Facebook launches data Abuse Bounty Program that rewards researchers who report the abuse of data by app developers. The reward’s based on just like any other bug Bounty Program. For researchers who notifies high severity bug’s, they offer rewards up to $40,000 as a maximum payout.
This new Data Abuse Bounty Program as a part of our efforts to more quickly uncover potential abuse of people’s information,” said Collin Greene, Head of Product Security.
The move come’s after Overall 87 Million affected Facebook Users has been identified and most of them in the US but at least 1 million Facebook Users in the UK and More than 1 Million Facebook Users affected in Indonesia, the Philippines alone.
Facebook said the main goal of this program is to protect users by fixing security vulnerabilities and to restrict the user data collected by app developers.
“Bad actors can maliciously collect and abuse Facebook user data even when no security vulnerabilities exist. This program is intended to protect against that abuse.”
Mozilla launched a new Firefox add-on Facebook container that opens Facebook in an isolated blue screen container that cut’s of the tracking the data.
Mark Zuckerberg says lawmakers that we didn’t do enough to prevent these tools from being used for harm. It was my mistake, and I’m sorry.
The minimum reward starting from $500 and the maximum reward is $40,000 and it will be determined based on a variety of factors, including (but not limited to) impact, data exposure, number of affected users and other factors.
To report a potential data Abuse Bounty facebook set’s minimum criteria “10,000 or more Facebook users affected is our initial minimum for rewarding issues”.
Zuckerberg said to House committee that We’re in the process of investigating every app that had access to a large amount of information before we locked down our platform in 2014. If we detect suspicious activity we’ll ban them and tell everyone affected.
More than 1.5 billion sensitive files exposed online publicly that including Patent Application, Payroll, Tax Return, Patient List, Copyright Application and Source Code.
The data exposed is not by means of any cybercriminal activities, it has been publicly available with the misconfigured cloud storage, file exchange protocols, and file sharing services
According to digital shadows report more than 1.5 billion sensitive files publically exposed across the three-month period. The exposed data is of 12,000 terabytes that available publicly on open Amazon S3 buckets, Rsync, SMB, FTP servers, misconfigured websites, and Network Attached Storage (NAS) drives.
With the data exposed Amazon S3 buckets accounts 7(percent), whereas other file sharing service like SMB (33 percent), rsync (28 percent) and FTP (26 percent) account larger portion of the exposure than the Amazon S3 buckets.
“The United States has the highest number of publicly-visible files shared across SMB, FTP, Web Index and NAS devices of any single country. With the 1.5 billion of sensitive files, 537 Million files are geolocated in the European Union,” said Digital Shadows.
“Digital Shadows analysis of these files indicates that organizations and individuals are unwittingly exposing vast volumes of data that aid attackers with a variety of motives, including espionage actors and financially-motivated actors criminals,”
Publicly exposed data contains a large amount of the employee data such as Payroll files (707,960) and Tax Return files (64,048). More than 2 Million of files that contain personal health information like MRIs based in Italy exposed.
The exposed data includes the Source Code, Patient List accounted about 95,434 and 4,548 respectively. Exposed data is a goldmine for attackers they can use the publicly available data to launch cyber attacks. the exposed information cut’s off their reconnaissance.
Shockingly some highly sensitive information’s such as security audit reports, network infrastructure details and penetration testing reports are stored online publicly.
Your data is a big part of your company. There are a hundred ways that to right away lose all of them which might get you out of business. There is a growing need to educate organizations and nd other people concerning the importance of securing sensitive data.
We heard about a number of Amazon bucket data exposures but the sensitive data exposed from other file exchange protocols and sharing services is greater than the S3 buckets.
GDPR comes into action on 25 May 2018 and it contains clear regulation on the protection of personal data and if the data is misgoverned companies should pay huge fines and damage in reputation.
Cinema voucher-pusher Sodexo Filmology hit by a cyber attack that affected the customer’s Credit cards and many of the Sodexo customers being affected by this incident.
Cybercriminals targetted the system that hosted for Sodexo Filmology Cinema platform using the security flaws that presented within the system.
Attacker mainly focusing on the payment page and compromised many of the user’s accounts to steal the Credit Cards information over 2 months.
In this case, Sodexo released an official statement that says, “We would advise all employees who have used the site between 19th March-3rd April to cancel their payment cards and check their payment card statements”
Based on the affected Customer statement, this attack has been carried out for several months and he said “After speaking to Filmology to ask exactly what had happened, I was informed that my bank details were stolen from the payment page and that the incident has been reported to the ICO. The hack on the payment page was carried out over 2 months and involved many accounts.”
Attackers initiated 3 attempts on the victim’s credit card and later he aware of unauthorized access and he reported to the concerned bank, later they successfully blocked his credit card.
As of now this breach only affected customers in the UK and Ireland and they also said, company had previously been made aware of similar unlawful access to personal data on Sodexo Filmology platforms, and immediately notified the authorities, including law enforcement agencies, as well as affected customers.
Sodexo Filmology
Based on the company report, UK employee rewards via discounted cinema tickets has also taken its site down “for the foreseeable future” in order “to eliminate any further potential risk” to consumers and to protect consumers’ data.
“These incidents have been caused by a targeted attack on the system we use to host our Cinema Benefits platform, despite having put in place a number of preventative measures with CREST-approved security specialists.”
“We sincerely apologize for any inconvenience this has caused you and are doing all that we can to provide access to your benefits via alternative means. We will share more information on this with you, or your provider, in the coming days, Sodexo Said.
Cyber attacks are growing in number every year and are causing damage to organizations and individuals worldwide. With the increasing number of cyber attacks, the developing severity of these attacks is also a matter of concern.
Cloud Security transforming many industries in the way how they handle data, applications, security, and workloads. Gartner predicts enterprises are going spend a considerable portion of their cloud security budget to detect cyber attacks than just prevention alone.
2017 is the year know for a number of data breaches and ransomware attacks which shifts the growth of the cloud security. Cybersecurity revolves around three themes enhancing incident response, better incident detection, and how these scenarios impact your business.
StegoSOC helps to drive this disruption and innovation by automating threat detection and by transfer threat context and analytics to support investigation and remedy. In short, your CSO is delivered.
With the integration of the big data and AI which is called as datacenter 3.0 could detect cyber attacks quickly when compared to the native technologies.
AI works faster than humans in a learning attack patterns, to analyze the massive data and identify the anomalies faster than humans.
The Blockchain Technology has since been explored by different sectors and it’s now being looked at seriously as a cybersecurity tool. DARPA is implementing blockchain to protect all sensitive documents.
DNS infrastructure will be better protected thru blockchain implementation. Sensitive data can be better handled with blockchain. Keyless authentication is a reality with blockchain.
This is the intent of new cyber laws like GDPR. Department of Financial Regulations NY. Every other country, including, China and India, implementing cyber regulations, Pl note it is not compliance. It is cyber-regulation.
This is clear signal how vital this is going to be for enterprises who hold customer data and how it has to be handled.
In 2018 enterprises are going to gear up to meet a lot of these regulations. 2018 is going to be a tough and challenging year from cybersecurity point of view.
Bitcoin is a pure peer-to-peer form of electronic money that would permit the online payments to be sent directly from one party to another without going through a financial organization and Bitcoin is completely cashless.
These transactions are validated by network nodes and published in a public shared record called a blockchain, which ensures Bitcoin’s security.
The blockchain is a distributed database that records bitcoin transactions, maintenance of the blockchain is performed by a network of communicating nodes running bitcoin software system.
How Does Bitcoin Works
Bitcoin transactions are sent from and to electronic bitcoin wallets and are digitally signed for security. Everyone on the network knows about a transaction, and the history of a transaction can be traced back to the point where the bitcoins were produced.
If Alice sends some bitcoins to Bob, that transaction will have three pieces of information:
An input. This is a record of which bitcoin address was used to send the bitcoins to Alice in the first place (she received them from her friend, Eve).
An amount. This is the number of bitcoins that Alice is sending to Bob.
An output. This is Bob’s bitcoin address.
Bitcoin transaction
In order to send a bitcoin, you need to have the address and a private key. The private key will be known only to the individual who generated it.
If you want to transfer funds then you need to sign the message with the input(source address), amount, Output(recipient address).
In order to prevent double spending, each network node stores its own copy of the blockchain.
Around six times per hour, a new group of accepted transactions, a block, is generated, added to the blockchain, and instantly distributed to all nodes.
Mining is a record-keeping service. Miners have the blockchain consistent, complete, and unalterable by repeatedly checking newly broadcast transactions.
Start With Bitcoin – Need Wallet
Wallet stores the information required to transact bitcoins. In nature, Bitcoins are inseparable from the blockchain transaction ledger.
So here wallet used to store digital credentials for your bitcoin holdings and to be used for transactions. It allows you to keep track of your reports.
Image Source: Bitcoin
There are many different types of wallets in various forms you can select the wallet of your choice.
How to buy and add to wallet
Once your wallet activated you can purchase bitcoins by having your wallet address, for purchasing bitcoins you can use Bank accounts or Credit cards.
You need to get the card added and verified to the wallet, once your account reaches the limits funds will be sent automatically to your card.
Can I do Bitcoin Mining
Bitcoin mining is decentralized, anyone having the compatible hardware will participate in mining. But is Highly Competitive.
Mining a block is a painful process because the SHA-256 hash of a block’s header that you are to generate must be lower than or equal to the target in order for the block to be accepted by the network.
Now Application Specific Integrated Circuit (ASIC) is the hardware used in the bitcoin mining world.
Bare in mind bitcoin transactions are irreversible. Need to do double check the sender address before proceeding.
You can use bitcoins anywhere they accepted in Games, to purchase and importantly to ransom.The status of Bitcoin varies well from country to country and continues to be vague.
Bitcoin Price Climbs as High as Ever reaches $5842in may and keeps growing fast than expected.Today it reaches $5500.
This attracts the financial investors to invest there in Bitcoins rather than in Gold or any other products.
Top 10 Bitcoin-Friendly Countries
Countries where Bitcoin Officially Accepted.
U.S.
Japan
Estonia
Sweden
Canada
Germany
U.K.
Finland
Countries where Bitcoin is legal But Officially Not Accepted
Singapore
Bitcoin is recognized as a commodity, not a currency. Payments in bitcoins are officially accepted as barter. Tax regulations are in place for Bitcoin.
India
No formal government regulations yet but Bitcoin trading is ongoing.
Vietnam
Bitcoin is legal to trade. Official regulations are underway in 2017.
Israel
Some loose regulations are in place. Trade and payments in bitcoin are legal.
China
Only individuals can legally trade. Institutions are forbidden to trade bitcoins. Some strict regulations are in place.
Bitcoin Completely Anonymous
No, they are not, bitcoin transactions square measure hold on on a public ledger called the blockchain, individuals can be ready to link your identity to a dealing over time.
To ensure anonymity most recent version of wallets will generate a new bitcoin address to receive bitcoins every time.
How do I Exchange bitcoins in INR
For Other Countries Visit here
It is very easy, you may open an account withUnocoin | India’s Bitcoin Wallet to open an account with this Wallet you need following documentation:- 1. Scanned copy of PAN Card 2. Scanned copy of Photo 3.Scanned copy of ID proof (Aadhar Card, Voter ID Card, Driving License etc) 4.Scanned copy of Address Proof (Aadhar Card, Voter ID Card, Driving License etc)
After register you will get a verification call from them after successful verification you will get your Bitcoin ID (you can see this in Bitcoin Option under Send/Receive sub-option in a Yellow Banner).
After that, you may update your bank details (Account Number, IFSC). Further, you may transfer your BitCoins to this wallet and click on SELL option and submit, after submission within 3 working days the amount will be credited to your bank account.
Cryptocurrency web miner scripts make into MSN portal through Advertising Platform AOL and create a large number of web miners. Hackers Modified the scripts of AOL advertising platform to launch a web miner program and most of the minor traffic linked to MSN[.]com in Japan.
Security researchers from Trend Micro Spotted a significant increase(108%) in the number of unique miners, the Sudden Spike is because of the effectiveness of the advertising platform.
The compromised advertisement was on the front page of the MSN and it uses to redirect the user’s to the number of other pages. Further analysis shows more than 500 websites compromised with the same campaign.
When a user visit’s the MSN portal and if the advertisement is displayed, then their browser starts running cryptocurrency web miner and it stops after the user closes the browser window.
The malicious script was injected into advertising[.]aolp[.]jp and the web miner traffic linked to the domain www[.]jqcdn[.]download that was created on March 18.
Cryptocurrency mining script generated based on the Coinhive and attackers users private mining pools, possibly to avoid charges of using well-established miner’s.
“We closely examined compromised sites that this campaign modified and noticed that much of the malicious content was hosted on Amazon Web Service (AWS) S3 buckets. The names of the S3 buckets were visible in some of the compromised URLs, allowing us to investigate them further. We found that the buckets were completely unsecured, left open for anyone to list, copy, and modify” researchers said.
With this campaign, attackers injected malicious script JavaScript library on the unsecured open S3 buckets.
According to Trend Micro “We suspect that the legitimate AWS administrator didn’t properly set the permissions of their S3 bucket, which allowed the attacker to modify the hosted content“.
New ATM Malware called ATMJackpot that is capable of dispensing large amounts of cash from the ATM Machine using ATM Jackpotting method.
Previously discovered ATM Jackptting Malware compromise the ATM by installing the malicious software and sophisticated hardware to pull out the cash.
Based on the Binary, researchers discovered this ATM malware originated from Hong Kong as 28th March 2018.
A few Months before sophisticated ATM skimming called “Shimmers” targeted chip-based credit and Debit cards to steal your entire card information form POS(Point-of-sale) terminal.
Also, Attackers inject an another ATM Malware called Ploutus.Dinject into the ATM machine and performing various Task
This newly Spreading ATM malware has a smaller footprint with a kind of small simple graphical user interface.
a simple graphical user interface
This Malware interface contains hostname along with the service provider information such as cash dispenser, PIN pad, and card reader information.
How Does This ATM Malware Works
This ATM Malware propagates via physical access by an attacker using USB and also spreading via a network by downloading the malware on to already-compromised ATM machines.
Initially, windows class name called ‘WIN’ registered by the ATMJackpot malware that leads to handle all the malware activities.
According to netskope, After registering a window class, the malware creates the window, populates the options on the window, and initiates the connection with the XFS manager
Later ATMJackpot malware starts it monitoring an operation of the events from different service providers and finally execute commands.
It using 3 Different commands to perform its malicious operation in the targeted ATM
1.Malware reads the data from PIN pad asynchronously using WFSAsyncExecute API
Read data from PIN Pad
2.Malware has the functionality to dispense cash
Dispense cash
3.Malware also has the functionality to eject the card
Eject ATM card
You can Also check the Advanced ATM Penetration TestingMethods that help prevent the ATM Based Attacks.
More than 130,000 user’s Plain text password has been exposed with the Largest data breach that affected by the Helsinki New Business Center. The breach occurs on an open website(liiketoimintasuunnitelma[.]com) that shares the business ideas.
The username and passwords are not encrypted, so attackers can use the credentials any time. The website was taken down after the data breach was identified on 3rd April.
“It is currently not known that the disclosed information would be freely accessible to anybody on the Internet. However, it is likely that the disclosed information has spread to cybercriminals” reads FICORA statement.
FICORA asks users to change the passwords if they used the same password for Business Plan or with other information system or network service.
The website has been taken down now after the Largest data breachwith the note “Data from the New Business Center in Helsinki leaked in connection with a large-scale data hacking”.
“We are very sorry for all the people who have been subjected to crime and who may be affected by mental or financial disadvantages. Unfortunately, we are not yet able to know exactly how many people are and what information this information breaks. We have filed an offense report, and the parties do not need to report to the police separately, “says Jarmo Hyökyvaara, Chairman of the Board of the New Business Center of Helsinki.
“The maintenance and security of our service was the responsibility of our subcontractor, our long-term partner. Unfortunately, the security of the service has not been enough to prevent this kind of attack. This is, in part, our mistake, and as a subscriber and owner of the service we are responsible for this, “said Hyökyvaara.
When it comes to cybersecurity then no any business would be able to ignore it! In fact, if we consider the reports of Verizon Data Breach Investigation then we would be able to see that 60% of the cyber attacks target SMBs, mostly because they are comparatively somewhat easy targets.
The FBI has estimated that ransomware infects more than 4,000 U.S. businesses every day.Attackers are more successful when effective countermeasures are not in place.
According to Kali Tool list, Linux Exploit Suggester provide just a simple script to keep track of vulnerabilities and suggest possible exploits to gain ‘root‘ on a legitimate penetration test or governing examining body.
This Script will perform by “uname ” -r to find the Linux OS Released Kernel Version.
Additionally possible to provide ‘-k’ flag to manually enter the Kernel Version/Operating System Release Version.
Linux Exploit Suggester Tool
Step 1:
If you don’t Find Linux Exploit Suggester by Default in Kali Linux, from then Download the clone Repositorfrom Github
Once you Download the tool then Extract the Zip and Install it
Step 2:
To find the Linux Kernal Version user uname -v
Step 3:
Here we could see the possible Exploit of lInux kernal Verson 2.6.28 .
Use ” Perl ./Linux_Exploit_suggester.pl -k “
Here K Used for Manually enter the Version of OS Kernal.
Here 2.2.28 Linux Kernal version Have some Vulnerabilities to Exploit
Now office 365 users get’s built-in Ransomware Detection, Recovery & Email encryption. The new functions are coming to Office 365 Home and Office 365 Personal subscribers.
The Ransomware capabilities will be available to office 365 users soon and other features like Password protected sharing links, email encryption, and prevent forwarding will be in upcoming weeks. Also, you can Read Ransomware Attack Response and Mitigation Checklist.
Recover files & Ransomware detection for Office 365
With the new File Restore option, you can recover the files of your one drive to the previous point of time within the 30 days. The new feature enables you to recover the accidental file removal, ransomware, file damage and other catastrophic events.
Office 365 users get alerted through an email, mobile, or desktop notification if their files are under attack and provided guidance to restore the files based on the date and time of the attack.
Microsoftadds password protection for sending an email or sharing a link so that it will be sent only to the intended recipients.
While sharing the links office 365 users are provided with an option to set a password for accessing a shared file or folder. Email encryption with outlook adds additional security layer and ensures end-to-end encryption of your email.
Recipients use to receive a link to the trusted Office 365 webpage where they can choose to receive a one-time passcode or re-authenticate with a trusted provider before viewing the email.
“When composing an email in Outlook.com, sensitive information like social security numbers can be detected to provide you with a suggestion to send with encryption” says Microsoft.
Prevent forwarding restricts users from copying or forwarding emails that you sent from the outlook. Emails sent with the prevent forwarding option are also encrypted.
Advanced link checking option encounters the malicious links that you in Word, Excel, and PowerPoint. With its real-time detection, it checks the destination website is likely to download malware onto your computer or if it’s related to a phishing scam.
“Today’s announcements have focused on new, advanced protection capabilities for our Office 365 Home and Personal subscribers. However, those who use our free services also have strong protections in place. This includes robust Microsoft account security like two-factor authentication and anomalous sign-in detection”
