ClickSSL Weekly InfoSec Snipper January 16, 2017

This entry is part 57 of 73 in the series Weekly Infosec Snipper

Cellebrite suffered from hacking, 900 GB data has been stolen

Cellebrite has been hacked and hackers stolen 900 GB data. The data included technical information and log files, government messages from different countries. However, the name of hacker is not revealed but the company said that one of its servers was affected and only basic information was taken away. The company authority also requested users to change their passwords though there are no critical data was stolen.

Hackers can intercept encrypted message of WhatsApp

WhatsApp is again in news due to its backdoor feature, the issue came into limelight when Tobias Boelter, security researcher from the University of California, revealed about this issue. Hackers and the company can intercept user chat by exploiting trust-based key exchange mechanism. User will not know if there is any change in encryption key has occurred in background. In case of change of device by user and reconfiguration of the app, WhatsApp automatically replaces new keys between users without informing users to deliver messages. In this situation, hackers can replace his public key with a user key that has recently reconfigured WhatsApp on his new device.

Hackers use Autofill feature of browser to gain credentials

Google and other browser platforms offer Autofill feature that stores data on browsers. However, attacker can use this auto feature against user and leaking data to hackers. Viljami Kuosmanen – a Finnish web developer revealed a video on GitHub that how hacker can misuse autofill feature. Mozilla Firefox has not multi box “autofill” system and the browser still forces users to pick pre-fill data for each box.

Cheap SSL

Yahoo is renaming its name to “Altaba”

Yahoo is renaming its remaining business to “Altaba” it shows an end of a brand name. The company has notified Securities and Exchange Commission (SEC) about change of name. The new company will work as Investment Company with the strength of five board members. Yahoo CEO Marissa Mayer will be appointed for the Yahoo’s integration with Verizon. After revealing of secret backdoor in the system, Verizon wants to reduce the deal price, which will be announced before closing of the deal.

Kapustkiy hacker hacked the government of Venezuela website

A hacker named Kapustkiy has hacked website (www.gdc.gob.ve) of the Government of Venezuela to protest against the dictatorship of the government. The total three websites were exploited with LFI and SQL vulnerability. The stolen data was posted on PasteBin website. The database included names, email, phone number, and hashed passwords of few individuals. The all three websites are running live and it is not confirmed that Venezuelan authorities are aware of this hacking or not.

Around 6000 Magento sites were hacked in last two years

According to The Federal Office for Information Security (BSI) report, around 6000 online stores that are using Magento have been hacked in last two years. While 1000 stores are located in Germany, these stores were affected with online skimming. Many of online stores were failed to fix the issue even after the notifying to them. Security researcher de Groot believed that 6000 sites were hacked during 18 months of time. The experts also released a scanning tool for Magento shops.

Series Navigation<< ClickSSL Weekly InfoSec Snipper January 9, 2017ClickSSL Weekly InfoSec Snipper January 23, 2017 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.