-thugs stole a huge 3.2m payment cards recently. The aftermath is that banks are moving fast to issue fresh cards even as they request card owners to reset their security codes. Authorities have confirmed that the hack is due to malware that had targeted Hitachi Payment Services, a platform where point-of-sale (PoS) and ATM facilities are available. A total of 2.6m affected cards belong to the widely used MasterCard and Visa branches of card facilities, The Economic Times reports.

Encouragingly, despite the hack, share values of banks increased at Bombay Stock Exchange (BSE) when Axis Bank stock value was up 0.6%, Yes Bank -1.3%, SBI -2% and ICICI Bank -4.7% at market trade end on October 20, 2016. In the meantime, the Reserve Bank of India stated the same day that it was issuing fresh regulations for the card companies whereby they must necessarily comply with the Payments Act else pay a fine starting from INR 5 lakhs and going up to INR 1 crore.

Certain card companies were recipients of complaints from card-holders that their cards had been unlawfully used in China. Consequently, a forensic audit by the National Payments Corporation of India is ongoing under an investigation into the incident while efforts are on for preventing fraud. posted this, October 20, 2016.

Giving his comments to over e-mail, Shane Stevens Security Director for VASCO Data at Omni Channel Identity and Trust Solutions wrote that it was only natural that financial institutions, vendors and merchants were extremely worried since it was simply not evident as to whose software or devices one could rely on. The financial infrastructure of India had encountered a severe blow; however, PoS attacks wouldn't end there until it was relayed how urgent it was to fully assess every PoS solution that banking, travel and energy sectors used, Stevens emphasized.

Malware is created for seizing data on PoS devices, among other systems. If security breaches are disclosed it helps card issuers minimize frauds. India is on the way to set breach disclosure standards.

Read more... - Massive Card Theft i...
Australia to Enact Laws for Notifying Data Hacks PDF Print E-mail
Written by Administrator   
Monday, 24 October 2016 07:00

Australia is trying to enact laws under which consumers would be notified about data hacks. This' the third effort for approving the laws after both Coalition and Labor governments stranded passage of the laws inside the Senate.

The country at present doesn't have a data hack notification act even though the Joint Parliamentary Committee on Intelligence and Security issued a recommendation during February 2015 for breach notification acts to be formulated for Australia by 2015-end. The legislation was suggested to be before the compulsory data-retention acts' implementation.

Michael Keenan Justice Minister initiated legislation on October 19 for the imposition of compulsory hack notification program for organizations, agencies as well as entities that the Privacy Act regulates.

The Minister told parliament that information regarding a serious hack to consumers would let potential victims towards adopting measures for safeguarding themselves. posted this, October 19, 2016.

There's a similarity between the current period laws and the ones drafted during 2015. Both describe such notifications would be required solely when there's theft of credit card details, personal information, and tax filing number details along with the credit eligibility factor which causes real danger of severe damage to individuals.

The explanatory memorandum suggests that the laws don't intend to make all types of data hacks notified such as minor hacks wouldn't be appropriate to get informed as the administrative burden associated with it can be high for companies. Moreover, consumers may feel a 'notification fatigue' and no utility of a notification that doesn't initiate damage mitigation.

Entities coming under the acts would require informing the Australian Information Commissioner along with breach impacted individuals. In case it's not sure of a hack's occurrence, the impacted entity can investigate within 30 days about whether there's indeed requirement of issuing a notification.

Meanwhile, those not abiding by the acts would be penalized under which the Information Commissioner can ask for enforceable undertakings, start investigations, as well as issue civil penalties when there's repeated/severe encroachment of privacy.

Mark Dreyfus, Shadow Attorney General lately stated that the expected government of the Labor Party could actually enact the acts soon in anticipation of Coalition backing though.

Read more... - Australia to Enact L...
SBI Blocks More Than 6L Debit Cards due to Security Breach PDF Print E-mail
Written by Administrator   
Monday, 24 October 2016 07:00

As per SBI, in one of biggest card substitutions in the Indian Banking, around 600000 debit cards re-issue will be done to the customers whose cards are blocked because of the malware-related breach of security in non-State Bank of India ATM network.

Shiv Kumar Bhasin, Chief Technology Officer of the bank, said: "It's a security breach, but not in our banks' systems. Many other banks also have this breach right now". Bhasin said that customers using only the SBI ATMs are not affected. Customers of SBI are advised to use online option of "re-carding" or get in touch with the bank officials. posted on October 17th, 2016, that Bhasin said the customers can also use the internet banking for setting their PIN (Personal Identification Number).

After many ATM frauds cases where PIN of customers were hacked and the fraudsters have stolen the money, some banks issued the text messages whereas a few others sent emails to change the ATM PIN or sent fresh ATM pins to its customers. Fraudsters obtained specifics of the bank customers, and then withdrawn the money by use of forged ATM cards.

As per RBI website, active SBI debit cards on July 2016 was 20.27 crore; whereas associate banks of SBI had 4.75 crore debit cards that were active as per ToI report. SBI has blocked around 0.25% of the debit cards due to the malware.

Customers of SBI are not lone victims, as several private and foreign banks earlier have been ATM scam victims. The bank allegedly blocked debit cards for avoiding the misuse.

SBI had taken these precautionary measures in reply to the advisory message of the card network companies - Visa, NPCI, and Master Card, wherein different banks of India are informed regarding a possible risk to few cards because of the data breach.

All the banks are told by RBI to upgrade its debit cards into chip-based EMV cards, as it contain extra security layers. The bank servers do not validate the information in chip-based card unless accurate PIN was used, while magnetic strip information was easily accessible.

Read more... - SBI Blocks More Than...
Vulnerability inside Intel Chips Can Cause System Compromise with ASLR Disabled PDF Print E-mail
Written by Administrator   
Monday, 24 October 2016 07:00

Vulnerability exists inside Intel's processors which can let miscreants evade security systems while insert malware, warn security researchers. This is possible on nearly all OSs (operating systems) as well as it facilitates software exploits to be more effective. The flaw, in case not plugged, could lead to far more potent malware assaults.

A defense mechanism known as "Address Space Layout Randomization" (ASLR) is used against one type of widely prevalent assaults which sneakily plant malware through the exploitation of security flaws within an application or operating system. ASLR benefits by generally minimizing damages from such exploits on PCs to an ordinary software crash and not any dangerous computer compromise. This it does by making locations random inside computer memory the place programs implant specific codes. And it is this ASLR defense technology that is effectively bypassed due to vulnerability inside Intel chips. Consequently, exploits are created which are far more efficacious compared to their impact without the vulnerability. posted this online dated October 19, 2016.

As said above ASLR randomizes code storing locations inside hard disk's memory. The result, malware is stopped from doing its task of determining the location of data storage as there's seemingly little sense in any particular memory's contents. So when ASLR is active, inbuilt exploits' effectiveness is reduced to some application crash rather than have the whole computer hijacked.

According to the researchers, ASLR, however, is not without fault. If there is vulnerability within Intel's processors, the security technology can be evaded. And if ASLR is disabled, malware attacks become far greater potent leading to serious consequences like causing an entire computer compromise.

Therefore, the vulnerability is an illustration about requiring chip manufacturers towards considering the particular security factor while developing fresh makes. If ASLR is turned off, malware attacks could lead to compromising a victim's application alternatively acquiring hold over a total system. While Intel hasn't remarked about the findings in public, it told Ars Technica about its probe into the researchers' study. Thus, it is not certain when, if at all, the company will issue a security patch to fix the flaw.

Read more... - Vulnerability inside...
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1456
The Spamproblem is
Who's online
We have 120 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us