Security Breach at Hard Rock Cafe...

Hello All, Hard Rock Cafe and Casino Las Vegas has alerted customers about a data breach. Their statement mentions that customer data may have been compromised if they visited the resort between October 27th, 2015 and March 21st, 2016. The resort started investigating the card payment methods they used, following several reports of unauthorized activity associated with payment cards. Hard Rock said in its statement: “On May 13, 2016, the investigation identified signs of unauthorized access to the resort’s payment card environment,” “Further investigation revealed...

Cyber Criminals Targeting the 2016 Olymp...

Hi guys, Going to Watch the Olympics this year? Just as the cybercriminals leverage on popular sports events like the World Cup, they have started doing it with the Olympics. However the forthcoming Olympic Games have seen fewer attacks. This could be because the International Olympic Committee (IOC) keeps a very active Security Operations Center (SOC), working and treating the security incidents, reporting phishing and malware campaigns. As a result, the number of “in-the-wild” attacks targeting users at this time are low. But the malicious actors still have their...

Hackers using your site to boost their S...

Hi everybody, Now hackers use your site to boost their SEO ranking even without your knowledge. Illicit websites selling everything from drugs and adult content to counterfeit goods are using illegally created referral links from legitimate websites. Amichai Shulman, co-founder and CTO of Imperva, explained that more than 700 host IP addresses which are used by a botnet to launch SQLi and HTML link injection have been identified.  In addition, comment spam attacks on vulnerable websites have been used to create hidden links back to their clients’ websites . This...

Thanatos: Malware that Attacks Malware...

Hi everybody, Thanatos is a new strain of malware that can scan a target network for other malware and it gets its ability to target other malware through the use of intelligent plugins. It’s named after the Greek God of death for this reason. Reportedly the malware is available at the ‘crimeware underground’ systems and is offered at a price of $1,000 per month or $12,000 for a lifetime subscription. Thanatos indicates characteristics of a multi-staged malware commonly found in Advanced Persistent Threat (APT) technology; Where this malicious software...

What’s Locky Ransomware ?...

Hello everybody, Locky Ransomware Spreads via Flash and Windows Kernel Exploits. A zero-day exploit (designated as CVE-2016-1019) was found in Adobe Flash Player recently. Magnitude Exploit Kit, used this flaw soon after and Adobe released an out-of-cycle patch. This flaw was exploited to lead drive-by download attacks with Locky ransomware as the payload. There’s more threats except the ransomware. On top of the Flash exploit, an old escalation of privileges exploit in Windows (CVE-2015-1701) was used to bypass sandbox technologies. This has been analysed...

Public Servants in Singapore will Lose I...

Hi folks! Public servants in Singapore will be denied internet on work computers from May next year. The reason given is the risk of sending out work emails and shared documents. Officials have said that employees across government will be barred from forwarding any work-related information to personal emails. Online reactions and comments show that Singaporeans have responded with shock while some believed that this move contradicted Singapore’s much-promoted Smart Nation technology initiative. The restrictions will be rolled out over one year to all 100,000 public...

Was SWIFT to blame for the Bangladesh Ce...

Hi folks, There were allegations that SWIFT  technicians made the nation’s central bank more vulnerable to hacking before an $81 million cyber heist in February. SWIFT rejected these allegations. the Brussels-based bank-owned cooperative said in a statement posted on its website: “SWIFT was not responsible for any of the issues cited by the officials, or party to the related decisions,” “As a SWIFT user like any other, Bangladesh Bank is responsible for the security of its own systems interfacing with the SWIFT network and their related environment...

Poison Ivy...

Hey everybody, The infamous Remote Access Trojan (RAT) Poison Ivy has emerged again recently with some new features.  It has been observed that PIVY targeted a number of Asian countries for various purposes over the past year. New Poison Ivy Activity Targeting Myanmar, Asian Countries. In a recent blog post by Palo Alto Networks’ Unit 42 they discussed a new Poison Ivy variant targeting Hong Kong activists dubbed SPIVY that uses DLL sideloading. This operates quite differently from a variant recently observed by ASERT that has been active for at least the past 12...

Tumblr Was Hacked — Years Ago...

Hi guys, Tumblr recently revealed  that a data breach had affected  “a set” of users’ email addresses and passwords, in a 2013 data breach.  The company did not give a figure of how many were affected but independent studies have shown that about 65 million were affected. The owner of the awareness portal ‘Have I been Pwned’  Troy Hunt recently obtained a copy of the stolen data set. According to him, 65,469,298 unique emails and passwords were released. However, the passwords were hashed and were not in plaintext. Tumblr did not mention what algorithm was...

German Nuclear Plant Infected With Virus...

Recently, a nuclear power plant in Germany was found infected with viruses but has not posed any threat to the facility’s operation as it’s isolated from the internet. The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE (RWEG.DE). Two of the prominent viruses “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said. They...

« Previous Entries