Tag Archives: spotify

10Fold- Security Never Sleeps- 112

Chinese firm admits hacked products were behind Friday’s Internet Abnormalities

“Hangzhou Xiongmai Technology vulnerabilities led to attack”

Electronic component manufacturer based in China Hangzhou Xiongmai Technologies has conceded that hackers used its technologies to conduct a massive cyberattack on several substantial United States headquartered internet sites. Mostly known for its production on DVR’s and cameras connected to the internet, weak default passwords of users is noted as a major contributing factor to their vulnerabilities. Security researchers have claimed that the notorious malware Mirai has been infiltrating and using them as a jump off point for Friday’s DDoS attack.

DDoS Attack Shows Vulnerable Underbelly Cloud Technologies

“Can a DDoS attack break the internet?”

Friday saw a massive DDoS attack, which commentators have said led to the internet ‘breaking’ for several hours over the course of the early day. Vital corporate applications, business functions and inability to use big name sites, causing public outrage and firm loss. Dyn going offline brought the shutdown of the DNS server, the component that allows users to find sites without directly inputting the IP address.

Beware of Fraudulent BSOD Scammers’ Malware

“Microsoft notifies public of fake installer for Security Essentials”

Tech support scammers have added a new weapon in the cybercriminal bag of tools, now utilizing fake ‘Severe Warning’ notifications and blue screens of death in Windows devices. Hicurdismos, the nickname given to this new malware, disables Task Manager and hides the cursor to deceive the user and suggests the user to call a bogus call center and hoaxes users to give up sensitive information the scammer will exploit for profit.

$7,500 IoT Cannon Sold, Capable of Bringing Down The Web Again

“Worse DDoS attacks expected in the future”

The attacks we got a taste of Friday was bad, but experts are saying these disruptions will get worse in intensity and probably more frequent. This is due to hackers selling access to hacked IoT devices which give their customers the ability to launch cyber events comparable or potentially bigger than what the world had witnessed. Early October also saw the advertisement of a botnet cybercriminals had put up for sale on an underground market forum, a trend that before recently had been quite uncommon. To see a malware program for sale of that caliber has researchers predicting a growth in its usage and security concerns in the future.



10Fold- Security Never Sleeps- 103

Hack Claims from Guccifer 2.0 Denounced by Clinton Foundation

“Widely believed to be political in motivation”

Guccifer 2.0, the hacker who claims responsibility for the Democratic National Committee leaks that aimed to expose corruption within its ranks, claims to have breached the servers of the Clinton Foundation and attained documents that could be damaging to Hillary Clinton’s presidential campaign, despite denial from the Clinton Foundation itself. The hacker posted screenshots of spreadsheets online, claiming that they were documents from the institution and that: ‘… her staff don’t even bother about the information security.”

The political motivations of the cyber-attack remain obvious, as the hacker made clear favorable reference to Julian Assange, founder of WikiLeaks and outspoken opponent of Hillary Clinton.

Report Claims that Email Provider Yahoo Assisted in Spying on U.S. Citizens

“Raises questions of why Yahoo did not fight the order”

A program developed by Yahoo Inc. last year reportedly allows the U.S. Federal government to search through email databases for certain phrases. Anonymous former employees narrowed government agencies involved to either or both the National Security Agency or the Federal Bureau of Intelligence.

The news is surprising, given the typical resistance to government mandates to enter customer accounts that tech firms generally uphold. However, Yahoo not only complied with the order, but dedicated its own resources and staff to assist with the operation.

TalkTalk fined £400K for mistakes that led to 2015 hack

“Actions first taken to clear its reputation of highly hacked service”

After the personal data theft of over 155,000 customers Telecom firm TalkTalk has been fined £400,000 for its security vulnerabilities in 2015. Well over 15,000 of those affected had bank information stolen and suffered serious ramifications for what Information Commissioner Elizabeth Dunham reported that even the most basic of security measures failed to be acted upon and “…(the company) could have done more to safeguard its customer information.”

Malware Infested-Ads Plaguing Spotify

“Free version of service seems to open malicious sites”

Malware seems to have worked its way into the Spotify servers and is continuously serving itself to the users who use the Spotify free product to stream music. The ads have been reported to open infected sites, causing potential harm to those that travel to them.