Sabtu, 13 Juli 2013

Security Brief: Twitter Hacks, Android Vulnerabilities, Blackmail

Here’s your chance to catch up on some IT security news in case you haven’t been online much over the past week.

Let’s start with the Twitter hacks. This week, the official Twitter accounts of the following have been hacked: famous director and editor Alfredo Flores, American rock band Band of Horses, One Direction’s Niall Horan, and Canadian ice hockey player Tyler Seguin.

The Twitter, Yahoo and other online accounts of several Jersey Shore actors were hacked by TeamHype, the group that’s responsible for hijacking the Xbox accounts of Microsoft customers earlier this year.

The hackers took over the accounts of Sammi, Deena, Vinny, Ronnie and JWoww one by one. Here’s what the hacker s told Softpedia (exclusive).

Bluebox Security has revealed the existence of an Android vulnerability that could be exploited to turn any legitimate app into a malicious Trojan without breaking its signature.

The company has even released a small app to help Android device owners determine if they are impacted by the flaw, and if malicious apps leveraging the security hole have been installed.

In the meantime, a POC exploit for the vulnerability has been published. Furthermore, Chinese security experts have identified another Android flaw that could be used to alter legitimate apps without breaking their signature.

And since we’re talking about mobile security, Bitdefender has published an interesting study which shows that iOS and Android apps are equally intrusive and “curious.”

In the “blackmail” section, we have the return of the Rex Mundi collective. After taking some time out, the hackers are back, trying to extort companies whose systems they breach.

Their latest targets are Italian hosting company, from which they have leaked over 60,000 customer credentials after the firm refused to pay up, and Numericable Belgium.

In the case of Numericable, the hackers claim to have accessed a server that contains over 6,000 detailed customer records.

As far as website hacks are concerned, the list of victims includes Japanese video game company Konami, 6 Pakistani government websites, IP surveillance solutions provider Brickcom, Spain’s People’s Party, Netherlands and Belgium domain name registrars, Irish anti-abortion group Youth Defence, and 8 Egyptian government sites.

We’ve had a couple of controversial stories this week. DEF CON organizers has published an announcement asking US government workers not to attend this year’s event.

Not everyone is happy with this decision. Secure Ideas has announced that it will not take part in the event.

Another controversial story emerged after Citizen Lab published a report revealing that Blue Coat Systems’ web monitoring de vices were spotted in countries subject to US sanctions, such as Iran, Syria and Sudan.

In response, Blue Coat has stated that it supports human rights and it does not condone with the use of its products for surveillance purposes.

Here are some other interesting stories, in case you’ve missed them:

Hacker Guccifer leaks rauncy emails and other documents from former US Defense Intelligence Agency (DIA) Deputy CIO Roy Apseloff

Hackers blamed after Ars enal gear shows up on Chelsea FC’s USA Megastore

Izz ad-Din al-Qassam Cyber Fighters might be preparing for the next phase of Operation Ababil

British Parliament's Intelligence and Security Committee has released its annual report

McAfee issues report on 4-year espionage campaign against South Korea

US Department of Commerce destroys printers, cameras, TVs, mice and computers to clean malware infection

Secunia and VLC get into argument over vulnerability

Anonymous hackers target Hawthorne Police for shooting dog

Snowden says the NSA and Israel wrote Stuxnet together

Hackers threatened 2012 London Olympics opening ceremony

0 komentar:

Posting Komentar