WADA and TAS servers hacked by unknown Hacker
The server of WADA (World Anti-Doping Agency) and court of Arbitration of Sport (CAS) has been hacked by anonymous hacker. Hacker group has dumped data online together with a video that contains TAS hacking. The breached data of TAS contained basic site database dump and there was no sensitive information was stolen. However, hackers have not released data of WADA but their spokesperson at Rio Olympics has revealed about the breach. The spokesperson also said that there was no breach of sensitive information related to Athletes’ drug results.
Fake Twitter Customer Support page stole users’ Credentials
Crooks are pretending to be customer support on Twitter and redirect customers to phishing sites to collect their sensitive information. Crooks created a fake twitter account “@NatWest_HelpTC” of NatWest (National Westminster Bank) for phishing activities. Phishers were interacted with customers when the customer support staff was off duty. In reply to customers’ query, phishers told customers that a particular feature could be avail when they will sign and verify their account. Thus, phishers provided a link to redirect customers to a fake site to steal their credentials.
Microsoft forever Disabled RC4 Ciphers
Microsoft has officially shunned RC4 ciphers in IE 11 and Edge browsers. The company has announced about RC4 in September 2015. RC4 was believed to be insecure encryption when IETF (Internet Engineering Task Force) has banned it in February 2015. RC4 encryption was used previously in WEP, WPA, SSH, TLS/SSL. Microsoft recently released an update KB3151631 on August 9, 2016, and with this update, the authority has disabled RC4 by default.
Dota2 Gaming forum hacked
The official developer forum of Dota2 (Defense of the Ancients 2) has been hacked and the personal information of around 2 million users is at stake. The stolen data included email, IP addresses, usernames, user identifier and hashed passwords. The stolen data was sent to LeakedSource on 9 August 2016. The forum was using MD5 hashing and salt for password storage. Hackers have decoded around 80% passwords into plain text. After reset passwords, the Dota2 developers has publicized about its data breach.
Google added a warning against unauthenticated Email
Google announced about safe browsing warning as Gmail will show warning when receiving mail from unauthenticated user. The warning will show a question mark on user’s profile photo or logo as the mail failed to authenticate itself with Sender Policy Framework (SPF). Additionally, if a user clicks on phishing link, he/she will see warning “Visiting this website may harm your computer”. The new amendments are part of Google’s Safe Browsing protection.
