Breaking News »

Latest Hacking News

Wells Fargo Accidentally Releases 50,000 clients' confidential data

Wells Fargo accidentally sent 1.4 gigabytes of sensitive files to a former financial adviser who subpoenaed the company as part of a defamation lawsuit against one of its current employees.

 According to the bank’s lawyer, the files that Wells Fargo’s lawyer sent include a vast trove of confidential information of at least 50,000 customers' names, Social Security numbers and sensitive financial info about tens of thousands of the bank’s wealthiest clients, with investment portfolios worth tens of billions of dollars.

The databases are the collections of the spreadsheets which were handed over to Gary Sinderbrand, the former financial adviser, with no protective orders and no written confidentiality agreement. The lawyer to send him the files, Angela A. Turiano, explained that what happened was a mistake caused by working with an outside vendor.

After realizing the mistake, Ms. Turiano sent him an email describing the disclosure as “inadvertent,” and further wrote, “Obviously this was done in error and we would request that you return the CD asap so that it can be properly redacted.”

“We are continuing to evaluate his legal rights and responsibilities,” Mr. Zeisler wrote in response to her email. “Wells Fargo has not identified what specific documents it asserts were inadvertently exposed.”

This error could be classified  as a data breach that "potentially violates a bevy of state and federal consumer data privacy laws that limit the release of personally identifiable customer information to outside parties."

Railways to focus on cyber security: Prabhu

The Indian Railway Minister,  Suresh Prabhu has said that ensuring cyber security of the railway's  in the day to day operations is one of the most important priority.

Speaking at a conference attended by senior rail officials, Mr Prabhu said that there has been an exponential increase of the technology in Railway's, over the past three months only the ministry has launched several initiatives like RailCloud Server and Rail Saarthi App and is now working on an enterprise resource planning (ERP) solution.

"We are working on a complete transformation of the railways through an investment of huge amounts of money and transformation of each and every aspect of operations to make them better. We are using high-end technology for maintenance and detecting defects in tracks through one application," said Prabhu

"So if we are doing all this and using the cyber space for digital transactions, obviously, the vulnerability of that transaction becomes very critical.

"When we do everything manually, the challenge is manual error and if we are shifting from manual to technology oriented operations, then the flaws in technology or someone who can potentially hoodwink it is as high and sometimes even dangerous. So cyber security is one of the top priorities," the minister added.

This conference was about the security issues in Indian Railways and was attended by  Chairman, Railway Board, A K Mittal and other railway board members and senior officials.

Nearly three decades ago major activities like ticketing, freight operations, train operations and asset management in railways were computerized.

While, they launched RailCloud, a virtual server with an inbuilt security system that will enable faster connectivity at a reduced cost.

Pixel face of Vladimir Putin will be on cover of the "Time"

A new, surprising cover of the magazine "Time" with the portrait of the President of Russia Vadimir Putin will be released on July 31. The face of the Russian is depicted through gray icons, symbolizing user accounts.

The title of the main article of the magazine is "The Secret Plan to stop Putin's election plot." In the article the Russian Federation again was blamed for intervention of Russian hackers in the American elections. The author notes that the administration of the US President prepared a Contingency Plan for a hacker attack on election day of the US President.

It should be noted that on the G20 Summit in Hamburg on 7 July the topic about the intervention of Russian hackers in the US elections was discussed by the leaders of Russian Federation and US for 40 minutes. So, Vladimir Putin and Donald Trump agreed to establish a Joint Commission for cyber security.

Andrey Krutskikh, special representative of the Russian President on cyber security, said that a desire for cooperation with Russia represents the Russian Federation as a elephant, a cyber-elephant, as a great cyber Power, despite the many defects in this area.



Android SpyDealer Trojan Spies On More Than 40 Apps

(pc-Google Images)
Malware researchers at Palo Alto Networks have spotted a new Android Trojan, dubbed SpyDealer that can intercept date from more than 40 applications.

All user’s data were exfiltrated by abusing the Android accessibility service feature and used exploits from a commercial rooting app for data theft by gaining root Access of the Targeted Android.

SpyDealer exfiltrates data from apps like WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent Weibo, Android Native Browser, Firefox Browser, Oupeng Brower, QQ Mail, NetEase Mail, Taobao, and Baidu Net Disk.

SpyDealer performs very sophisticated hijacking Attacks with infected users and it also takes advantages from rooting applications such as “Baidu Easy Root” and gains root access of the targeted victims.

Once SpyDealer is successfully installed with an Android Mobile, it automatically hides its icon in the infected Mobile and it has two Broadcast receivers which are used for listening to the events such as device booting up and network connection status.

SpyDealer Malware Initial infection is not yet identified but Paloalto believes that initial infection would be through compromised wireless network.