Breaking News »

Latest Hacking News

Dairy Queen admits Data Breach

Dairy Queen, a fast food restaurant, has confirmed that systems in a limited number of its stores have been infected by malware.  The data breach puts customers' credit card and debit card data at risk. 

Readmore at:
http://krebsonsecurity.com/2014/08/dq-breach-hq-says-no-but-would-it-know/

UPS store at 51 locations hit with Malware, Customers' Card data at risk

UPS Store, a subsidiary of UPS, said that 51 US Stores in 24 States were hit with a malware which was not detected by current Antivirus software.

The breach puts customers who used a credit or debit card at one of the affected locations between January 20,2014 and August 11 at risk.

Customer information that may have been exposed in this breach includes names, postal addresses, email addresses and payment information.

The company hired an IT Security firm to conduct forensic investigation after receiving a notification about a "broad-based malware intrusion" from US Government.

The UPS Store said it eliminated the malware as of August 11.  The company is offering identity protection and credit card monitoring services to impacted customers.


Hackers exploit HeartBleed vulnerability to compromise CHS


Community Health Systems (CHS) recently revealed that hackers have compromised their computer network and stolen personal information of around 4.5 million patients.


The report says the attackers have breached the CHS network in between April and July.  Mandiant, the company that did the forensic investigation found that the group responsible for the "Advanced Persistent Threat" attack is originated from China.

The compromised information includes patients names, phone numbers, Social Security Numbers and other details.

The company claims that no patient credit card, medical or clinical information has been taken.

According to TrustedSec, hackers have exploited the infamous OpenSSL "heart bleed" vulnerability to compromise the CHS network.

"Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability (which was vulnerable at the time) and use them to login via a VPN." TrustedSec explained.



Android Malware 'Krysanec' masquerading as legitimate apps

Security Experts always recommend android users to download applications only from official Google Play store. If you are downloading apps from third-party markets, you may end up with malware on your device.

Researchers at ESET found a new piece of android malware that masquerading as legitimate android applications.

The sample ESET analyzed is detected as Android/Spy.Krysanec and found to be disguising as mobile banking application for Russian users, data usage monitoring apps.  One to them is disguised as Set Mobile security.

These modified apps is found to be containing the android version of Unrecom RAT.

The Trojan has ability to harvest various data from the infected device.  It is also capable of taking photo, recording audio,  contact list, sms and collect more information.


Vulnerability »

Malware Report »

Defacements »

Spam Report »