Nearly 10,000 PNB credit, debit card holders affected by data breach
10,000 credit and debit card holders have been affected by a data breach said to be reported by Punjab National Bank (PNB), which is already reeling under a multi-crore rupee financial fraud by two fugitive luxury jewellers. According to the report, the bank was unaware of the data breach until a Singapore-registered information security company, CloudSek Information Security, tipped it off on Wednesday night. The PNB’s Chief Information Security Officer TD Virwani has confirmed that it was working with the government to contain fallout from the release of the data, which was offered through a website. Sasi added the company has to pass the details through a government agency as they were unable to contact PNB after detecting the breach as it is not a customer at the bank. The PNB’s Chief Information Security Officer did not comment on the breach. Payment gateways are also being checked, however, an investigator told the paper that chances are higher that the bank’s security was compromised, as a large amount of data came from a single source. Government officials who are aware of the breach told the paper that they have been trying to establish the extent of the problem. As of now, they have discovered sensitive information from as many as 10,000 credit cards issued by the bank. Punjab National Bank (PNB) is in the midst of one of the biggest scams in banking history, opening a can of worms worth over Rs 11,300 crore (USD 1,771. Security experts believe sensitive information on the cards has been available for purchase through a website for at least three months, the Asia Times reported quoting sources.
Indian companies lost $500,000 to cyber attacks in 1.5 years
The Cisco 2018 Annual Cybersecurity Report shows that 50 % of organisations in India are reliant on automation, 53 % are reliant on machine learning and 51 percent are highly reliant on artificial intelligence. more than half of all attacks resulted in financial damages of more than USD 500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs,” the technology firm Cisco 2018 Annual Cybersecurity report released today said. As per the survey, Cisco found that 30 percent of security professionals said they used products from 25 to 50 vendors and 54 percent of breaches affected more than half of their systems in 2017. It is important that security adopts new tools like Artificial Intelligence, Machine learning and incorporate best strategies to mitigate risks,” Vishak Raman, Director, Security Sales, Cisco India & SAARC said. Two such attacks (in India) in 2017, Nyetya and Ccleaner, infected users by attacking trusted software,” the report said. 5 years: CISCO Cyber attacks in the country caused financial damages to the tune of about USD 500,000 to India companies in the last 12-18 months, says a study. The survey found that security professionals see value in behavioural analytics tools in locating malicious actors in networks as 67 percent of security professionals said behaviour analytics tools work well. The report said that security is getting more complex and scope of breaches is expanding. This complexity and growth in breaches have many downstream effects on an organizationâ€[TM]s ability to defend against attacks, such as increased risk of losses,” the report said. The report noted that supply chain attacks are increasing in velocity and complexity and called for the need to be aware of a potential risk of using software or hardware from organizations that do not appear to have a responsible security posture.
India 7th most targeted nation for Web Application Attacks
The report, titled “Akamai State of the Internet Security Q4 2017,” also stated that the Distributed Denial of Service (DDoS) attack frequency in the BFSI sector increased by 50 percent in the fourth quarter of 2017 over the last quarter. “While India maintained the same position in the third quarter last year, it is interesting to note that the attacks sourced have seen a drop of approximately four million in number as compared to last quarter,” the report said. There was a 31 percent increase in DDoS attacks sourcing from the US last quarter compared to the same timeframe in 2017, the report said. Akamai’s findings also confirmed that the total number of DDoS attacks last quarter increased 14 percent from the same time last year. The financial industry saw a sharp increase in the number of DDoS attacks, experiencing 298 DDoS attacks against 37 distinct organisations last quarter. File Photo) Related News Nearly 40 percent of over 53,000 cyber attacks in India occurred in the financial services sector during 2017, placing it at the seventh spot in the list of targeted countries for Web Application Attacks (WAA), a new report said on Wednesday. Security incidents like phishing, website intrusions and defacements, virus and ransomware targeted the rapidly growing of the Banking, Financial Services and Insurance (BFSI) sector in India, warranting a robust infrastructure and planned a roadmap for cybersecurity, said the report from content delivery network services Akamai Technologies. “The hospitality industry suffered as the biggest target of fraudulent credential attacks, with 82 percent of their login attempts being from malicious botnets, the report said. Data Security And Cybercrime This indicate that DDoS attacks remain a consistent threat and the Mirai botnet is still capable of strong bursts of activity. The newly-released data that analysed more than 7.3 trillion bot requests per month found a sharp increase in the threat of credential abuse, with more than 40 percent of login attempts being malicious.
Nasty undetectable Mac malware can steal passwords, remotely control your computer
Patrick Wardle, chief research officer at Digita Security, said the malicious code was also put up for sale by its apparent author “Coldzer0″ on underground markets since 1 January 2017 who offered customers ways to customise the malware as well. While creating a network connection is itself not inherently malicious, it is a common tactic used by malware – specifically to check in with a command & control server for tasking,” Wardle said. Wardle noted that the script may fail on newer operating systems such as MacOS High Sierra since Apple now protects TCC. According to a video posted by Coldzer0, Coldroot is a cross-platform RAT that can be used to target MacOS, Windows and Linux systems, Wardle noted in a blog post published on Saturday (17 February. The malware includes the capability to perform system-wide keylogging Patrick Wardle “It should be noted that if no command or tasking is received from the command & control server, the malware will simply continue beaconing. Wardle said the malware is “not particularly sophisticated” but is rather “feature complete. The malware also maintains persistence on an infected system by installing itself as a launch daemon, which means the malicious code automatically launches every time the compromised system is rebooted. Despite being available for download for years, none of the antivirus engines is able to detect it as malicious when he initially submitted the sample, according to test service VirusTotal. When a user clicks on it, a standard authentication prompt pops up that requests their MacOS credentials. interestingly, sending the name of the user’s active window in each heartbeat,” he said.
A new ‘text bomb’ threatens Apple devices A new text bomb threatens Apple devices, a single character can crash any Apple iPhone, iPad Or Mac
Just a single character of the Indian alphabet (precisely the Telugu language, a Dravidian language spoken in India by about 70 million people) can crash your device and block access to the Messaging app in iOS, including WhatsApp, Facebook Messenger, Outlook for iOS, Gmail, Safari and Messages for the macOS versions. To fix the issue on the device that is crashing after received the text bomb is possible to send a message to the app that is crashing. html Researchers discovered a new dangerous text bomb that crashes Apple devices, only a single character of the Indian Telugu language could create the chaos. A new text bomb threatens Apple devices, a single character can crash any Apple iPhone, iPad Or Mac security affairs. According to the bug report published on OpenRadar: “When iOS, MacOS, watchOS try to render Indian symbol ‘ఞ‘ all of it has crashed Steps to Reproduce: Try to insert ‘ఞ‘ this symbol in any system text renderer like TextField, Label, TextView it always has crashed. Once the recipient receives the message or typed the Telugu symbol into the text editor, its Apple device will crash. First spotted by Italian Blog Mobile World, the text bomb affects a wide range of Apple devices, including iPads, Macs and even Watch OS devices running the latest versions of OS. ” “The issue was reported to Apple a few days ago, the tech giant will likely fix the issue in the iOS update before the release of iOS 11. The news of the bug was first reported on the Italian Blog Mobile World, the issue can be it can be easily exploited by anyone just by sending a message containing the Telugu character to the recipient.
Russia’s central bank: Hackers stole $6m from local bank in ‘classic scheme’ abusing Swift network
Russia’s central bank has said that hackers stole 339. A central bank spokesman said those threat actors managed to take control of a computer at a Russian bank and exploited the Swift network to transfer millions to their accounts, Reuters reports. The central bank described the latest cyber attack as a “classic scheme”, which was reportedly disclosed at the bottom of a report on digital thefts in the Russian banking sector. Over the weekend, India’s City Union Bank said “cybercriminals” hacked its systems and transferred nearly $2m through three “fraudulent remittances” via Swift to accounts in Dubai, Turkey and China. In December 2017, Russian state bank Globex said it was targeted by hackers who tried to steal 55m rouble via the Swift system. The Swift payment system was used exclusively as a channel to withdraw the stolen funds,” the central bank said in a statement. 2m) from a Russian bank last year by exploiting Swift (the Society for Worldwide Interbank Financial Telecommunication) — the global banking industry’s payments messaging system. According to the report, the central bank said it was sent information regarding “one successful attack on the workplace of a Swift system operator. 5 million roubles,” the central bank said without naming the institution involved or specifying when the attack took place. Used by more than 11,000 financial institutions in over 200 countries around the world, the Swift network is used by banks globally to transfer trillions of dollars daily.
New Android malware comes with extensive spying and data-stealing abilities
A new variant of an Android malware has been discovered, which comes with extensive data-stealing and spying abilities, allowing hackers to gain access to almost all data on infected devices. These include the ability to steal a list of all the installed apps, steal browser history and Wi-Fi passwords, record calls, upload files into the infected device, send and delete SMS messages, install a keylogger and use the front camera to capture high-resolution photos. The first time TrashCleaner runs, it prompts the Android device to install a Chinese-labeled calculator app that resembles a pre-installed system calculator. In addition to possessing the original features of AndroRAT, such as stealing GPS location, contacts, Wi-Fi names, device model details, SMS messages and more, the new variant also comes with new abilities. The malware can hijack devices to use the front camera to take high-resolution photos, record audio, steal files and more. The new version of the malware disguises itself as an app called TrashCleaner, which once installed, can allow hackers to perform various malicious activities. Downloading only from legitimate app stores can go a long way when it comes to devising security. Although Google already patched the vulnerability, older Android devices may still be vulnerable. The malware was originally a university project – meant to be an open-source application that provided remote control of an Android system. Users should refrain from downloading apps from third-party app stores to avoid being targeted by threats like AndroRAT,” Trend Micro researchers warned.
Confucius hacker group targets singles in romance scam to steal data via backdoor chat apps
Hackers are going after singles in a new romance scam. The fake backdoor-capable chat apps called Simple Chat Point, Secret Chat Point, and Tweety Chat were used by the hackers to not only steal messages but also gain remote control of victims’ devices. Confucius’ operations include deploying bespoke backdoors and stealing files from their victim’s systems with tailored file stealers, some of which bore resemblances to Patchwork’s. According to the Trend Micro researchers, the hackers’ backdoor-capable fake Android chat apps can steal SMS messages, accounts, contacts, and files and even record audio. The hacker group developed customised fake chat apps for both Android and Windows operating systems, which come with backdoor functionalities, to steal victims’ data. Some of these file stealers specifically target files from USB devices, probably to overcome air-gapped environments,” the Trend Micro researchers said. Besides, the researchers found that Confucius hackers tagged systems related to security researchers, likely in efforts to evade detection. A South Asian hacker group called Confucius has been using social engineering and romance to steal data from victims. According to security researchers at Trend Micro, who discovered the new campaign, Confucius’ operations bear similarities to a cyberespionage group known as Patchwork or Dropping Elephant. According to previous reports, the Confucius hacker group has been active since 2013.
A new Facebook security feature reveals fraudulent Facebook-like mails
A new Facebook security feature protects users from identity theft, the tech giant is taking note of every email it has “recently” sent to its users. Even if threat actors are able to disguise emails, to make them look like official messages sent by Facebook, the new Facebook security feature will help users to identify phishing attacks. Facebook users that will receive a message allegedly sent by the social network giant can check its authenticity by viewing the new “See recent emails from Facebook” section at the bottom of the Security and Login page. Users that will discover email scam pretending to be sent from the Facebook platform can report it to phish@facebook. Facebook has rolled out a new security feature to protect users from identity theft, the tech giant is taking note of every email it has “recently” sent to its users. Compromised accounts could be used to send out phishing messages or to spread malware. com is a common domain that Facebook uses to send notifications when we detect an attempt to log in to your account or change a password. com, and if you believe your account has been compromised due to a phishing attempt, you may attempt to regain access to your account at facebook. The full list of email sent by Facebook is available under the Settings menu on the social network platform. If you’re unsure if an email you received was from Facebook, you can check its legitimacy by visiting facebook.com
Hackers now exploiting Word documents to display ‘innocent’ videos that secretly mine cryptocurrency