Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
NEWS BYTES
SEPT-OCT16
CYBER-SEC ENTHUSIAST
BY-Saurabh
Chaudhary
MAJOR HACKS OF THE
MONTH• US SECRET DEFENCE NETWORK HACKED RESULTED IN THE DEATH OF 100
INOCENTS..!!
• YOUR IOT DEVICE MAY...
US AIRFORCE
HACKED 62 SYRIAN SOLDIERS, 15 CIVILIANS IN
AFGHANISTAN AND 22 SOMALI SOLDIERS
WERE REPORTEDLY KILLED BY US DR...
WORLDS LARGEST 1 TBPS DDOS
ATTACK
VICTIM-FRANCE-BASED HOSTING PROVIDER OVH
POWERED BY 1500,000 HACKED IOT DEVICE.
 ANNA...
WIN 50,000 $$$$$$$$
 non-profit research and development
organization MITRE has
challenged researchers to come up with ne...
YOU CAN GET HACKED BY OPENIONG JPEG
2000
RESEARCHERS HAVE DISCLOSED A CRITICAL ZERO-DAY
VULNERABILITY IN THE JPEG 2000 IM...
324,000 FINANCIAL RECORDS WITH CVV
NUMBERS STOLEN FROM A PAYMENT
GATEWAY
 VICTIM- BLUESNAP
 AROUND 324,000 USERS HAVE LI...
MASSIVE DATA BREACH EXPOSES 6.6
MILLION PLAINTEXT PASSWORDS FROM AD
COMPANY
VICTIM- CLIXSENSE
THE DATA BREACH HAS EXPOSE...
BLOCKCHAIN.INFO DOMAIN HIJACKED; SITE
GOES DOWN; 8 MILLION BITCOIN WALLETS
INACCESSIBLE
 BLOCKCHAIN.INFO, THE WORLD'S MOS...
MP-ONLINE
HACKED
 THE COUNCELLING OF PRIVATE MEDICAL
COLLEGE WAS AFFACTED
 ALL THE DETA REGUARDING THE
STUDENTS WERE GON...
MP-ONLINE HACKED
REFERENCE
• The times of india
• www.thehackersnews.com
• www.twiter.com
• www.news.ycombinator.com
THANK YOU VERY MUCH
FOR YOUR TIME
Upcoming SlideShare
Loading in …5
×

News bytes null bhopal 16-10-2016 by saurabh_chaudhary

184 views

Published on

the presentation covers all the major hacks and the news in the it industry from 15 sept16 to 15 oct 2016 for null bhopal monthly meet

Published in: Technology
  • Be the first to comment

  • Be the first to like this

News bytes null bhopal 16-10-2016 by saurabh_chaudhary

  1. 1. NEWS BYTES SEPT-OCT16 CYBER-SEC ENTHUSIAST BY-Saurabh Chaudhary
  2. 2. MAJOR HACKS OF THE MONTH• US SECRET DEFENCE NETWORK HACKED RESULTED IN THE DEATH OF 100 INOCENTS..!! • YOUR IOT DEVICE MAY HAVE CONTRIBUTED IN THE BIGGEST DDos ATTACK ..!!!!! • EARN 50,000$ !!! YOU HEARD IT RIGHT … • NTRIBUTED IN THE BIGGEST DDos ATTACK ..!!!!! • DO NOT OPEN JPEG2000….!! • 32,4000 FINANCIAL RECORD WITH CVV STOLEN .. • WORLD'S MOST FAMOUS BITCOIN WALLET WAS BREACHED • PLAINTEXT PASSWORDS AND COMPLETE WEB-SOURCE CODE ON SALEEEE…
  3. 3. US AIRFORCE HACKED 62 SYRIAN SOLDIERS, 15 CIVILIANS IN AFGHANISTAN AND 22 SOMALI SOLDIERS WERE REPORTEDLY KILLED BY US DRONE STRIKES ON 9 SEPTEMBER 2016, THE SIPRNET SYSTEM CURRENTLY IN OPERATION AT CREECH AFB FAILED,  THE AIR FORCE IS INVESTIGATING THE CONNECTION BETWEEN THE FAILURE OF ITS CLASSIFIED NETWORK, DUBBED SIPRNET, AT CREECH AIR FORCE BASE  SIPRNET, OR SECRET INTERNET PROTOCOL ROUTER NETWORK, IS A GLOBAL UNITED STATES MILITARY INTERNET SYSTEM USED FOR TRANSMITTING CLASSIFIED INFORMATION,
  4. 4. WORLDS LARGEST 1 TBPS DDOS ATTACK VICTIM-FRANCE-BASED HOSTING PROVIDER OVH POWERED BY 1500,000 HACKED IOT DEVICE.  ANNA-SENPAI HAS RELEASED THE SOURCE CODE FOR IOT BOTNET NAMED MARAI…. I AM STILL WONDERING WHY THE MALWARE'S AUTHOR CHOSE TO DUMP THE CODE ONLINE ?? THE MALWARE IS PROGRAMMED TO HIJACK CONNECTED IOT DEVICES THAT ARE USING THE DEFAULT USERNAMES AND PASSWORDS SET BY THE FACTORY BEFORE DEVICES ARE FIRST SHIPPED TO CUSTOMERS.  THE ATTACK CODE HAS BUILT-IN SCANNERS THAT LOOK FOR VULNERABLE SMART DEVICES IN HOMES AND ENROLL THEM INTO A NETWORK OF BOTNET.
  5. 5. WIN 50,000 $$$$$$$$  non-profit research and development organization MITRE has challenged researchers to come up with new ideas for detecting rogue IoT devices on a network. THE GOOD NEWS: YOU CAN EARN $50,000 FOR YOUR IDEA.  We already have 6.5 billion to 8 billion IoT devices connected to the Internet worldwide, and the number is expected to reach 50 billion by 2020  This Challenge is open FOR EVERYONE but you have to participate in TEAM
  6. 6. YOU CAN GET HACKED BY OPENIONG JPEG 2000 RESEARCHERS HAVE DISCLOSED A CRITICAL ZERO-DAY VULNERABILITY IN THE JPEG 2000 IMAGE FILE DISCOVERED BY SECURITY RESEARCHERS AT CISCO TALOS GROUP, THE ZERO-DAY FLAW, ASSIGNED AS TALOS-2016-0193/CVE-2016- 8332, COULD ALLOW AN OUT-OF-BOUND HEAP WRITE TO OCCUR THAT TRIGGERS THE HEAP CORRUPTION AND LEADS TO ARBITRARY CODE EXECUTION COMPANY PATCHED THE FLAW LAST WEEK WITH THE RELEASE OF VERSION 2.1.2. THE VULNERABILITY HAS BEEN ASSIGNED A CVSS SCORE OF 7.5, CATEGORIZING IT AS A HIGH-SEVERITY BUG.
  7. 7. 324,000 FINANCIAL RECORDS WITH CVV NUMBERS STOLEN FROM A PAYMENT GATEWAY  VICTIM- BLUESNAP  AROUND 324,000 USERS HAVE LIKELY HAD THEIR PAYMENT RECORDS STOLEN EITHER FROM PAYMENT PROCESSOR BLUESNAP OR ITS CUSTOMER REGPACK  WHO SO EVER DID THIS IS NOT CLEAR BUT THE STOLEN DATA IS FLOATING AROUND THE WEB  ALTHOUGH THE PAYMENT DATA DOES NOT CONTAIN FULL CREDIT CARD NUMBER BUT IT HAS EMAIL ADDRESSES, PHYSICAL ADDRESSES, PHONE NUMBERS, IP ADDRESSES, LAST FOUR DIGITS OF CREDIT CARD NUMBERS, EVEN CVV CODES NUMBERS WHICH IS ENOUGH FOR A
  8. 8. MASSIVE DATA BREACH EXPOSES 6.6 MILLION PLAINTEXT PASSWORDS FROM AD COMPANY VICTIM- CLIXSENSE THE DATA BREACH HAS EXPOSED PLAINTEXT PASSWORDS, USERNAMES, EMAIL ADDRESSES, AND A LARGE TROVE OF OTHER PERSONAL INFORMATION OF MORE THAN 6.6 M CLIXSENSE USERS.  LATEST VICTIM TO JOIN THE LIST OF "MEGA-BREACHES" REVEALED IN RECENT MONTHS, INCLUDING LINKEDIN,MYSPACE, VK.COM, TUMBLR, AND DROPBOX. MORE THAN 2.2 MILLION DATA POSTED ON PASTEBIN OVER THE WEEKEND. ANOTHER 4.4 MILLION ACCOUNTS UP FOR SALE. CLIXSENSE ADMITTED THE DATA BREACH AND SAID Another Day, Another Data Breach!
  9. 9. BLOCKCHAIN.INFO DOMAIN HIJACKED; SITE GOES DOWN; 8 MILLION BITCOIN WALLETS INACCESSIBLE  BLOCKCHAIN.INFO, THE WORLD'S MOST POPULAR BITCOIN WALLET AND BLOCK EXPLORER SERVICE, HAS BEEN DOWN FROM LAST FEW HOURS, AND IT'S BELIEVED THAT A POSSIBLE CYBER ATTACK HAS DISRUPTED THE SITE.  WITH MORE THAN 8 MILLION DIGITAL WALLET CUSTOMERS, BLOCKCHAIN IS USERS' FAVORITE DESTINATION TO SEE RECENT TRANSACTIONS, STATS ON MINED BLOCKS AND BITCOIN ECONOMY CHARTS.  SINCE ITS DNS SERVER HAS BEEN HIJACKED, IT COULD BE POSSIBLE THAT AN ATTACKER CAN HOST A FAKE WEB PAGE ON THE SAME DOMAIN IN AN EFFORT TO STEAL YOUR BITCOIN WALLET CREDENTIALS.
  10. 10. MP-ONLINE HACKED  THE COUNCELLING OF PRIVATE MEDICAL COLLEGE WAS AFFACTED  ALL THE DETA REGUARDING THE STUDENTS WERE GONE  THE SITE WHICH WAS FACILITATING ADMISSION TO MEDICAL COLLEGE WAS HACKED .  AT MIDNIGHT STUDENTS GOT DEADLINE SMS FROM (DME )TO PRESENT PHYSICALY AT (GMC) IN THE NEXT 8 HOURS WITH ALL THEIR DOCUMENTS.
  11. 11. MP-ONLINE HACKED
  12. 12. REFERENCE • The times of india • www.thehackersnews.com • www.twiter.com • www.news.ycombinator.com
  13. 13. THANK YOU VERY MUCH FOR YOUR TIME

×