Cyber Security News

Once again, a huge data breach incident has impacted millions of customers. The US-based bank holding firm Capital One Financial Capital One Data Breach Affected Millions Of US And Canada Citizens on Latest Hacking News . from Latest Hacking News https://ift.tt/2Mv0Bth

This shell is the ultimate WinRM shell for hacking/pentesting. WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol.  A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system adminsitrators. This program can be used on any Microsoft Windows Servers with this feature enabled (usually at port 5985), of course only if you have credentials and permissions to use it. So we can say that it could be used in a post-exploitation hacking/pentesting phase. The purpose of this program is to provide nice and easy-to-use features for hacking. It can be used with legitimate purposes by system administrators as well but the most of its features are focused on hacking/pentesting stuff. Features Command History WinRM command completion Local files completion Upload and download files List remote mach...

Once again, a firm has breached users’ privacy by exposing customers data publicly via an unsecured cloud server. This time, Indian Marketing Firm FormGet Publicly Exposed Users’ Documents Via Unsecured Server on Latest Hacking News . from Latest Hacking News https://ift.tt/2STBRMB

Capital One Massive Data Breach – 106 Million Customer Records, VxWorks Critical Vulnerabilities,  New Android Malware – Filecoder.C   Today’s Latest Hacking News Podcast #335 on Latest Hacking News . from Latest Hacking News https://ift.tt/2Mqg4eo

Residents of Johannesburg using pre-paid electricity meters were not able to load the electricity purchased from City Power and were also unable to purchase further electricity due to a ransomware attack which compromised City Power's database. Earlier, City Power said while the variant of ransomware utilized to carry out the attack remains unknown, they have the encrypted network, applications, and database being restored and rebuilt by their ICT department. Easing off the customers, Isaac Mangena, the utility's spokesperson, said, "We want to assure residents of Johannesburg that City Power systems were able to proactively intercept this and managed to deal with it quicker." "Customers should also not panic, as none of their details were compromised," Mangena assured. On Friday, City Power announced that their cybersecurity team identified the variant of malware which temporarily paralyzed the city's computer systems. Reportedly, the emai...

Cloakify Factory is a tool to transforms any file type into a list of harmless and even useless looking strings. Cloakify – A Tool to Mask Your Data in Plain Sight on Latest Hacking News . from Latest Hacking News https://ift.tt/2ymnS8F

Another day, another breach. This time, the victim turns out to be the French beauty and personal care brand – Sephora Suffered Data Breach Targeting Customers From Southeast Asia, Australia, and New Zealand on Latest Hacking News . from Latest Hacking News https://ift.tt/2LNX9dR

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register Wind River has patched 11 security vulnerabilities in VxWorks that can be potentially exploited over networks or the internet to commandeer all sorts of equipment dotted around the planet. This real-time operating system powers car electronics, factory robots and controllers, aircraft and spacecraft, wireless routers, medical equipment, digital displays, and plenty of other stuff – so if you deploy a vulnerable version of VxWorks, and it is network or internet-connected, you definitely want to check this out. This set of bugs seemingly primarily affects things like printers and gateways, we must point out. The vulnerabilities, discovered by security outfit Armis, can be exploited to leak internal device information, crash gadgets, and – in more than half of the flaws – execute malic...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register Exclusive  Think you have bad luck? Imagine being the script kiddie who inadvertently tried and failed to pwn an Akamai security pro. Larry Cashdollar, a senior security response engineer at the US-based global web giant, told us late last week he just recently noticed something peculiar in the logs on his personal website. Further investigation turned up signs of someone scanning for remote file inclusion (RFI) vulnerabilities. Anyone in charge of public-facing servers will know these boxes come under continuous scanning and probing by miscreants, bots, and security researchers. However, in this particular case, Cashdollar has today helpfully documented his findings as a heads up, or warning, to website admins and webapp developers. If anything, you should ensure your soft...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register A group of British infosec companies has written to UK prime minister Boris Johnson asking him to reform the Computer Misuse Act 1990, saying the act “has failed to keep pace with technological and market developments, inadvertently prohibiting a large component of contemporary threat intelligence research.” The companies, comprising NCC Group, Orpheus Cyber, Context Information Security and Nettitude, urged the winner of the Conservative Party’s recent internal leadership contest to bring about “legislative reform to bring cyber crime legislation in step with other regimes”. Key among the companies’ demands for reform is the introduction of “statutory defences that apply to accredited professionals who act ethically, in the public interest, to detect and prevent criminal activity.” ...

Institute For Ethical Hacking Course  and  Ethical Hacking Training in Pune – India Extreme Hacking  |  Sadik Shaikh  |  Cyber Suraksha Abhiyan Credits: The Register Scanning of random ports and the use of encrypted malware by online criminals is on the rise, according to a threat report by Sonicwall. By the end of 2018, around 20 per cent of all malware attacks (based on Sonicwall’s sampling of what it says were 700 million such intrusions) were coming through non-standard ports – a sum which had decreased by 13 per cent compared to 2018, it said. The company explained to  The Register  that “non standard” meant ports which are not in routine use by other programs, such as ports 80 and 443 for one’s web browser. “For the first half of 2019, that share dipped to 13 per cent globally due to below-normal volume in January (8 per cent) and February (11 per cent),” Sonicwall chief exec Bill Conner told  The Register . He added th...

Previously, Ehacking News reported that on July 16, it became known that the Ukrainian Security Service and the FBI detained hackers controlling 40% of the Darknet. Since 2007, members of the group have provided hackers and criminals from around the world access through Ukrainian networks in the Darknet. Intelligence service established that the organizer of the group is the citizen of Ukraine, a resident of Odessa Mikhail Rytikov (Titov). He got serious about hacking in Moscow in the mid-2000s. In 2007, he began to provide services to hackers around the world through Ukrainian networks, carefully hiding the actual location of his equipment. From time to time, Ukrainian, Russian, and American law enforcement officers found the equipment, confiscated it, but the hacker group soon resumed its activities. It turned out that about 10 accomplices were under command of Ukrainian hacker, as well as dozens of intermediaries in different countries and thousands of customers. Among them,...

Interview with Asaf Ashkenazi, Chief Strategy Officer of Verimatrix – Mobile Security   Today’s Agenda is as follows Interview with Latest Hacking News Podcast #334 on Latest Hacking News . from Latest Hacking News https://ift.tt/2LMJxQf

The innovativeness of hackers seems to have no end. Once again, they have worked out a means to evade security Phishing Campaign Exploits WeTransfer Alerts To Bypass Email Gateways on Latest Hacking News . from Latest Hacking News https://ift.tt/2YpDlPP

Global cyber-security solutions provider Check Point Software Technologies Ltd, released its “Cyber Attack Trends: 2019 Mid-Year Report”, revealing that no environment is immune to cyber-attacks. Threat actors continue to develop new tool sets and techniques, targeting corporate assets stored on cloud infrastructure, individuals’ mobile devices, trusted third-party supplier applications and even popular mail platforms: Mobile banking: With over 50% increase in attacks when compared to 2018, banking malware has evolved to become a very common mobile threat. Today, banking malware is capable of stealing payment data, credentials and funds from victims’ bank accounts, and new versions of these malware are ready for massive distribution by anyone that’s willing to pay. Software supply chain attacks: Threat actors are extending their attack vectors such as focusing on the supply chain. In software supply chain attacks, the threat actor typically instils a malicious code into legitim...

In the first half of 2019, the price of banking customer data has rapidly increased on the Darknet. Thus, the cost of obtaining data on cards or statements of operations increased by 3-7 times. At the beginning of the year, the client's account statement could be purchased for 2 thousand rubles ($ 32), now its cost can reach 15 thousand rubles ($ 238). According to the Positive Technologies analyst Vadim Solovyov, data on ATMs used by the client appeared on many sites, their price is from 8 thousand ($ 127) to 15 thousand rubles ($ 238). He noted, rather, this information can be used in traditional criminal schemes, for example, so that the fraudster's call to the client sounded more reliable. "If the cost has increased, it means that the methods of countering leaks in banks have significantly complicated the business of attackers", the Central Bank believes. The Head of the Information Security Department of the Open-Bank Vladimir Zhuravlev associated the pr...

Simple command line forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux. usbrip (derived from "USB Ripper", not "USB R.I.P." astonished) is an open source forensics tool with CLI interface that lets you keep track of USB device artifacts (aka USB event history, "Connected" and "Disconnected" events) on Linux machines. usbrip is a small piece of software written in pure Python 3 (using some external modules though, see Dependencies/PIP ) which parses Linux log files ( /var/log/syslog * or /var/log/messages * depending on the distro) for constructing USB event history tables. Such tables may contain the following columns: "Connected" (date & time), "User", "VID" (vendor ID), "PID" (product ID), "Product", "Manufacturer", "Serial Number", "Port" and "Disconnected" (date & time). Besides, it also can: export ga...

For all Microsoft Office 365 users who regularly use its webmail, yet expect to remain veiled, here is an irony. Microsoft Office 365 Webmail Shows Senders’ IP Addresses In Email Headers on Latest Hacking News . from Latest Hacking News https://ift.tt/2YaRUeJ

Another Magento card skimming attack is active in the wild. In this case, the attackers target the websites with codes Fake Google Domains Used To Target Magento Websites For Credit Card Skimming on Latest Hacking News . from Latest Hacking News https://ift.tt/2yimi7V

MemGuard- Secure Software Enclave For Storage of Sensitive Information in Memory This package attempts to reduce the likelihood of sensitive data being exposed. It supports all major operating systems and is written in pure Go. Features Sensitive data is encrypted and authenticated in memory using xSalsa20 and Poly1305 respectively. The scheme also defends against cold-boot attacks. Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage-collector. Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows. Effort is taken to prevent sensitive data from touching the disk. This includes locking memory to prevent swapping and handling core dumps. Kernel-level immutability is implemented so that attempted modification of protected regions results in an access violation. Multiple endpoints provide session purgi...

Researchers from Tenable have discovered numerous security vulnerabilities in Comodo Antivirus. For now, the users of this antivirus need to Multiple Vulnerabilities Discovered In Comodo Antivirus – Patch Pending! on Latest Hacking News . from Latest Hacking News https://ift.tt/2ZgKm6V

A key electricity supplier for the largest South African city, Johannesburg, experienced a massive ransomware attack which led to the shutdown of the city's computer systems on Thursday. In a series of tweets, City Power announced that the ransomware virus encrypted all their databases, applications and networks; all of which is being reconstructed by their ICT department. They further told that the customers may not be able to access their website and may not be able to purchase electricity units until the issue has been sorted out by their ICT department. As the website continued to be offline, the victims resorted to social media in order to report the issues occuring with their electricity supplies. The type of ransomware employed in the attack is still a matter of question, however, with the magnitude, the power of this cyber power attack can be gauged. Besides, restricting customers from buying pre-paid electricity, it also affected the attempts made by City Powe...

Another huge data leak incident comes up this time affecting Brazilian customers. A Brazilian financial service exposed massive customer records Brazilian Financial Service Exposed 250GB Of Local Banks’ Customers Data Via Unsecured Server on Latest Hacking News . from Latest Hacking News https://ift.tt/2MiDdiN

Most smartphone users love to watch innocent videos of babies, pets, and other cute moments. Interestingly, the hackers also like Android Media Framework Flaw Could Get Phones Hacked By Playing Malicious Video on Latest Hacking News . from Latest Hacking News https://ift.tt/2GxuIN8

After Facebook and Google, another firm has confessed incidental storage of users’ passwords in plain text. This time, it is Financial Service Robinhood Stored Customers Passwords In Plain Text on Latest Hacking News . from Latest Hacking News https://ift.tt/310SgBL

Selling a physical video game is easy. You can auction it on Craigslist or trade it to a friend for How to Safely Sell your Steam Account on Latest Hacking News . from Latest Hacking News https://ift.tt/2yenPM5

A free scheme known as, 'The No More Ransom project' which was founded by Europol, police in the Netherlands, and McAfee is recorded to have prevented cyber-attack victims from paying heavy ransoms and assisted over 200,000 people in saving approximately $108m (£86m). Along with advice and recommendations, the project delivers software which is configured to recover computer files that get encrypted during ransomware attacks. With the introduction of 14 new tools in the year 2019 itself, the project having over 150 global partners can now decrypt a total of 109 variants of infection. Referencing from the explanation given by, Steven Wilson, head of Europol's European Cybercrime Centre (EC3), “When we take a close look at ransomware, we see how easy a device can be infected in a matter of seconds. A wrong click and databases, pictures and a life of memories can disappear forever. No More Ransom brings hope to the victims, a real window of opportunity, but also deliv...