Tag Archives: cybercriminal

10Fold- Security Never Sleeps- 108

Vulnerabe IBM Code Pulled After Insistence From Security Experts

“Potential to affect several versions of WebSphere”

A researcher who was able to successfully exploit a proof of concept code able to affect WebSphere versions 7, 8, 8.5, and 9 was censored without major damages occurring. Maurizio Aggazini was cooperating with IBM to responsibly patch and censor vulnerabilities experienced in the firm’s products. These include the deserialization of untrusted data sources, causing DoS issues and allowing re,ote execution of hacking.

Half of Androids Able to be Compromised to Seemingly Outdated Malware

“Ghost Push capable on infecting Androids up to version 5”

A fairly dated yet successful malware program known as Ghost Push is reportedly still one of the most widely effective software’s used to exploit unsuspecting users. Cheetah Mobile experts say that the majority of the infections are received from application downloads not installed through the Google Play store. The Trojan program is capable of preventing third parties from gaining root privilege.

UK Firms Could Face Huge Increase in Data Breach Fines in 2018

“New EU legislations could enact harsh penalties”

PCI Security Standards Council is recommending technology companies to bypass extremely increased costs of fines that new legislation from the European Union is poised to enact. In 2015 90% of large scale firms and 74% of SME’s had reported at least one security breach, reaching just about 1.4 billion pounds worth of consumer protection fines. The EU General Data Protection Regulation is set to put harsher regulations into place that will affect firms that will instill penalties of up to €20m.

Hackers Successfully Infiltrate Senate GOP Committee

“Accelerates fears of security vulnerabilities”

While news reports of Democratic Party server hacks run rampant through the press, Republicans have been hit with a particularly devastating cyberattack by Russian operatives. For the last six months, cybercriminals have allegedly been siphoning credit card information from customers in the web storefront of the National Republican Senatorial Committee, selling the data in the black market.

 

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Contractor Accused of Stealing NSA Files

“Political motivations still unknown”

Stock prices of NSA contractor Booz Allen Hamilton took a nosedive Friday as reports of one of its contractors leaked that a former employee had been charged with two felony accounts of theft of government property and unauthorized removal of classified documents by the Department of Justice. The accused, Harold Martin Thomas III, faces up to 11 years in jail for his alleged crimes. Booz Allen also bears the weight of the formerly employing the highly controversial Edward Snowden, whose leaks to the public in 2013 revealed a mass United States surveillance program.

Expose Retaliation for BuzzFeed

“Retaliation for defamation articles against hacker group OurMine”

Interactive media site BuzzFeed was compromised Thursday by hacker group OurMine, bringing down articles and deleting information related to their members. The massive cyberattack came after BuzzFeed published stories that OurMine, which focuses primarily on the digital accounts of tech CEO’s, venture capitalists and celebrities, may be a lone Saudi Arabian teenager.

Mac Malware Monitor Your Webcam, Microphone

“New malware can penetrate even airtight Mac devices”

Malicious software that targets user’s microphone and webcam access is nothing knew, the NSA and cybercriminals alike have had programs for years that are capable of such feats. However, Mac devices have largely been a different, due primarily to the hardwired light indicating that webcams or microphones are active allowing users to notice their activation. This perceived safety may no longer be the case, according to researcher Patrick Wardle, His team’s analysis at Synack has examined several examples of malware being able to monitor microphone and webcam feeds without activating this light.

eCommerce Sites Lose Customer Data to Web Malware

“MageCart responsible for several incidents”

Cybercriminal campaign ‘MageCart’ has been the culprit of several hacking events involved with the loss of customer data and other sensitive information. MageCart has been active since at least March of this year, targeting other sites such as Powerfront and OpenCart.