Personal information of approximately 5 million parents and more than 200,000 children was exposed after Chinese company, VTech, was hacked. This is the fourth largest consumer data breach to date.
VTech is a Hong Kong-based global supplier of electronic learning products for children ranging from infant to preschool and the world’s largest manufacturer of cordless phones. The breached data included names, email addresses, passwords, and home addresses of parents who purchased products sold by VTech.
Hackers gained root access with full authorization and control to VTech’s database by using a SQL injection—an old, yet extremely effective, method of attack where hackers insert malicious commands into a website’s form, tricking it into returning other data. The hacker claiming responsibility stated he has no intentions of using the data.
On November 24, Hilton Worldwide confirmed an unknown attacker had broken into its point of sale (POS) systems and stolen data, such as card names, expiration dates and security codes belonging to an unspecified number of credit and debit cardholders.
Hilton reported personal identification numbers (PIN) or addresses were not compromised. They cannot confirm when the attackers exploited their POS systems, but they know it happened within a sixteen-week period from November 18 to December 5, 2014 or April 21 to July 27, 2015.
Hackers are using POS Malware to steal customer payment data. It exploits a flaw in the security of how credit card data is processed. While credit card data is encrypted during the payment authorization, it’s not encrypted while the payment is actually being processed when the credit card is swiped.
Point of sale systems are popular targets for cyber criminals due to their role in the processing of financial transactions. POS malware steals customer payment data, exploiting a gap in the security of how credit card data is handled.
The malware attempts to steal formatted data, known as tracks, stored on a credit card’s magnetic stripe. Hackers then re-encode the track data onto counterfeit cards. Malware that targets track data leverages the need for this data to be stored in the memory of a running program in a decrypted state for transaction authorization to occur.
Although POS malware is less sophisticated than malware like banking Trojans, due to the Christmas holiday period and the increase of credit card use, POS malware is very effective.
The Association of Banks (ABS) in Singapore alerted mobile bank consumers of malicious malware that disguises itself either as a software update for Android users or a service for updating WhatsApp.
WhatsApp is a cross-platform mobile messaging application, allowing users to exchange messages without paying for SMS. The malware also disguises itself as an operating system update, specifically for the battery management module, and advertises more uptime for Android smartphones.
In both scenarios, the malware asks the user to download an update. The exploit is done once the download is initiated, but NOT before the malware requires you to enter your credit card information.
According to a market analyst report, security is one of the top concerns for organizations considering moving to cloud computing. Cloud providers know they are targets for attacks more than single-user data centers. By simply averaging the cost of security over a large number of customers, a good cloud providing company can afford to spend more on safeguarding customer data than the majority of private datacenters.
Successful cloud providers employ people who truly understand security, while building dedicated security teams to plan and implement broad-scale security policies, which are monitored by a team of cybersecurity professionals who can react to any security incident, such as a denial-of-service attack.
Because cybersecurity professionals take proactive approaches to ensuring data security, the odds of a security breach are significantly reduced. Because cloud providers know they are at great risk of attack, they tend to better prepare for breaches than individual private datacenters, allowing businesses to feel confident their data is secure in the cloud.
Reference: Are you worried about cloud security?
The Thai government was attacked with a powerful DDoS attack by the hacking group Anonymous, which brought down their network, along with the country’s Ministry of Information Communication and Technology (ICT) and leaked information about Thailand’s police officers.
What makes this particular DDoS different than other DDoS attacks is that it was not the work of a botnet but the result of users continuously refreshing the aforementioned webpages associated with the DDoS, making the servers crash.
Anonymous activists using hashtag #OpSingleGateway, executed a coordinated series of cyber attacks against the Thai government sector, for the purpose of drawing national and international attention to the government’s Internet censorship plans.
Thailand has been preparing to funnel all the country’s Internet connections through one single Internet gateway, giving reason to believe the Thai government will fully control, filter and spy on Internet traffic.
The Thai government says the single gateway is simply an attempt to cut down costs; however, Thais fear this might be the first step in creating what’s called “The Great Firewall of Thailand,” an Internet sniffing and filtering system, similar to the “The Great Firewall of China.”
|188.8.131.52 - NEW|
|184.108.40.206 - NEW|
|220.127.116.11 - NEW|
|18.104.22.168 - NEW|
|22.214.171.124 - NEW|
|126.96.36.199 - NEW|
|188.8.131.52 - NEW|
|184.108.40.206 - NEW|
|220.127.116.11 - NEW|
|18.104.22.168 - NEW|
|22.214.171.124 - NEW|
|126.96.36.199 - NEW|
|188.8.131.52 - NEW|
|184.108.40.206 - NEW|
|220.127.116.11 - NEW|
|18.104.22.168 - NEW|
|22.214.171.124 - NEW|
|126.96.36.199 - NEW|
|188.8.131.52 - NEW|
|184.108.40.206 - NEW|
|root/ (blank password)|
|445||Microsoft Directory Service|
|22||Secure Shell (SSH)|
|3389||Remote Desktop Protocol|
|139||NetBIOS Session Service|
|8080||HTTP Alternative (Proxy)|
|110||HTTP Alternative (Proxy)|
|1433||Micorosft SQL Swerver|
|3268||Global Catalogue LDAP|
|9999||Abyss Web Server|
|5000||Universal Plug ‘N Play (UPnP)|
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.