The document reports on several cybersecurity incidents:
- A Pakistani hacker defaced several Indian government websites in Goa.
- Edward Snowden confirmed that the US and Israel co-developed the Stuxnet malware.
- Anonymous hackers leaked documents from Spain's governing People's Party website.
- A security report found mobile malware increased 614% over the past year.
2. 15 Goa Government Websites hacked
by Pakistani Hacker "H4x0r HuSsY”
A Hacker with Handle "H4x0r HuSsY" from
Pakistan has managed to take control of few
Indian Government websites and has
defaced them. All of the hacked websites
are belong to Goa State
The affected websites includes NRI Commission of
Goa(nri.goa.gov.in), Directorate of Agriculture
(www.agri.goa.gov.in), Directorate of Art and Culture
(artandculture.goa.gov.in/uploads/index.html), Department of
Information and Publicity
(artandculture.goa.gov.in/uploads/index.html) ,Directorate of
Fire & Emergency Service (goadfes.gov.in/media/index.php),
Goa Dental College (gdch.goa.gov.in), Government Printing
Press & Stationery (goaprintingpress.gov.in).
3. City of Mobile Police Hacked &
Data Leaked by Turkish Ajan
While it's been widely speculated that
the notorious computer worm Stuxnet
was the result of partnership between
US and Israel, the famous NSA
Whistleblower "Edward Snowden" has
confirmed it. Stuxnet was a highly-
complex malware discovered in 2010,
used as cyber weapon against the
Iran's nuclear program..
Snowden answered a few interesting questions in an Interview had
with Germany's Der Spiegel Magazine.When Interviewer asked
about the NSA involvement in Stuxnet, Snowden confirmed that
saying "NSA and Israel co-wrote it“.When asked about German
authorities involvement in NSA surveillance system, Snowden
confirmed that saying "Yes, of course. We're 1 in bed together with
the Germans the same as with most other Western countries.".
4. Anonymous Hackers Breach Systems of
Spain’s People’s Party, Leak Documents
Anonymous hackers have defaced the
official website of Spain’s People’s
Party (Partido Popular), the country’s
governing party. In addition
to defacing the website – which has
been restored –, the hacktivists have
also leaked 5 gigabytes of documents
that allegedly represent the party’s
financial accounts from 1990 to 2011.
Darknet.in reports that the party refused to release the documents after a
judge overseeing a political corruption scandal asked to see them. The
information has been posted on torrent sites, blogs and other websites so
that citizens can analyze it. According to a video statement published by
the hackers a couple of days ago, the documents show that the People’s
Party has used public money to buy expensive cars, a pony and other
items.The hacktivists are displeased with the fact that the party keeps
talking about austerity and cuts while it “robs” the people.
5. Mobile malware grows by 614 %
Mobile malware creators and
smartphone makers seem to be in a
neck-and-neck software race, but new
data shows that the malware creators
could be taking the lead.
Juniper Networks released its third annual Mobile Threat Report on
Tuesday and the findings aren't pretty. Mobile malware grew at a
rate of 614 percent from March 2012 to March 2013 -- that's equal to
276,259 malicious apps floating around out there. Last year, the
increase was amere 155 percent.
The report is based on an analysis of more than 1.85 million mobile
apps and vulnerabilities across major mobile operating systems.
in last year
6. WellPoint takes $1.7 million hit
over HIPAA slip
WellPoint, a managed health care giant,
agreed to pay $1.7 million to the U.S.
Department of Health and Human Services
for violating HIPAA regulations. HIPAA, the
Health Insurance Portability and
Accountability Act of 1996, is a set of rules to
maintain patient privacy.
These fines may also pick up given that HIPAA liability will extend to
business partners that receive and store health information. HIPAA will
extend to contractors and subcontractors on Sept. 23.
According to the HHS, WellPoint left patient health data accessible to
unauthorized users over the Internet. The HHS began its WellPoint
investigation following a data breach report.
7. Kremlin finds way to avoid
leaks:Typewriters
Dust off your Olivetti.
It might be the future. The future of national
security, at least.
This quaint thought comes to mind as the result
of news emerging from the inner bowels of the
Kremlin.
So the Kremlin has started ordering typewriters. Lots
of them. Indeed, the Telegraph, relying on sources
at Russia's Federal Guard Service, says that about
$15,000 is being spent to purchase new electronic
typewriters.
8. Cyberattack on South Korea was part
of 4-year spying campaign
"Our analysis of this attack -- known first as Dark Seoul and now as
Operation Troy -- has revealed that in addition to the data losses of
the MBR wiping, the incident was more than cybervandalism,"
McAfee's report reads. "The attacks on South Korean targets were
actually the conclusion of a covert espionage campaign."
South Korea has been under a concerted
cyberattack for the last four years, according to
a comprehensive new report (PDF) released
Monday by security firm McAfee. That means
the hack that crippled three TV broadcasters
and two banks in March was possibly just the tip
of the iceberg.What has been the goal of these
hackers? To steal South Korean government
and military secrets, according to McAfee.
9. Secunia and VLC get into
Fight overVulnerability report
Secunia and VLC Team got into a hot argument
after Secunia set the patch status of their VLC
vulnerability report to "UnPatched". At the end of
last year, Secunia team reported a vulnerability
(SA51464) in VLC version 2.x.The root cause of the
vulnerability lies in the underlying FFmpeg library,
which VLC statically links to. It was reported that the
vulnerability was caused due to a buffer overflow
issue when parsing SWF files, which was incorrect.
When the VLC team came to know about the issue they tried to
fix it but they missed the root cause and didnot solve the core
problem. They released the next VLC version and claimed it to
be safe but this was not the case as said by Secunia team. The
VLC team kept on releasing the version from 2.0.5 to 2.0.7 and
claimed that the vulnerability was fixed -
10. Pakistani Google,Yahoo, Apple,
Microsoft hacked by Turkish Hacker
group Eboz A Turkish hacker group called Eboz has hacked
and defaced Pakistani high profile websites
which includes Search Engine giant Google,
Yahoo, Microsoft and Apple, Visa, HSBC, Coca
Cola, Blogspot, Sony, HP, eBay and PayPal .
The hackers has defaced Google.pk,
Google.com.pk, Yahoo.pk, Apple.pk,
Microsoft.pk and 279 other sites in Pakistan
It seems like hackers compromised the Pakistan's TLD operator PKNIC
which administers and registers all .pk domains. Hackers modified the
DNS servers records such that it points to some other server, points to
two nameservers, dns1.freehostia.com and dns2.freehostia.com
11. Convicted Hacker Says He
Committed Credit Card Heist for
U.S. Government
The hacker who orchestrated the biggest computer crime
operation in U.S. history is alleging that the American
government authorized him to do so. Last year, 29-year-old
Albert Gonzalez pleaded guilty to hacking into computer
systems at TJX, Office Max, Dave & Busters, Heartland
Payment Systems and other companies, in order to steal
some 130 million credit card numbers. He received a 20-year
prison sentence, which he's currently serving at a low-security
facility in Michigan.
"I still believe that I was acting on behalf of the United States
Secret Service and that I was authorized and directed to
engage in the conduct I committed as part of my
assignment to gather intelligence and seek out international
cyber criminals," Gonzalez wrote. "I now know and
understand that I have been used as a scapegoat to cover
someone's mistakes."
12. ITV News Twitter account hacked
by Syrian Electronic Army
British broadcaster ITV on Friday
became the latest media outlet to
have one of its Twitter feeds hacked by
anonymous supporters of Syria's
President Bashar al-Assad, just days
after Twitter beefed up security to
prevent such attacks.
ITV's London news Twitter account @itvlondon was hijacked on Friday
afternoon and used to promote spoof stories about Syrian rebels,
before the hackers tweeted "Just kidding. The Syrian Electronic Army
was here. #SEA via @Official_SEA12."
the security breach was triggered by a phishing email.
13. Netherlands Domain Registrar
SIDN websites hacked via SQL
Injection
Unknown hackers have penetrated into the Netherlands Top
domains registrar(.nl) SIDN and placed malicious files in a number of
SIDN sites.
According to official statement, hackers have managed to breach
the site by Exploiting a SQL Injection vulnerability in 25jaarvan.nl. To
prevent further attack the organization shut down the web
application and temporarily suspended the zone file publication. "As
a result of our precautionary action, some areas of the website that
registrars use to download registrar ship-related data have been
unavailable since Tuesday". In an email to registrars, SIDN reports the
login credentials of Registrars' site have also been compromised in
the Security breach.