It is a painful event for eCommerce platforms, when they found any vulnerability instead of visitors on their website. Such events are increasing frequently in cyber world, last week where attackers tried to expose the system to put millions of users at risk. ClickSSL always help users to make them aware of what is happening behind the shining face of cyber world. So let us take off a curtain over this week’s cyber stories.
Kaspersky launched Map of APT malware
After years of research, the GreAt (Global Research and Analysis Team) at Kaspersky lab has made a map of APT (Advanced Persistent Threats) that shows the inception of threat, detection year, status and operation connected to them. The map indicates that currently 12 APTs are active including Cosmic Duke, Dark Hotel, Energetic Bear, Kimusky, Mini Duke, NetTraveler, Regin, Winnti, Epic Turla, FinSpy, Black Energy and Hacking Team RCS.
Hackers have stolen National database of Serbian Citizens
Serbian State’s Network has been attacked by hackers and stolen information related to ID numbers of almost Serbian citizens. Five hackers have claimed about the hacking on Serbian identity system and revealed image of stolen data. However, the government of Serbian has not confirmed about the data breach. According to news portal In Serbia, hackers have emailed to Serbian daily Blic. Hackers also suggested that they are against the cyber police because they are ignoring Albanian cyber criminals and chases Serbian hackers.
Charge Anywhere confessed about a Security Breach
Charge Anywhere – an electronic payment service provider has admitted about the security breach. Hackers have been trying to siphon the unencrypted credit/debit data since last five years (since November 2009) from the network. After forensic analysis, it is revealed that hackers were able to grab unencrypted transaction. Hackers have captured details of cardholders like cardholder name, account number, expiration date, and transaction verification code. The company also provides a countercheck to find whether the merchants using Charge Anywhere is affected or not.
Iranian hackers have wiped out Data of Sands Corp. Casino
According to Bloomberg news, Iranian hackers have wiped out corporate system data of Las Vegas Sands Corp. there has been a lot damage to company’s servers and networks due to wipe out of hard disk with visual basic malware. However, the company’s chief executive officer had given a statement about Iran’s nuclear program in October 2013. Security experts believe that there should be a relation between the statement and the current attack. Hackers have started to penetrate the network in December 2013, and gained the access and control in January 2014.
Alibaba’s E-commerce Platform found vulnerable, soon patched
Israel Cyber Security experts have disclosed a security flaw in Alibaba’s eCommerce platform, which can be compromised. The details of millions of merchants and customers are at risk. Barak Tawily firstly gave the detail about the vulnerability to Israel channel 10 TV. However, Alibaba has patched the vulnerability that allows hackers to modify the shipping address. Alibaba has urged customers to update their accounts immediately.
Smart watch is vulnerable to Brute force attack
A group of security researchers at Bit Defender discovered a loophole that can interpret the data exchanged between the Smartphone and smart watch via Bluetooth. An attacker could intercept user’s data including text message, Google’s hangout chats, and Facebook conversations. The security of a Bluetooth communication takes place between the Android devices and smart watch, which depends on a six-digit PIN code that is built with a key space. Such code is vulnerable against a brute force attack. Researchers have also made a video exposing the communication between the Smartphone and smart watch via Bluetooth.