Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Hackers Arrested
Cyber Crime Hackers Arrested

A Turkish mastermind of $55 million cyber spree handed over to the U.S.

A Turkish man, a mastermind behind three hacks that resulted in $55 million loss to the global financial system, has been extradited to the United States to face charges, the U.S. authorities announced on Wednesday.    

According to a news report published on Reuters, the prosecutors confirmed Ercan Findikoglu, 33, as the mastermind behind an organization whose hacks resulted in stolen debit card data being distributed worldwide and used to make fraudulent ATM withdrawals.

The prosecutors said that Findikoglu along with his friend hacked into the computer networks of three credit and debit card payment processors: Fidelity National Information Services Inc, ElectraCard Services, now owned by MasterCard Inc, and enStage.

After tapping into those networks, he hacked Visa and MasterCard prepaid debit cards that the processors serviced and caused the cards' account balances to be increased to allow large excess withdrawals.

Then the hackers group disseminated the stolen debit card information to heads of "cashing crews" around the world who in turn conducted tens of thousands of fraudulent ATM withdrawals.

The report says that the prosecutors said in February 2011 operation targeting cards issued by JPMorgan Chase & Co and used by the American Red Cross to provide relief to disaster victims noticed $10 million withdrawn across the globe.

A second operation compromised cards issued by National Bank of Ras Al-Khaimah in the United Arab Emirates, resulting in $5 million in losses in December 2012, court documents said.

Then the hackers compromised cards issued by Bank Muscat in Oman, allowing crews operating in 24 countries to execute 36,000 transactions over a two-day period in February 2013 and withdraw $40 million from ATMs, prosecutors said.

Authorities said that a New York cashing crew alone withdrew $2.8 million in the 2012 and 2013 operations. Thirteen of the crew's members have pleaded guilty.

According to the news report, the prosecutors said that Findikoglu and other high-ranking members of the scheme received proceeds in various forms, including by wire transfer, electronic currency or personal deliveries of cash.

The case is U.S. v. Findikoglu, U.S. District Court, Eastern District of New York, No. 13-0440.

The report says that Findikoglu pleaded not guilty during a hearing in federal court in Brooklyn, New York, after being extradited on Tuesday from Germany, where he was arrested in December 2013, the U.S. Justice Department said.

An indictment unsealed on Wednesday charged Findikoglu, who authorities say went by the online aliases "Segate" and "Predator," with 18 counts including computer intrusion conspiracy, bank fraud and money laundering.

Read more »
Hackers News
Breaking News Hackers News

Hackers hacked Polish Airline LOT

The computer system of Polish airline LOT was hacked, about 1,400 passengers were grounded at Warsaw’s Chopin airport.

The system was hacked around 4 pm local time (3pm GMT), used to issue flight plans. After five hours, the specialist came up with a solution.

The  spokesman Adrian Kubicki, of LOT told Reuters reporter that “delays meant 10 national and international flights were canceled, while more than a dozen more were behind schedule.”

With his interview to TVN 24 television, he described the incident as the “first attack of its kind.”

The airline provided seats for some passengers on the other flights, and offered accommodation for those who want to stay overnight.

Kubicki mentioned, “the passengers’ lives were not in danger at any point, and the airport itself was not affected.”

“We’re using state-of-the-art computer systems, so this could potentially be a threat to others in the industry,” he added.

Read more »
Cyber Crime
Cyber Crime

Mexican teenagers charged with cyberattack on Enfamil website

Three teenagers in Rio Rancho, New Mexico, have been charged with cyber attack on the Enfamil baby formula website.

Sylvain Jones, 16, Sergio Velasquez, 15, and Joshua Van Gilder, 17; students of V. Sue Cleveland High School attracted the interest of the FBI and Secret Service. Police have filed cases of criminal acts of computer abuse and conspiracy.

Police said the boys used a school computer shortly before the summer break for the purpose.  The high school authorities launched an investigation on May 20 after they came to know about the cyber attack from the Secret Service.

According to the school reports submitted to the police, the three students sent vulgar messages on the Enfamil website during their robotics class.

They told the school officials that they decided to harass people on the Enfamil live chat site, as in hopes of getting a reaction or weird reply. According to the school report, the harassment started from May 13 and continued till May 18.

Enfamil, then, blocked their access to the website. In retaliation, the boys asked other hackers to bombard the site with messages by hacking the hacker website with a personal device.

According to the district report, the students were identified by their login information.
Read more »
Cyber Crime Report
Cyber Crime Report

Hospital employee busted for leaking patient information

Eight people been indicted in an identity theft case, one of whom is a Montefiore Medical Center employee. Members of the ring used patient information to make thousands of dollars worth of purchases at retailers and department stores in Manhattan.

The case is being heard by Manhattan District Attorney Cyrus R. Vance, Jr. and the defendants are being tried in the New York State Supreme Court on various counts of Grand Larceny in the Second and Third Degrees, Identity Theft in the First Degree, and Criminal Possession of a Forged Instrument in the Second Degree.

Monique Walker, 32, was an employee at Montefiore Medical Center. As an assistant clerk in one of the hospital wings she had access to patients’ names, dates of birth, Social Security numbers, and other personal information. During 2012 and 2013, she supplied information of thousands of patients to her partners in crime at $3 per patient.

The fraud is to the tune of $50,000 and information of as many as 12,000 people who were patients at Montefiore Medical Center could be compromised.
Read more »
Vulnerability
Vulnerability

Vulnerability found in Apple devices that puts your password at risk

A group of security researchers have come forward with startling news that passwords and other data on your Apple devices might not be safe. The group has published their findings in a paper where they explain how Apple's devices could be hacked.

The paper explains that the way Apple writes its code to communicate between devices, they were able to hack in to the system by uploading an app with malware onto the Apple Store.

The app in turn downloaded secure data, that should not be accessible to anyone, to the hacker. The confidential data that the app was able to steal included passwords of bank accounts, emails and iCloud.

The team's lead researcher said that his team was able to gain unauthorized access to other applications on a Apple device.

The devices affected by this problem are the iPhone, iPad and Mac.
Read more »

Beware of fake SMS and emails as researchers detects yet another notorious Android malware


After the mobile banking trojan called Android.BankBot.65.origin which Android devices which could receive commands from host server and then exploit all the device vulnerability causing cyber criminals to steal money by intercepting and modifying SMS, the security researchers from Doctor Web Security have detected yet another Trojan for mobile devices designed to display fake SMS and email message notifications and to make users download malicious software.

The researchers wrote in the blog that users are likely to be deceived as these notifications resemble look like real ones. As a result they install some dangerous applications on their mobile devices “sponsoring” cybercriminals.

“Once the user taps such a notification, the Trojan downloads a special APK file from a remote server and plants another notification in the status bar. It initiates the installation process of the downloaded file,” the blog reads.

According to the research, majority of programs distributed in this manner are different Trojans including downloader Trojans, backdoors, and other dangerous software.

The researcher had detected the similar kind of Trojan in 2012, it attempted to make Android users download other malicious programs on their mobile devices.

“The fact proves that the described scheme of deception is still profitable and popular among cybercriminals,” the website explains.


The researchers said that the signature of Android.DownLoader.157.origin has been added to Dr.Web virus database. So, there is no threat to the users because of the malicious program.
Read more »
hacker news
Breaking News Defaced Website hacker news

Digital Constitution hacked, to promote online gambling

Digital Constitution, the Microsoft web site which protects online privacy in a digital world, was hacked to promote online casinos.

According to ZDNet, which first reported about the hacking, the Digital Constitution was running an older version of WordPress when the spammy links were discovered.

Though the links were removed from the front page in the hours following the ZDNet report, a variety of other pages continued link to the gambling sites.

The news reports says that it is unknown how long ago the site was hacked to promote online gambling, whether other Microsoft websites were hacked or not. It is still not clear who was behind the attack.

Ars Technica noted that it was not unusual for hack-by-numbers exploit kits to automatically inject malicious links into vulnerable pages that when viewed by vulnerable computers, perform drive by download attacks.

However, when the company was asked, the Microsoft answered not more than "it's fixed."

According to the news report, the attacker had injected text with keywords like "online casino," "poker, "craps," "roulette," and "blackjack." New pages were added to inject to show content that embeds content from other casino-related websites. 
Read more »
Cyber Security
Cyber Security

GarettCom launches new versions to tackle Magnum vulnerabilities

US-based company GarrettCom has produced new firmware versions to mitigate vulnerabilities in Magnum 6k and Magnum 10k product lines. Issues like authentication, denial of service, and cross-site scripting vulnerabilities have been encountered in those versions. All versions prior to 4.5.6 of both the product lines have been affected.

The vulnerabilities can be exploited remotely by executing arbitrary code on the target device.

However, operational environment, architecture, and product implementation are the factors on which the impact on the individual organizations is based.

Researchers have found multiple XSS (cross-site scripting) vulnerabilities in the web server present on the device, which can be exploited by an unauthenticated attacker.

CVE-2015-3960 has been assigned for the vulnerabilities related to the use of hard core credentials. The firmware contains hard-coded RSA private keys and certificate files, which are used by the server for SSH connections and HTTPS connections. There is a hard-coded password for a serial console connected high privileged user.

Memory can be corrupted by issuing a certain form of URL against the device’s web server.

These vulnerabilities can be remotely exploited and no known public exploits specifically target them.

 According to the ICS-CERT, the latest versions of GarrettCom Magnum 6K and Magnum 10K software fix these vulnerabilities. Version 4.5.5 was released December 2014, and Version 4.5.6 was released January 2015. Users may download the latest software version and release notes from the following web site:
http://www.garrettcom.com/techsupport/sw_downloads.htm

ICS-CERT recommends that users should perform access control checks to limit the user’s reach of the feature. Use an application firewall to detect XSS attacks. Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.


Read more »
DDOS Attacks
Anonymous Hackers Breaking News DDOS Attacks

Anonymous hackers taken down Canadian government websites

Anonymous hacking group hacked the several Canadian government websites and servers on Wednesday, in retaliation for a new anti-terrorism law passed by Canada’s politicians.

The sites which were affected by this cyber attack includes general website for government services, canada.ca, Canada’s spy agency, the Canadian Security Intelligence Service (CSIS).

According to the cabinet minister, Tony Clement, who is responsible for the Treasury Board, the attack has affected the email and the internet access. He confirmed this on his Twitter account.

 A video  has been posted on YouTube by Anonymous citing that the anti-terrorism law violated human rights and targeted people who disagree with the government.

The new Bill C-51, or the Anti-terrorism Act, 2015, would give new powers to CSIS and federal agencies to increase surveillance and share information about individuals.

Talking to the reporters of the guardian, the public safety minister, Steven Blaney, denounced the cyber attacks, “there were many other democratic ways for Canadians to express their views, and  the government was implementing efforts to improve its cyber security.”
Read more »
Twitter account hacked
Celebrity account Hacked Twitter account hacked

Katie Hopkins’ twitter account hacked, hackers threaten to post her sex tape

Photo Courtesy: The Independent 

A famous television personality and a columnist Katie Olivia Hopkins’ twitter account has been hacked this morning with tweets promising a link to a sex tape.

The hacker had posted tweets on her account like "Awell looks a like Katie Hopkins been sneak dissin too much ere", "New sex tape by katie hopkins in her email - 200 rts and we'll post the link", "Thanks for 200 retweets fam! Here's the sex tape link" along with changing her profile picture and twitter handle.

Today, the picture of Hopkins looks like a lady showing her double chins and her twitter handle changed to "jiggly jaws katie".

However, the hacker has removed the previous tweets from the account of the former Celebrity Big Brother contestant.

According to the news reports, the hackers posted a link and a video featuring an overweight man engaging in a solo sex act.

Now her account is called jiggly jaws Katie and is linked to porn sites.

Along with Hopkins, S Club 7 singer Hannah Spearritt’s twitter accounts was hacked this morning.

The cops have claimed that the hackers behind the leak of more than 100 private images of celebrities in various states of undress on imageboard 4chan on August 31 last year, the leak dubbed “The Fappening”, might have hacked the account of these two celebrities.

According to a news report published on Mirror, they contacted Katie's agent who replied: "Many thanks - we are dealing with it - cheers."
Read more »
Vulnerability report
Drupal Vulnerability Vulnerability report

Drupal Vulnerabilities: Update your installations as soon as possible


Drupal, an open source content management system which is used by several organizations including the White House, the Prince of Wales, British Council EAL and Amnesty International, has urged its users who are using either Drupal 6 or Drupal 7 to upgrade their websites versions immediately.

Drupal 6 users are requested to upgrade it to version 6.36 and Drupal 7 users to version 7.38.

The Drupal Security Team has released critical software updates in order to stop the flaws that leave numerous businesses and government organizations open to attack.

“A vulnerability was found in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts,” the company’s advisory reads.

“This vulnerability is mitigated by the fact that the victim must have an account with an associated OpenID identity from a particular set of OpenID providers (including, but not limited to, Verisign, LiveJournal, or StackExchange),” the advisory explains.

The vulnerability could allow the attackers to impersonate other users, including all-powerful administrators, and thereby gain control of an unpatched website.

“The Field UI module uses a "destinations" query string parameter in URLs to redirect users to new destinations after completing an action on a few administration pages. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users into being redirected to a 3rd party website, thereby exposing the users to potential social engineering attacks,” the advisory reads.

“Similarly, the overlay module displays administrative pages as a layer over the current page (using JavaScript), rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect vulnerability,” the advisory explains.

The vulnerability is mitigated by the fact that it can only be used against site users who have the "Access the administrative overlay" permission, and that the Overlay module must be enabled.
Read more »
Subscribe to: Comments (Atom)