Maxthon Browser collects Sensitive Information
Exatel and Fidelis Cyber security firms said in report that Maxthon browser collects sensitive information and sends it to the server. The feature named User Experience Improvement Program (UEIP) that collects analytic information about users’ usage of the browser. The browser gathers more information that it is required. The information includes OS version, screen resolution, CPU type, CPU speed, memory, ad blocker status, etc. the data sends over via ueipdat.zip file to the main server. But the CEO of Maxthon Community has expressed his opinion on Exatel findings.
US FDIC covered about breaches occurred in the Past
US FDIC (Federal Deposit Insurance Corporation) has been under cyber-attacks from china but the officials covered the fact for years. US House Committee on Science, Space and Technology has published a report and disclosed the fact regarding attacks on FDIC. FDIC suffered cyber-attacks in 2010, 2011, 2013. These breaches happened because of poor data handling. Around 12 (twelve) computers of FDIC officials were accessed for crucial information.
Majority of ICS Equipment found vulnerable, Kaspersky says
Kaspersky revealed fact about Internet available ICS (Industrial Control Systems) vulnerabilities. In 2015, Kaspersky found around 189 vulnerabilities and out of them 49% were of critical stage and 42% were of medium range. The ICS equipment types like HMI, SCADA, industrial network device, PLCs, were found vulnerable. There were 55 manufacturers like Siemens; Schneider Electric and Hospira whose devices were vulnerable. Vulnerable devices are located in Germany, Spain, France, and Canada. The affected devices are from major industries like aerospace, electricity, transportation, oil and gas, chemical, etc.
Ubuntu Online Forum hacked, but restored successfully
The Ubuntu Online Forum suffered from data breach and affected around 2 million users. The data of users includes IP address, usernames, email addresses was compromised. However, the hack was not influenced Ubuntu operating system. The forum service has been restored after necessary actions. There was add-on in which SQL injection vulnerability was unpatched that exposed the data. There were no active passwords accessed during the breach.
The US Government will not collect data from outside the USA Territory
Recently, the US government ordered that the USA government could not access the data of the data centers located outside the territory of the USA. The decision will limit the US government ability to gather foreign communication data. Even, Microsoft has won the case under State Communication Act. Microsoft welcomed the decision and told that people should have assurance about usage of their personal information.
DARPA announced about Hacking Challenge worth $2Million
DARPA (Defense Advanced Research Projects Agency) has come up with hacking challenge that will award $2M amount to potential winners. DARPA has chosen seven teams who will protect themselves and find issues without any human interaction. DARPA actually wants to build smart Artificial Intelligence System that will auto detect and patch issues in security system. The challenge will be taking place at DEF CON hacking conference. The winning team will have to build artificial system that can detect and finds own patches as well update them.
