What Will WhatsApp Leak About You?...

Hello folks, The new calling feature of WhatsApp lets quite a few details to be collected from the app’s network such as phone numbers and phone call duration. The study regarding this was conducted at the University of New Haven’s Cyber Forensics Research & Education Group, and the results were outlined in a paper published in the scholarly journal, Digital Investigation. The article was co-authored by F. Karpisek of Brno University of Technology in the Czech Republic, Ibrahim (Abe) Baggili and Frank Breitinger, co-directors of the Cyber Forensics Research &...

Janitza Power Analyzers are Found to be ...

Good Evening Everyone ! Janitza Electronics, is a Germany-based company that specializes in the development of energy efficiency systems. Several vulnerabilities have been found in their power quality measurement products recently. Researchers at ICS security firm Applied Risk, identified flaws that affect Janitza’s UMG 508, UMG 509, UMG 511, UMG 512, UMG 604, and UMG 605 power analyzers. According to ICS-CERT, these products are deployed in the energy sector in Europe, the Americas and Asia. The researchers discovered existence of an undocumented default password that...

Ashley Madison Customers Facing More Tro...

Hi all, Good Morning ! Cyber-security company, Digital Shadows predicted that Ashley Madison customers would get extorted following the site’s data breach. The extortion have come to light when Digital Shadows noticed a WordPress user, ‘ernieman’ posted that he had been threatened by an individual claiming to represent sharingservices [@] aol.com. Similar email addresses had been reported by other users as well. These emails have mentioned that the recipient was a customer of the  extramarital affair site, Ashley Madison, and must pay one bitcoin, currently...

9 Fraudsters of a Criminal Network Arres...

Hello again everybody! Detectives have arrested 9 members of an organized criminal network responsible for defrauding bank customers across the UK out of approximately £60 million. On Wednesday, 21 October, 14 addresses in Ilford, Watford, Slough and Scotland were raided  by the Metropolitan Police Service’s Cyber Crime and Fraud Team, FALCON upon a search warrant.  The raid was carried out in collaboration with a number of other police forces across the country, including Police Scotland, West Yorkshire Police and Greater Manchester Police. The fraudsters have duped...

The problem with SAP Afaria...

Hello everybody! SAP Afaria, an MDM solution from a world-famous software vendor seems to be having security issues. This can be attacked in different ways using Stored XSS vulnerability. In brief, MDM is a set of services that could be used to control mobile devices like smartphones, tablets, phablets etc. and establish security measures of corporate data stored and processed on those devices.  This software is designed to help company administrators achieve these tasks. A special application called MDM client is installed on a device and this allows administrators to...

Vulnerabilities found in LibreSSL...

Hi guys, Serious vulnerabilities have been found in Fork of OpenSSL that could open servers to remote code execution. LibreSSL is a fork of the Open SSL library. When Open SSL was known to be vulnerable to Heartbleed bug, Libre SSL was introduced as a replacement for it. The researchers from Qualys discovered the the two flaws – memory leak and a buffer overflow. The researchers said that the flaws affect all LibreSSL versions, including LibreSSL 2.0.0 (the first public release) and LibreSSL 2.3.0. Remote attackers can cause Denial of Service attacks(memory...

HDRoot Explained...

Hi guys, Dmitry Tarakanov, an Information Security Specialist recently reported about a HDRoot found during an investigation. While tracking Winnti group activity, a suspicious 64-bit sample which was a standalone utility with the name HDD Rootkit for planting a bootkit on a computer has been found. Bootkit is coded to infect the operating system with a backdoor at the early booting stage. Several backdoors that the HDRoot bootkit used for infecting operating systems have been found during an investigation. Backdoors Since the backdoor installed with the use of HDRoot...

Uber driver info was on the open for awh...

Hi guys, Recently a fault in Uber computer software has caused it to leak the personal data of the drivers. Uber acknowledged that about 700 of its “partners” in the US had been affected by the mistake. Exposed data included social security numbers, photos of driver licences, tax forms and other details, according to news site Motherboard. The drivers have noticed this data leak and reported it to their IT support. Whether this information was open to the public or not was not revealed. “Whoah – went to upload new insurance docs and the documents...

Hacker arrested in Malaysia for supporti...

Hey guys, Malaysia recently arrested a hacker on the request of the United States. The 20-year-old man, Ardit Ferizi from Kosovo was charged with hacking personal data of more than a thousand U.S. officials to give it over to the Islamic State militants in Syria. In August 2014, Ardit has entered Malaysia to study computer science and forensics and he will be extradited to the United States, According to Malaysian Police, an Islamic State member in Syria has kept in touch with the suspect to communicate about the servers to be hacked to get the information of the U.S...

How Tipton tried to win a lottery...

Hey folks, Can we even trust our Information Security staff? Eddie Raymond Tipton, was convicted in July 2015 of rigging an Iowa lottery draw and was sentenced recently. Back in 2010, Tipton had removed the  “random number” part of choosing the winning ticket from the lottery software while he was the security director of the Multi-State Lottery Association (MUSL) at the time. It was found that Tipton had secretly installed a self-deleting rootkit on a MUSL computer system which would tamper with lottery’s random number generator, thus allowing him to...

« Previous Entries