Cyber Security News Highlights This Week
- Hackers can infect your computer by exploiting a logical flaw present in Microsoft Office 2016
- The Emotet malware gang has started mass-harvesting millions of email messages from infected victims
- The Romanian hacker – Guccifer, has been sentenced to prison for 52-months who hacked multiple US government officials.
- A new botnet (Demanbot) is slowly growing which is planting bots on vulnerable servers for future DDoS attacks
- Chalubo, botnet trap smart device to perform DDoS attack with the help from Mirai
- Facebook fined £500,000 for allowing political consultancy firm Cambridge Analytica to misuse data of 87 million users
- Once again passcode Bypass hack is found in iPhone after releasing iOS 12.1
- Pakistan bank was hit by cyber attack in which hackers has stolen $6 million
- MapleChange hacked – Canadian crypto currency exchange was hit by hackers and claimed that $40,000 worth of 8 bit coins were stolen
In Short Overview
Recently there was found a bug in Microsoft Office 2016 which could infect your computer. This bug exploits a feature that allows document writers to embed videos directly into Word files. Attackers are able to replace the video’s iframe code with a payload by editing the ‘document.xml’ file. This can then be used to conduct a phishing attack.
Read More… Hackers can infect your computer by exploiting logical flaw in Microsoft Office 2016. (The Hacker News, Oct 29, 2018)
A new Emotet malware family is preparing a more dangerous DDoS attack which has started mass-harvesting full email messages from infected victims.
Read More… Emotet malware family is preparing for more dangerous DDoS attack. (News Vire, Oct 31, 2018)
Guccifer, Romanian hacker is sentenced to prison for 52 months for exposing Hillary Clinton’s private email server and hacking multiple US government officials between 2012 and 2014.
Read More… Guccifer, Romanian hacker has been sentenced for 52 months in a US prison.(ZDNet, Oct 25, 2018)
Security researchers found that DemanBot has grown to numbers – over 70 servers and currently attempting over 1 million YARN exploits per day. YARN stands for Yet Another Resource Negotiator, which is a core component of the Apache Hadoop data processing framework.
Read More… Demanbot has been growing & planting bots on vulnerable servers to be used for future DDoS attacks. (Bleeping Computer, Oct 25, 2018)
Security researchers found a new botnet (Chalubo or ChaCha-Lua-bot) which is targeting unsecured SSH servers and IoT devices for carrying out DDoS attacks.
Read More… Chalubo botnet targeting a unsecured Internet of Things (IoT) devices and servers for the purpose of DDoS attacks. (ZDNet, Oct 24, 2018)
Facebook is fined £500,000 for allowing political consultancy firm Cambridge Analytica to improperly gather and misuse data of 87 million users which is just equals to its 18 minutes of revenue.
Read More… Facebook fined £500,000 for revealing the personal data of 87 million users & misused by political consultancy firm Cambridge Analytica. (BBC News, Oct 25, 2018)
iPhone’s new version has been released i.e. iOS 12.1 and once again passcode Bypass hack is found that allows anyone to see all contacts’ private information on a locked iPhone.
Read More… Passcode Bypass hack is found in iPhone after Apple releases iOS 12.1(The Hacker News, Oct 30, 2018)
Pakistan Bank was hit by a cyber attack in which hackers stole around $6 million and bank’s customer data. The Karachi-based Bank Islami confirmed that it suffered a security breach on Sunday, which resulted in the theft of payment card information.
Read More… Pakistan Bank lost $6 million and customer’s data due to data brech.(The Express Tribune, Oct 29, 2018)
MappleChange – a Canadian cryptocurrency exchange was hacked due to a software bug on its platform that allowed hackers to steal around $6 million worth of bitcoins.
Read More… Canadian cryptocurrency exchange, MapleChange was hit by the hackers (Cyware, Oct 30, 2018)
The post This week in Cyber Security News, Oct 25 – 31, 2018 appeared first on haltDos Blog - WAF | DDoS Mitigation | Load Balancing.
This post first appeared on HaltDos Blog - A Comprehensive WAF And DDoS Protection For Websites, please read the originial post: here