Tag Archives: Edward snowden

Security Never Sleeps- Microsoft Bugs, Android Patches

New Microsoft Kernel Bug Could Permit Malicious Modules

“Could bypass antivirus systems”

Security researchers have found a Microsoft kernel bug that may allow attackers to bypass antivirus systems and load in its own malware that infects users devices. The kernel flaw has been discovered in the PsSetLoadImageNotifyRoutine in all operating systems ranging from Windows 2000 to the most recent version of Windows 10.

AXA Insurance data breach hits 5,400 customers in Singapore

“Sensitive information likely obtained”

AXA Insurance has now revealed it has suffered a cybersecurity incident that compromised personal data of about 5,400 customers in Singapore. The breach affected users of the firms health portal including past customers according to data protection officer Eric Lelyon in a Thursday e-mail to customers. No other alerts or notices were posted on its website. The breach , according to Leylon, “exposed” the customer’s e-mail address, date of birth, and mobile number, which was used to transmit one-time passwords when users transacted on the portal.

Experts Find 2007 Variant of Malware Linked to French Intelligence

“Babar origins may have been found”

Palo Alto Networks researchers have discovered a 2007 variant of Babar, a malware program believed to have been developed by a covert French intelligence agency. The activities of the cyber espionage group known as the Animal Farm came to light in March 2014, when a French publication released a series of slides from united States NSA whistleblower Edward Snowden. The slides belonged to Canada’s Communications Security Establishment and they detailed an espionage campaign dubbed “Operation Snowglobe.”

Google Patches 81 Android Vulnerabilities With September 2017 Updates

“13 rated critical”

81 security vulnerabilities have been addressed in the September set of security patches for the Android platform. 13 had a severity rating of critical. The security bulletin has two security patch levels, each focused on addressing vulnerabilities in specific components.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Contractor Accused of Stealing NSA Files

“Political motivations still unknown”

Stock prices of NSA contractor Booz Allen Hamilton took a nosedive Friday as reports of one of its contractors leaked that a former employee had been charged with two felony accounts of theft of government property and unauthorized removal of classified documents by the Department of Justice. The accused, Harold Martin Thomas III, faces up to 11 years in jail for his alleged crimes. Booz Allen also bears the weight of the formerly employing the highly controversial Edward Snowden, whose leaks to the public in 2013 revealed a mass United States surveillance program.

Expose Retaliation for BuzzFeed

“Retaliation for defamation articles against hacker group OurMine”

Interactive media site BuzzFeed was compromised Thursday by hacker group OurMine, bringing down articles and deleting information related to their members. The massive cyberattack came after BuzzFeed published stories that OurMine, which focuses primarily on the digital accounts of tech CEO’s, venture capitalists and celebrities, may be a lone Saudi Arabian teenager.

Mac Malware Monitor Your Webcam, Microphone

“New malware can penetrate even airtight Mac devices”

Malicious software that targets user’s microphone and webcam access is nothing knew, the NSA and cybercriminals alike have had programs for years that are capable of such feats. However, Mac devices have largely been a different, due primarily to the hardwired light indicating that webcams or microphones are active allowing users to notice their activation. This perceived safety may no longer be the case, according to researcher Patrick Wardle, His team’s analysis at Synack has examined several examples of malware being able to monitor microphone and webcam feeds without activating this light.

eCommerce Sites Lose Customer Data to Web Malware

“MageCart responsible for several incidents”

Cybercriminal campaign ‘MageCart’ has been the culprit of several hacking events involved with the loss of customer data and other sensitive information. MageCart has been active since at least March of this year, targeting other sites such as Powerfront and OpenCart.

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Booz Allen Contractor Charged with File Theft

“Could face up to 11 years in prison”

Former Booz Allen Hamilton employee Harold Thomas Martin III is accused by the Department of Justice of theft of government property and unauthorized removal of classified documents. Stock of the NSA contractor firm took a dip as the news broke. This further scars the company’s reputation that is already bearing the weight of the Edward Snowden revelations of 2013, bringing to light the mass United States government surveillance program that proved very controversial to the public. Whether the intentions of Martin are political is yet to be seen.

Expose Retaliation Hits BuzzFeed

“Hacking group targets interactive media site”

Hacking group OurMine seems to have targeted BuzzFeed, odd considering the group often sets its sights on digital accounts of CEO’s, venture capitalists, and celebrities. The attack on BuzzFeed focused on manipulating the text or completely deleting certain articles related to the groups reputation, in which the website exposed that OurMine may be a solo hacker teenager from Saudi Arabia.

New Malware Can Monitor Webcam, Microphone

“New piggyback virus can access software”

Malware used for covert surveillance is far from new. The NSA has several programs that can monitor voice or video without the notice of a laptops user. However this is not the case with Apple products, as they have a hardwired indicator that notifies the user when the webcam is on. Now this may no longer be the case. Researcher Patrick Wardle explains that a new piggyback virus is able to access webcam and speaker functions without any notification to the user.

eCommerce Malware Stealing Card Data

“Powerfront, OpenCart among affected”

Researchers are monitoring a cybercriminal campaign that have been plaguing several eCommerce sites since at least March of this year. Dubbed ‘Magecart’ by RiskIQ, the malicious software attacks the payment sources of the internet commerce sites, stealing customer personal information and card data.