An Instagram researcher hacked the Instagram server and accessed employee credentials. Juniper firewalls contained an unauthorized code backdoor since 2012. A 19-year-old hacked an airline's website and stole $150,000 by selling fake tickets. 13 million MacKeeper users had their data exposed in an unsecured database. Anonymous declared war on Donald Trump by DDoSing his websites. A Linux vulnerability allowed hacking by pressing backspace 28 times to exploit the Grub2 bootloader.

1. Security Newsbytes
:by Adi
The world this month

2. Shocking! Instagram HACKED! Researcher hacked
into Instagram Server and Admin Panel
• WesleyWeinberg, a senior security researcher at
Synack, participated in Facebook's bug bounty
program and started analyzing Instagram
systems after one of his friends hinted him to a
potentially vulnerable server.
• The researcher found an RCE (Remote Code
Execution) bug.
• Exploiting the vulnerability,Weinberg was able
to force the server to vomit up a database
containing login details, including credentials, of
Instagram and Facebook employees.

3. Juniper Firewalls with ScreenOS Backdoored Since
2012
• Juniper Networks has announced that it has
discovered "unauthorized code" in ScreenOS,
the operating system for its NetScreen firewalls,
that could allow an attacker to decrypt traffic
sent throughVirtual Private Networks (VPNs).
• The backdoor impacts NetScreen firewalls using
ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12
through 6.3.0r20,
• The can be fixed by immediate patching by
upgrading to a new version of the software just
released today.

4. 19-Year-Old Teen Steals $150,000 by Hacking into
Airline's Website
• Somebody just hacks into airlines and sells fake
tickets.
• The teen used sensitive information to
successfully defraud hundreds of customers by
convincing them that there was some issue with
their booking flights, and they had to pay extra
fees.
• Moreover, the hack caused the airline to lose
almost 80,000Yuan ($12,365 USD) as a result of
customers requesting refunds.

5. 13 Million MacKeeper Users Hacked — 21 GB of Data
Exposed
• The database of 13 Million Mac users' which
contains PII (Personlly identifiable information.
• The data breach was discovered by ChrisVickery,
a white hat hacker who was able to download 13
Million customer records by simply entering a
selection of IP addresses, with no username or
password required to access the data.

6. Microsoft warns of possible attacks after Xbox
certificate leaked:
• The private keys for xboxlive.com
were "inadvertently disclosed,"
Microsoft said, which could be used
to impersonate the Xbox Live
website and carry out a so-called
"man-in-the-middle" attacks.
• This could trick Xbox users into
handing over their username and
password, potentially leading to
further attacks on the user.
• The company has revoked trust in
the certificate.

7. Anonymous Declares War On Donald Trump —
#OpTrump
• The hacktivist group has declared war against
DonaldTrump following his recent radical
speech stating he wanted to ban Muslims from
entering the United States.
• The group started OpTrump hacking campaign
by taking down websites ofTrump by hitting it
with DDOS attacks for few hours.

8. Spy Banker Trojan Telax being hosted on Google Cloud
Telax
• The Trojan is spreading through
Brazil via malicious links posted on
social networks.
• The hackers are using Google
Cloud Servers to host the initial
Spy Banker Downloader Trojan,
which in turn installs the payload
(Dropper file).
• The Lures used in social media
range from coupon vouchers to
free AV software applications.
• The Trojan has some stealthy
capabilities, while it is designed to
steal banking passwords.

9. You can Hack into a Linux Computer just by
pressing 'Backspace' 28 times
• It just needs to hit the backspace key 28 times,
for at least the computer running Linux operating
system.
• This time, the issue is neither in a kernel nor in an
operating system itself, but rather the
vulnerability actually resides in Grub2, the
popular Grand Unified Bootloader, which is used
by most Linux systems to boot the operating
system when the PC starts.
• The good news is the researchers have made an
emergency patch to fix the Grub2 vulnerability.

10. Daily Motion served Angler
exploit kit to visitors
• Popular streaming website Daily Motion has become
the latest victim of malicious advertisements
(Malvertising) and has delivered malware payloads to
potentially millions of visitors.
• The hacker bought ad space in the Daily Motion
website and placed a decoy ad that initiates a series
of redirections and ultimately loads the Angler
exploit kit.
• "The bogus advertiser is using a combination of SSL
encryption, IP blacklisting and JavaScript obfuscation
and only displays the malicious payload once per
(genuine) victim," the Malwarebytes team says.

11. Content Theft Websites Delivering More Than Just
Content
• A new study sponsored by the Digital Citizens Alliance and
conducted by RiskIQ of 800 content theft sites found that a
third of those sites are exposing users to malware.
• "We're seeing stolen content used as a bait to lure
consumers onto Web pages," Tom Galvin, executive director
of the Digital CitizensAlliance, told eWEEK.
• "Content is the bait, and malware delivery is the objective."
• The malware is delivered in variety of ways, including links
that infect users once they click on them as well as "drive-
by" malware infections that require no user interaction.

12. Cyber Insurance Moves Toward “Must Have” and
“Evidence Based
• Cyber security insurance is set to become
more sophisticated in 2016, forcing
enterprises to meet new security
requirements to be eligible for coverage,
according to a new report.
• With ongoing technological advances and
the growing value of data, cyber security
insurance cater to the growing complexity
and unpredictability of cyber-attacks, the
report said.
• Moving forward, insurance companies will
refuse to pay for breaches caused by
ineffective security practices.

13. Someone Just Tried to Take Down Internet's
Backbone with 5 Million Queries/Sec
• This DDoS attack was able to knock 3 out of the 13
DNS root servers of the Internet offline for a couple
of hours.
• According to the analysis published by the root
server operators onTuesday, each attack fired up to 5
million queries/second per DNS root name server.
• There is no indication of who or what was behind the
large-scale DDoS attacks because the source IP
addresses used in the attacks.

14. Hacker leaks massive customer dump after failing to
get $3 million ransom from a bank
• A hacker going by the name of ‘Hacker Buba’ hacked
into the Invest Bank of United Arab Emirates a week
ago. Hacker Buba demanded a ransom of $3 million in
bitcoins.
• However, when the bank did not comply with his
demands, he appears to have dumped tens of
thousands of customer files online.
• Apparently after failing to get the ransom, Hacker
Buba started tweeting the bank customer details. The
Twitter account of Hacker Buba which has since been
deleted has tweets about bank customers, mostly of
corporate accounts, that was reportedly stolen
from Invest Bank.

15. Nemesis Bootkit — A New Stealthy Payment Card
Malware
• This malware possible to load before Windows
starts.
• This makes the malicious threat hard to detect and
remove using traditional security approaches.
• Moreover, the malware resides in a low-level portion
of a hard drive.
• This makes the malware infection reappears even
after the complete reinstallation of the Windows
operating system.

16. Critical 'Port Fail' Vulnerability Reveals Real IP
Addresses of VPN Users
• A newly discovered flaw affecting allVPN protocols and
operating systems has the capability to reveal the real IP-
addresses of users' computers, including BitTorrent
users, with relative ease.
• The vulnerability, dubbed Port Fail byVPN provider
Perfect Privacy (PP) who discovered the issue, is a simple
port forwarding trick and affects those services.
• VPN providers including Private InternetAccess (PIA),
Ovpn.to and nVPN have fixed the issue before
publication

17. ThankYou !
Sources: technetworm, thehackernews,
scmagazine, threatwire,Websense forums,
Anonhq, fossbytes