Securityinform.com Blog

0

Hundreds of Dropbox passwords leaked, 7 million Dropbox accounts allegedly hacked

Hundreds of alleged usernames and passwords for online document-sharing site Dropbox were published on Monday on Pastebin, an anonymous information-sharing website. The anonymous user, who claims to have hacked close to 7 million accounts, is calling for Bitcoin donations to fund the operation.   Dropbox hack teaser snapshot from Pastebin   “We will keep releasing more to the public as donations...

1,814 total views, no views today

0

Adobe’s e-book reader sends your reading logs back to Adobe’s servers. Data is being sent in clear text.

Adobe is gathering data on the ebooks that have been opened, which pages were read, and in what order. All of this data, including the title, publisher, and other metadata for the book is being sent to Adobe’s server in clear text.   Adobe Digital Editions is a free reading app which allows users to view and manage eBooks and other...

1,464 total views, no views today

0

Emma Watson leaked video scam leads to dangerous trojan

Scammers are taking advantage of Emma Watson’s growing popularity by using the Harry Potter star as bait to spread malware on Facebook. The supposed “sexy videos” of the British actress – who has recently stood up against sexism in her new role as Goodwill Ambassador for Women – drop Trojans rather than the promised salacious content. More precisely, the malware poses...

8,486 total views, no views today

0

Snapsave hacked, 200.000 Snapchat images leaked

The hackers claim even to have gained access to around 200,000 images having hacked Snapsave. The individual images can now be spread online. Screen shot of some of the pictures leaked.   Snapsave was hacked early hours of yesterday. Many of the victims are Danes and Norwegians. It is not Snapchat themselves are hacked this time, but the program Snapsave , which...

4,926 total views, no views today

0

AT&T customer data breached by rogue employee

The AT&T has sent a letter couple of days ago informing victims that the personal information of AT&T might have been compromised when an employee viewed account information without proper authorization. Also,  Reuters published a news article on October 7 which reported that  AT&T  informed about 1,600 customers that an employee gained unauthorized access to their personal data in August. And...

1,088 total views, no views today

0

Another card system hack at Supervalu and Albertsons

Card data of Supervalu and Albertsons shoppers may be at risk in another hack, the two supermarket companies said Monday. The companies said that in late August or early September, malicious software was installed on networks that process credit and debit card transactions at some of their stores. Albertsons said the malware may have captured data including account numbers, card expiration...

1,154 total views, no views today

0

Ongoing MITM attack against Yahoo in China confirmed, Chinese Government accused of intercepting traffic

Is it possible to block some search engine queries without blocking the entire website? The answer is yes and it appears that for this very reason there was an ongoing man-in-the-middle (MITM) attack against Yahoo in China. The online censorship monitoring organisation GreatFire sent out a tweet on September 30th saying that “Yahoo appears to under Man-in-the-middle attack in China. 3rd case...

2,763 total views, no views today

0

Your mobile phone may be giving away your personal information

When popular Chinese handset maker Xiaomi Inc admitted that its devices were sending users’ personal information back to a server in China, it prompted howls of protest and an investigation by Taiwan’s government. The affair has also drawn attention to just how little we know about what happens between our smartphone and the outside world. In short: it might be in...

1,268 total views, no views today

0

‘Tiny Banker’ Trojan targets banking customers worldwide

The Tinba Trojan is a small-sized (approx. 20 KB) banking malware that uses a subset of phishing called spearfishing to target its victims. It integrates with browser and steals login data, as well as sniffs network traffic. It also uses MITB (Man-in-the-browser) technique and web injection to change the look and feel of banking web pages. Tinba, aka Tiny Banker, was first...

4,384 total views, no views today

0

Bad guys have a new and hard to detect way to steal your ATM pin code

Now bad guys have a new and hard to detect way to steal your ATM pin code. And all they need is an easy-to-buy  iPhone case (FLIR one) that turns the phone into an infrared thermal camera. Watch the video to find out how they manage to steal ATM pin codes and how to prevent. 1,255 total views, no views today

1,255 total views, no views today

0

5 million Google accounts and passwords leaked to Russian Bitcoin forum

Around five million Google accounts with their passwords are suspected to have been leaked online.  The text file containing Google accounts and the first letters of their passwords has been uploaded to Russian cyber security internet forum, btsec.com. A forum user (tvskit) posted a text file contains nearly 5 million Google accounts username and first letters of their passwords. The exact number of...

3,727 total views, no views today

0

The Russian-made tool that hackers used for stealing nude celebrity pictures from iCloud accounts

Apple’s security nightmare began over the weekend, when hackers began leaking nude photos that included shots of Jennifer Lawrence, Kate Upton, and Kirsten Dunst. The security community quickly pointed fingers at the iBrute software, a tool released by security researcher Alexey Troshichev designed to take advantage of a flaw in Apple’s “Find My iPhone” feature to “brute-force” users’ iCloud passwords, cycling...

2,894 total views, no views today

0

Malware bypasses Chrome Extension Security Feature easily

A malware can intercept your private communication, track your browsing activity, capture your passwords and private data or inject ads by silently installing extensions into your browser. To prevent this kind of malicious activity and protect users, earlier this year Google has announced that Chrome will only allow extension installation if they are hosted  in the Chrome Web Store. But TrendMicro security researchers...

1,294 total views, no views today

0

Hundreds of vulnerable Android apps leave users open to theft of credit card and personal information

Many Android apps need to communicate over internet for various reasons. These applications are responsible for protecting sensitive data such as credit card information, personal information or login credentials etc. For this reason the most common approach to protect data during communication on the Android platform is to use the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols.  Both protocols...

1,740 total views, no views today

0

Cyber criminals exploited Linux servers for DDoS attacks

Cyber criminals have produced significant DDoS attack campaigns and exploited Linux servers with malware for forcing target companies to seek expert DDoS protection. According to a threat advisory posted on Akamai’s Prolexic Security Engineering and Research Team (PLXsert) website,  attackers have exploited Linux servers that run unpatched versions of Apache Struts and Tomcat with vulnerabilities. After Linux system has been compromised, attackers...

1,603 total views, no views today

0

iCloud hacked, dozens of nude celebrity photos leaked.

Naked photos of US celebrities including Jennifer Lawrence, Kate Upton and Ariana Grande have been published online by an anonymous hacker who reportedly obtained the explicit pics from the victims’ Apple iCloud accounts. Nude photos of 17 celebrities have been published online. The anonymous hacker posting on grime-‘n-gore board 4Chan claimed to have naked pics on more than 100 celebrities in...

3,460 total views, no views today

0

Hackers infected Belgian Charleroi airport servers with malware, turned them into botnet nodes.

De Standaard, a Belgian newspaper reported yesterday that hackers infected several Belgian Charleroi airport network servers with malware and turned them into botnet. Since the malware had full access to the compromised infrastructure and infected servers pass all kinds of information about the airport and its users,  it is also suspected that airport and customer data have been stolen. Authorities believe that the...

1,986 total views, no views today

0

Mozilla left thousands of email addresses and passwords on a publicly accessible server

  For the second time, Mozilla announced that database dump files containing thousands of email addresses and passwords were left on a publicly accessible server.  On August 1st, Mozilla Developer Network members were warned that email addresses of about 76,000 users and encrypted passwords of about 4,000 users had been left on a publicly accessible server for a period of 30 days,  starting on...

1,599 total views, no views today

0

Secret app hacked, vulnerability allows revealing of anonymous user identities

Secret is an iOS and Android app that allows people to share messages anonymously within their circle of friends, friends of friends, and publicly. It differs from other anonymous sharing apps such as PostSecret, Whisper, and Yik Yak in that it is intended for sharing primarily with friends, potentially making it more interesting and addictive for people reading the updates. Rhino...

1,757 total views, no views today

0

Easily exploitable backdoor found in Netcore/Netis routers

Trend Micro researchers found a critical vulnerability, a wide open backdoor on Netcore/Netis routers which allows cybercriminals to easily log in and gain control of the devices. They also stated that almost all Netcore/Netis routers appear to have this vulnerability. Netis Systems is part of the Netcore Group, which is a popular brand for networking equipment in China. They also stated...

1,716 total views, no views today