Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
93.4m Mexican Voter Details Posted as Publicly Accessible PDF Print E-mail
Written by Administrator   
Friday, 29 April 2016 07:00


Chris Vickery, Researcher from MacKeeper reports that he found a database which was publicly accessible from one AWS server, and so unprotected while consisting of 93.4m voter details of the Mexican population. The details comprise voters' names, birth dates, occupations, postal addresses, registration IDs for voting besides other information.

To notify about the breach, Chris Vickery, America-based computer security investigator contacted the Mexican officials. Vickery, who's employed at Kromtech, and develops anti-virus software for MacKeeper, detected the voter information on 14th April on a cloud server for Amazon Web Services (AWS). He eventually managed to contact the authorities belonging to INE, who then cleared the server off the database.

In the meantime, Elections Commissioner of Mexico substantiated authenticity of the database, which has been made secure. However, the problem causing annoyance is what other source had acquired admission into the sensitive information, as also what source posted it onto an American Amazon cloud system.

Towards the end of 2015, Vickery had reported unearthing one improperly configured database having 191m American voters' details. Nonetheless, differently from within USA where a greater part of such data is already accessible to the public, Mexican law solely lets voter database to be used for authentication, while the data mustn't be freely viewable.

Following the incident, INE stated that the database consisted of one voters' list accumulated during February 2015. A criminal grievance has been filed even as the organization is conducting an investigation, however, clues are absent to substantiate that an unauthorized source obtained the information because of a security hack.

Officials from INE said to DataBreaches.net that political parties had been provided with the data and they were presently making efforts for locating the person(s) behind the incident. It is not clear whether anyone else besides Vickery accessed the server and took down the details, nevertheless, INE hopes Amazon would provide the answers to the problems. Securityweek.com posted this online dated April 25, 2016.

Meanwhile according to INE, it has sought prosecution of the entity that would be found accountable towards posting the registered voter details of Mexican people onto the AWS server.

Read more... - 93.4m Mexican Voter ...
 
Anonymous Hacktivist Group Member Detained Over COMELEC Attack PDF Print E-mail
Written by Administrator   
Friday, 29 April 2016 07:00


Anonymous the hacktivist collective, on 27th March, attacked Philippines' Comelec website followed with modifying its content to prove they believed the whole procedure of election in the country was extremely vulnerable. The collective as well exposed all of the voters' data on the Internet. Now, it's being reported that authorities have arrested one hacker from the collective.

On Thursday, the National Bureau of Investigation substantiated detention of the alleged law-breaker understood to be behind breaching the Philippines Commission on Elections online site Comelec.

Virgilio Mendez, Director of NBI stated officers caught the alleged hacker on Wednesday night based on intelligence the Cyber-crime Division of NBI gathered. The hacker, reportedly, just graduated in IT, however, the officials declined from telling the institution's name.

NBI Cyber-crime Division chief Ronald Aguto said they spent nearly 3 weeks till the arrest was made, adding that they continued to hunt for 2 more hackers also belonging to the collective and behind the hacking.

Moreover as per NBI, alongside Comelec, 25 other websites of the government have been defaced. Of the hacked sites, authorities pointed the websites belonging to the government of Dipolog City, the Civil Service Commission, as well as Philippine Atmospheric, Geophysical and Astronomical Services Administration (PAGASA).

Investigators state that the hacker, Biteng's profuse actions enabled them trace his location while he left many clues showing his association with the Comelec breach as also disclosing his real identity. Softpedia.com posted this, April 23, 2016.

Now ever since the incident, one technical task group has been created for the Comelec which's expected to retrieve all of the hijacked data, take care of the website's security while ensure no repeat of the happening.

According to Trend Micro the technical company, the website breach along with the data leakage from Comelec endangered the details belonging to 55m registered voters within Philippine while they became susceptible to ID-theft. The company reported that possibly the Comelec breach was the greatest historically happening data-hack for any government.

Meanwhile, Comelec assuaging people's fears promised that critical biometrics data of the voters were not contained inside the online exposed database. The hack only consisted of 228,000 e-mail ids.

Read more... - Anonymous Hacktivist...
 
Anti-ad-blockers to get Banned in EU PDF Print E-mail
Written by Administrator   
Friday, 29 April 2016 07:00


In a new development, many websites receiving high traffic are stopping Web-surfers from entering every time these websites detect that the surfers' browsers have active filters that block ads, the filters being Adblock Plus and uBlock Origin. The ad-blocker stopping tools characteristically provide an option to offending readers i.e. either their blockers will be disabled through the site's white-listing, alternatively they would have to pay a minimal amount of subscription fee for letting the lights continue to be on.

However, Europe mayn't be following the practice because here utilizing these detection tools likely means infringing upon local privacy acts, explains a European Commission written letter.

Think Privacy Inc.'s CEO Alexander Hanff in a letter addressing President of EC Jean-Claude Juncker during the winter requested to explain the language exactly used in the Cookie Law of e-Privacy Directive.

The purpose of Hanff's letter was getting a clarification whether the cookie legislation associates solely with browser cookies alternatively with usual collection of any data that is saved on such paraphernalia that belong to the end-users' privacy area and thus require protection.

Alexa, a web-analytics company, gives statistics showing that the practice of implementing ad-blocker filter has by now become highly debatable, ever-since malware has been extensively spread through ad-networks. The ad-networks are used like a defense for Internet-based write-ups, which rely upon ad revenue, while the general collective of online readers apparently is suffering on websites which employ anti-ad-blocking solutions, indicates the company. Motherboard.com posted this, April 23, 2016.

Further there's no distinction the ad-blocker stopping tools make among tracker-blockers and ad-blockers. The tracker-blockers namely Privacy Badger and Ghostery don't filter ads, however, create obstacles for intermediate party tracking scripts in garnering huge volumes of data pertaining to end-users' browsing activities.

Currently, according to Hanff, he'll make the EC's letter a document based on which many legal challenges would be made against companies which employ ad-blocker-blocking tools. Soon he will as well establish a website where surfers would locate the sites, which employ the code, in order to identify the potential defendants. Unfortunately, that doesn't augur well for firms which plan towards filtering anti-ad plug-ins.

Read more... - Anti-ad-blockers to ...
 
FIN6 Found as Criminal Gang Stealing Payment Card Data on Weak Pos Systems PDF Print E-mail
Written by Administrator   
Thursday, 28 April 2016 07:00


Cyber-criminals have made their attacks twofold as they target PoS (point-of-sale) devices in U.S and continue to utilize the transactions based on magnetic-stripe payment cards that provide an opportunity to exploit the vulnerable prone systems.

And though it's not clear what way FIN6 the cyber-criminal gang that seizes credit/debit card information and monetizes it, compromises unwitting users, Threat Intelligence at FireEye in one fresh report stated that in a particular instance, which Mandiant investigated, it was found that one different threat actor at first hijacked a victim PC using GRABNEW malware.

FIN6 is one gang of cyber-criminals, which FireEye traced and found its core activity as grabbing payment card data to churn profit as well as being behind theft of millions of credit and debit card details during 2015 from PoS systems via hacks carried out in the hospitality and retail businesses that the Mandiant team of FireEye later investigated. Darkreading.com posted this April 21, 2016.

The FireEye report is unique because the company's investigation goes beyond technicalities of the attack like the exploits and attack mediums within PoS assaults. Rather it's shown in the report what way, hitherto undocumented, crooks jointly work for reaching inside a network, plant on it malicious software, seize card data followed with selling the same for black money.

The security company would not substantiate what were the latest payment card hacks by FIN6; however, states that the gang continues to remain active and successfully filch bank card information.

Also according to the report, researchers have recognized filched information, actually belonging to many FIN6's victims, getting traded during 2014 that indicates the information possibly ended up within fraudsters' grasp worldwide. Every time, the filched information started getting seen on "dump shops" referring to card stores in 6-months time of a hack's beginning. And soon as it got posted, buyers quickly emerged to exploit it.

The host to these dump shops is Dark Web where stolen data are bought and sold for executing financial fraud activities. Over time, FIN6 was able towards stealing information from 20m credit cards that after the gang sold on dump shops earned it more than $400m.

Read more... - FIN6 Found as Crimin...
 
SpyEye Creators to Serve Prison for 9+, 15 Years, Respectively PDF Print E-mail
Written by Administrator   
Thursday, 28 April 2016 07:00


Two hackers have been ordered to serve jail for a combined period of over 24 years after convicted of creating as well as selling the notorious kit used for making a botnet called SpyEye that could aid in infecting innumerable PCs with malware as also grabbing millions from gullible end-users.

The sentence executed in Georgia and Atlanta were respectively announced for 27-yr-old Aleksandr Panin, the malware's developer living in Tver, Russia, for 9-yrs and 6-months, and 27-yr-old Hamza Bendelladj living in Tizi Ouzou, Algeria for 15-yrs, because he allegedly spread the malware and operated a C&C server of it. The authority announcing Panin's sentence was Judge Amy Totenberg of U.S District Court.

SpyEye, notably is a Trojan virus, which after embedding itself onto infected end-users' PCs, steals crucial credentials like credit card details, bank account information, PIN codes and passwords. Dw.com posted this, April 21, 2016.

When the Trojan gained control of a PC, it let the hackers dupe users into divulging their private information, which it subsequently transmitted towards the malware owner's computer server who'd utilize it for accessing those users' financial accounts.

Panin, according to prosecutors, connived with Bendelladj nicknamed Bx1 and a man from Algeria who dispatched over 1m spam mails carrying SpyEye along with associated malware onto PCs in USA. The result, innumerable computers became infected. Bendelladj created SpyEye add-ons too which helped make the funds' theft out of victims' bank A/Cs as well as further distribute ZeuS and SpyEye, automatic. As accords to officials, he captured nearly 500,000 people's personal information and caused financial institutions and individuals from different parts of the globe lose dollar in millions.

Mark Ray, Special Agent of FBI boar witness that Panin connived with more criminals for advertising SpyEye via cyber-offence forums as well as selling the malware's different versions priced at a maximum of $10,000 (EUR 8,850). Panin, understandably, sold the malware to over 150 customers.

Ray described SpyEye as much easier to use compared to most as also letting users modify it according to their desired modes of garnering private data. USA officials detained Panin in Atlanta airport during July 2013.

Read more... - SpyEye Creators to S...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1393
Polls
The Spamproblem is
 
Who's online
We have 99 guests and 1 member online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us