Recent Posts

Pages: [1] 2 3 ... 10
By Jacob Kagi

West Australian public servants are leaving sensitive and confidential information vulnerable to hacking by using easy-to-guess passwords, with more than 1,400 people using 'Password123' as their login.

An examination of passwords and computer systems within WA Government agencies by auditor-general Caroline Spencer found 26 per cent of accounts had weak or commonly used passwords.

That equates to 60,000 out of the 234,000 accounts examined across 17 government agencies.

Top 20 weak passwords
No.    Password Used    Accounts    No.    Password Used    Accounts
1   Password123   1,464   11   Spring2017   155
2   Project10   994   12   password2   142
3   Support   866   13   August2017   141
4   password1   813   14   sunday1   132
5   October2017   226   15   Welcome1   132
6   Monday01   225   16   Password01   118
7   Spring17   198   17   Summer01   102
8   Sunday01   188   18   Logitech1   98
9   password   184   19   support1   96
10   abcd1234   176   20   Summer17   96

full article here:
by Kanishka Singh in Bengaluru

(Reuters) - British pharmacy Superdrug said late on Tuesday that there had been a “possible disclosure” of personal information of some of their customers, which could include names, addresses, dates of birth and telephone numbers.

Superdrug said in a statement on Twitter that customers’ payment care information had not been compromised. It did not specify how many customers were affected.

full article here:
By Associated Press on August 21, 2018

HUNTINGTON BEACH, Calif. (AP) — The FBI launched investigations after two Southern California Democratic U.S. House candidates were targeted by computer hackers, though it's unclear whether politics had anything to do with the attacks.

A law enforcement official told The Associated Press the FBI looked into hacks involving David Min in the 45th Congressional District and Hans Keirstead in the adjacent 48th District. Both districts are in Orange County and are seen as potential pickups as the Democratic Party seeks to win control of the Congress in November.

A person with knowledge of the Min investigation told the AP on Monday that two laptops used by senior staffers for the candidate were found infected with malware in March. It's not clear what, if any, data was stolen, and there is no evidence the breach influenced the contest.

full article here:
By AFP on August 21, 2018

The Russian hacking unit that tried to interfere in the US presidential election has been targeting conservative US think tanks, Microsoft said.

Acting on a court order, the company last week seized control of six fake websites involved in such efforts, which also involved a site that mimicked the US Senate, Microsoft president Brad Smith said in a blog post Monday.

The hackers were linked to the Russian military intelligence agency known as the GRU, Smith wrote.

The idea was to have people think they were accessing links managed by these US political groups but redirect them to fake ones run by the hackers so passwords and other information could be stolen.

full article here:

Author: Lindsey O'Donnell
August 21, 2018 4:25 pm

Researchers have been tracking an ongoing malicious campaign targeting victims in Mexico, with a highly crafted tool built to steal financial information and login credentials for popular websites.

Researchers at Kaspersky Lab said today that the campaign, dubbed Dark Tequila, and its supporting infrastructure are unusually sophisticated, especially for a financial fraud operation.

“A multi-stage payload is delivered to the victim only when certain conditions are met; avoiding infection when security suites are installed or the sample is being run in an analysis environment,” they said in a Tuesday post.

Researchers were able to deduce from the target list retrieved from the final payload that the campaign targets customers of several Mexican banking institutions. The payload contains comments embedded in the code written in the Spanish language, using regional words only spoken in Latin America, they said.

full article here:
Author: Tara Seals
August 21, 2018 12:58 pm

An unpatched buffer overflow flaw allows remote attackers to completely take over the device and enter the home network.

A vulnerability in a popular Wi-Fi–connected electric outlet for smart homes would allow a remote attacker to take over smart TVs and other devices, as well as execute code – potentially exposing tens of thousands of consumers to cryptomining, ransomware, information disclosure, botnet enslavement and more.

The Belkin Wemo Insight Smart Plug has a standard buffer overflow in its library, according to McAfee’s Advanced Threat Research team. It can be used to bypass local security protection via a crafted HTTP post packet.

At the most basic level, the flaw (CVE-2018-6692) would allow a malefactor to switch the plug on and off – not much of an impact beyond being a nuisance. However, by design these smart plugs are meant to be connected to the home Wi-Fi network; the plug is used in home automation scenarios, allowing homeowners to remotely turn lights or anything else plugged into it on and off, via an app or a home-hub dashboard.

full article here:
By Catalin Cimpanu

Microsoft revealed last night that it successfully disrupted a hacking campaign associated with the Russian military intelligence service GRU.

The group is known in infosec industry circles as APT28, Fancy Bear, or Strontium, and has been previously linked to cyber-espionage campaigns aimed at numerous governments around the world, including to the hack of the Democratic National Committee ahead of the 2016 US Presidential Election.

full article here:

By Catalin Cimpanu

A new ransomware strain named Ryuk is making the rounds, and, according to current reports, the group behind it has already made over $640,000 worth of Bitcoin.

Attacks with this ransomware strain were first spotted last Monday, August 13, according to independent security researcher MalwareHunter, who first tweeted about this new threat.

There have been several reports from victims regarding infections with Ryuk in the past week, including one on the Bleeping Computer forums.

But despite these reports, security researchers from various companies have not been successful at identifying how this ransomware spreads and infects victims.

The common train of thought is that this ransomware spreads via targeted attacks, with the Ryuk crew targeting selected companies one at a time, either via spear-phishing emails or Internet-exposed and poorly secured RDP connections, albeit researchers have not been able to pinpoint the exact entry vector for infections as of yet.

"According to what we can see right now, it seems the attacks are targeted, i.e. a result of some manual compromise," Mark Lechtik, a Check Point security researcher, told Bleeping Computer in a private conversation today.

"Reason for this is that the malware needs Admin privileges to run, which it doesn't achieve on its own. Something else that executes it had to achieve this privilege," he added. "But no artifact was found to show what spawned the execution of the malware (i.e. no mail, document, script etc.)."

full article here:
By Catalin Cimpanu

The makers of Sitter, a popular app for connecting babysitters with parents, have involuntarily exposed the personal details of over 93,000 users.

The exposure took place last week and was caused by a MongoDB database left exposed on the Internet with no credentials.

Independent security researcher Bob Diachenko discovered the database. He told Bleeping Computer that he spotted the database on August 14, when he immediately reported the issue to the Sitter app makers. The Sitter team secured the database on the same day of the report, Diachenko said.

The database was previously indexed on Shodan, a search engine for Internet-connected devices, a day earlier, on August 13

full article here:
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by yashkhan on August 21, 2018, 10:54:24 pm »
I use Windows Defender and VoodooShield on Win 10 64 bit for a long time now. I didn't experience many issues mentioned by users here. If VoodooShield is the issue or to isolate the issue, try uninstalling all the other realtime protection cause sometimes disabling is not enough. Some users use automatic or realtime system cleaning software, try keeping it to manual for few days.
Pages: [1] 2 3 ... 10