Cyber Security News

Web Browser company Firefox has introduced a new set of controls to make it easier for users to avoid online Firefox to Help Users Avoid Ad-Trackers on Latest Hacking News . from Latest Hacking News http://bit.ly/2UxDAqK

   A team of former U.S  government intelligence agency has recently developed a spy tool known as “Karma” that allowed the United Arab Emirates government to remotely hack the iPhones of activists, diplomats and Foreign leaders that can retrieve photos, emails, text messages and location data from the iPhones of the user. The tool cool is activated by simply loading the phone number or the email of the intended target, the target need not click on any link. Most of the spy tools work by fooling users to click on malicious link hence gathering their device’s sensitive information. According to the Reuters report, through the spy tool, UAE government was able to access emails, text messages, photos, location, passwords of the users which can be used further for other attacks. They said “A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help ...

In a press release published on 30th January, European aerospace corporation Airbus announced they were the victim of a security Airbus Data Breach Impacts European Employees on Latest Hacking News . from Latest Hacking News http://bit.ly/2FZe8qM

Love you malware changes tactics as it targets Japan and spreads the ransomware Gandcrab 5.1. Malspam campaign, “Love you,” named after Love You Malspam infecting victims in Japan ahead of Valentines Day on Latest Hacking News . from Latest Hacking News http://bit.ly/2G18c0v

FireEye has dubbed and exposed Iranian cyber espionage group APT39, as actors of a series of attacks on the Middle Iranian Cyber Espionage Group APT-39 linked to Middle East attacks on Latest Hacking News . from Latest Hacking News http://bit.ly/2t1UsK9

Facebook Twitter Google+ LinkedIn Disclaimer : Never try to reverse engineer apps, which are not developed by you. I’m not responsible for any damage you may cause to third-party developers using this tutorial, I insist that you should use this knowledge only to audit your own apps! So, your Android app was pirated ? You have Google in-app purchases, but someone published a full paid version for free on pirating websites? How is it even possible? Let’s try to understand and try to decompile APK file. Here is the guide. Not for pirates or hackers, but for developers — so you will know better your app’s security weak sides. In this tutorial, I will be using Mac OS X, but the tools I’m using are multi-platform — and you can install them also on Linux and even maybe Windows. To start with, you will obviously need the APK file of the app you want to reverse engineer. As it is your own project, you can get it from app\build\outputs\apk folder of your project, alternatively get it ...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: CBS News To effectively deter cyber aggression from the likes of Russia and other nation-state adversaries, the Trump administration’s rhetoric should better match its actions, advises retired Adm. Mike Rogers, who until recently served as director of the National Security Agency and Commander of U.S. Cyber Command, the military’s cyber warfare arm. “If we’re doing one thing but saying another, that’s not particularly effective,” said Rogers, who was nominated by President Obama in 2014 and announced his retirement from the dual role last June. “I think we need to make sure that we’re synchronizing between the statements and the actions of our senior-most leadership and the policies that we’re developing.” The Trump administration has imposed some of the toughest sanctions in years on top Russian of...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: India Times A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma, in a campaign that shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations. The cyber tool allowed the small Gulf country to monitor hundreds of targets beginning in 2016, from the Emir of Qatar and a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen, according to five former operatives and program documents reviewed by Reuters. The sources interviewed by Reuters were not Emirati citizens. Karma was used by an offensive cyber operations unit in Abu Dhabi comprised of Emirati ...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register Analysis  Uncle Sam has infiltrated and somewhat knackered what it claims is a North Korea-operated botnet of hijacked Microsoft Windows computers. US prosecutors reckon Park Jin Hyok – a suspected Sony Pictures and WannaCry hacker living in Kim Jong Un’s hermit nation – built and managed the Joanap botnet, a globe-spanning network of commandeered systems, and used it to launch further cyber-attacks on various targets. Here’s how systems were infected and press-ganged into the botnet, which has been running since 2009, as alleged: first, the Brambul malware, which is a Server Message Block (SMB) worm, infects public-facing boxes, and those on internal networks, via their Windows file-sharing services. It typically brute-forces its way into systems by guessing the ...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register Facebook has yet again vowed to “do better” after it was caught secretly bypassing Apple’s privacy rules to pay adults and teenagers to install a data-slurping iOS app on their phones. The increasingly worthless promises of the social media giant have fallen on deaf ears however: on Wednesday, Apple revoked the company’s enterprise certificate for its internal non-public apps, and one lawmaker vowed to reintroduce legislation that would make it illegal for Facebook to carry out such “research” in future. The enterprise cert allows Facebook to sign iOS applications so they can be installed for internal use only, without having to go through the official App Store. It’s useful for intranet applications and in-house software development work. Facebook, though, used the certificate to sign a...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits:  techcrunch India’s largest bank has secured an unprotected server that allowed anyone to access financial information on millions of its customers, like bank balances and recent transactions. The server, hosted in a regional Mumbai-based data center, stored two months of data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by customers of the government-owned State Bank of India (SBI), the largest bank in the country and a highly ranked company in the Fortune 500. But the bank had not protected the server with a password, allowing anyone who knew where to look to access the data on millions of customers’ information. It’s not known for how long the server was open, but long enough for it to be discovered by a securi...

With Sherlock you can search across a vast number of social platforms for a username. This is useful for information Sherlock – A Tool To Find Usernames Across Social Networks on Latest Hacking News . from Latest Hacking News http://bit.ly/2SixQDI

There could be numerous instances where accidentally clicking on the “delete” button leads to a loss of data. Or, clicking Review Of Stellar Data Recovery Software For Windows on Latest Hacking News . from Latest Hacking News http://bit.ly/2S08xGU

Earlier this month, a 4-year-old girl called Maya Tisdale was videoed by her parents taking her first independent steps. Maya was Scammers Steal Social Media Videos For Fake Fundraising Accounts on Latest Hacking News . from Latest Hacking News http://bit.ly/2BcMbYo

In an attempt to gather data on its competitors, Facebook has been secretly paying people to install a VPN to Facebook Pays Teens to Download a VPN App That Spies on Them on Latest Hacking News . from Latest Hacking News http://bit.ly/2FY9lGc

The European Union Agency for Network and Information Security (ENISA) reveals in its latest report that malware and web-based attacks ENISA’s Latest Threat Landscape Report Reveals Top Cyber Threats and Trends in Europe on Latest Hacking News . from Latest Hacking News http://bit.ly/2Wux45K

A number of Google services, including massively popular email service Gmail were down for some of the users. Google confirmed about the affected services on their website. Various Google services have been down since 5:20 PM IST. The affected sites include Gmail, Google Calendar, Google Drive, Google Docs, Sheets, Slides, Google Groups, Hangouts, Hangouts Chat, Hangouts Meet, Google Vault, Google+, and Google Forms. The affected users were receiving the 404 pages not found the error code. For most of the users, the services were restored by 5:47 PM. Services were restored at 6:09 PM IST, Google says “ The problem with Gmail should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google and we are making continuous improvements to make our systems better.” The exact geographical details for the disruption is not available b...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register A US court has nixed Yahoo ! ‘s attempt to settle a class-action lawsuit over the 2013 megahack, saying it’s fatally flawed. Judge Lucy Koh of the California Northern District in San Jose ruled[PDF] that a settlement proposed in October of 2018 was not acceptable, particularly in regards to the share of attorney fees and the opaque nature of the proposed payout for victims. Koh pointed out that the settlement appears to earmark a whopping $35m in payments for attorney fees that include a number of law firms and attorneys who weren’t even authorized to work on the case. “By the Court’s count, Plaintiffs’ lodestar [fee calculation] covers 143 attorneys from 32 firms,” Koh noted. “This Court only authorized five law firms to work on the instant MDL case. On February 1, 2018, the ...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register The government of Singapore is once again apologising for a serious breach of citizens’ privacy: this time, the personal details of 14,200 individuals who tested positive for HIV, and 2,400 of their contacts, have been published online. The country’s Ministry of Health (MoH) said it had been aware since 2016 that one Mikhy Farrera Brochez could be in possession of the information, but it had not announced this because Brochez had not published anything. It had, however, notified the individuals affected. The announcement comes just seven months after the personal details of 1.5 million patients held by the SingHealth medical giant were blabbed after a cyberattack. The country’s health ministry said Brochez had departed from Singapore last year, and while it didn’...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register The Mozilla Foundation has announced its intent to reduce the ability of websites and other online services to track users of its Firefox browser around the internet. At this stage, Moz’s actions are baby steps. In support of its decision in late 2018 to reduce the amount of tracking it permits, the organisation has now published a tracking policy to tell people what it will block. Moz said the focus of the policy is to bring the curtain down on tracking techniques that “cannot be meaningfully understood or controlled by users”. Notoriously intrusive tracking techniques allow users to be followed and profiled around the web. Facebook planting trackers wherever a site has a “Like” button is a good example. A user without a Facebook account can still be tracke...

Social media has made it easier for customers to complain to large companies. Many companies now have dedicated social media accounts Twitter Scammers Pose As Large Companies to Scam Unsuspecting Users on Latest Hacking News . from Latest Hacking News http://bit.ly/2DI0HsY

The Japanese Ministry of Internal Affairs and Communications revealed in a recent report that 2/3 of cyber attacks in 2016 Japanese Government to “Pen Test” Citizen’s IoT Devices Ahead of Olympics on Latest Hacking News . from Latest Hacking News http://bit.ly/2TkoBjH

The BBC in the UK has recently highlighted a problem affecting fans of some high-profile YouTubers. It seems they are A YouTube Social Engineering Scam Poses As Popular Influencer Accounts on Latest Hacking News . from Latest Hacking News http://bit.ly/2BaDrlH

Webvulnscan is a web application scanner that automates vulnerability assessment tasks. The tool can automatically detect different web application vulnerabilities Webvulnscan – An Automated Web Application Vulnerability Scanner on Latest Hacking News . from Latest Hacking News http://bit.ly/2MICPZa

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register Long read  “How do you eat an elephant? Nibble at it, nibble at it, a lot of little bites.” That was how Special Agent Jared Der-Yeghiayan infiltrated notorious dark web market the Silk Road and helped unmask site operator Dread Pirate Roberts, aka Ross Ulbricht. Der-Yeghiayan told an enthralled audience at France’s FIC2019 infosec shindig last week how, as a US Department of Homeland Security Investigations agent, he took over the online chat and forum accounts of key players in the Silk Road’s infrastructure – and headed off plans by hot-headed US law enforcement to blast the back wall off Ulbricht’s San Francisco home and fast-rope from helicopters into his top-floor flat. The Silk Road was a Tor marketplace, rather like eBay, where anonymous sellers traded drugs, firearms, illega...