Search This Blog

Latest News

Huawei to Reward Hackers for Discovering Any ‘Secret Backdoors’ In Its Smartphone Technology

With the hopes of outdoing Google, Huawei announced in a "big bounty launch" to reward hackers for exhibiting a "critica...

All the recent news you need to know

New Bug that hacks WhatsApp and makes DoS Attacks through crafted MP4 Files


A latest risky threat has been identified in both Android/iOS devices' WhatsApp version. The bug allows hackers to transmit tampered MP4 folders to WhatsApp users, which enables the Dos and Remote Code Execution Attack. Whatsapp is one of the most popular social media apps in the world, with billions of Android and ios users. The threat is categorized as a “Risky” vulnerability that struck a remote code block of MP4 files in the Whatsapp database. The bug exploits the user's device and manipulates a piece of information to hit the memory of WhatsApp Messenger.



The vulnerability allows hackers to use the bug on the user’s smartphone to take important data and also allows surveillance of user activity. “The bug can activate a stack-based buffer in the user's Whatsapp account by transmitting tampered MP4 folders. The problem was already breaking down the primary metadata of the MP4 files. This could lead to an RCE or DoS attack," says the Facebook advisory board on behalf of WhatsApp.

About RCE Vulnerability- 

In an RCE hack, attackers purposely misuse a primitive code performance vulnerability to run the virus. RCE can have harmful results on a network—by urging the affected system to execute code performance, the attacker can conduct his performing. The threat also enables hackers to execute the attack without any kind of verification. Known as CVE-2019-11931, the vulnerability can be tracked using the same. It is not the first time that such an attack has occurred on Whatsapp, another similar RCE attack was discovered last month that allowed hackers to steal files from users' WhatsApp account using wicked Gifs.

As of now, no factual details about the vulnerability are available. The experts are still inquiring about the issue. "No proof was found for the vulnerability that caused the exploit," said Whatsapp spokesperson to GBHackers. He further says, “WhatsApp is steadily striving to upgrade the safety of our assistance. We give open statements on possible problems that we have solved steadily with management friendly manners. In this case, there is no evidence to assume users were affected.”

Windows Security Warning- Ransomware is Rapidly Growing and Got Difficult to Guard Against




Security experts are predicting an unusual rise in ransomware attacks and a strategic change in the cybercrime ecosystem which is directed to evade detection and fail the existing defense mechanisms against it. As the ransomware attacks will expand in scale with a heightened influence, few dominant players currently present are expected to disperse themselves into multiple smaller ones.

Ransomware infects the victim's computer by locking down the hard drive and encrypting the data present onto the system, then the attacker asks the victim to pay the demanded ransom in due time and if the victim fails to do so, the data is gone forever. The virus spreads across infected networks via a worm and encrypts several machines in a row. After an in-depth analysis of various 'Windows security threats' such as coin miners, file-less malware, ransomware, PUAs, banking Trojans, Global cybersecurity company, Bitdefender concluded that out of all, the threat posed by ransomware is growing rapidly. Reportedly, it has grown 74 percent, year on year. GandCrab had been one of the most prevalent and sophisticated ransomware since its arrival in 2018, it kept on strengthening its defense and upgrading its delivery methods to bypass detections. After its death, ransomware experienced its first and indeed a steep fall in the cybercrime ecosystem in terms of severity of a particular threat. However, a new birth means several new players will enter the scene and might hit the security layers even harder than GandCrab, experts have the potential candidates under the radar. One such threat is being anticipated from 'Sodinokibi (aka REvil or Sodin)'.

The upsurge in ransomware attacks in 2019 has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to declare that it was nearing to qualify as a "large-scale cyber event." According to an August 2019 publication, ransomware "has rapidly emerged as the most visible cybersecurity risk playing out across our nation's networks."

"The fall of GandCrab, which dominated the ransomware market with a share of over 50 percent, has left a power vacuum that various spinoffs are quickly filling. This fragmentation can only mean the ransomware market will become more powerful and more resilient against combined efforts by law enforcement and the cybersecurity industry to dismantle it," the report reads.

The Russian Railways information system got hacked in 20 minutes


Specialists of Russian Railways will conduct an investigation after the statement of the Habr user that he hacked the Wi-Fi network during a trip on the Sapsan high-speed train and gained access to the data of all its users in 20 minutes. According to the company, the hacked network did not contain personal data, but only entertainment content.

On Friday, November 15, user keklick1337 on the portal Habr.com was returning from Saint-Peterburg, where he visited the ZeroNights information security conference, to Moscow. The programmer became bored, and he decided to check the reliability of the Wi-Fi and easily gained access to the hidden data of Russian Railways. He noted that " the same passwords and free security certificates are used everywhere, and the data is stored in text documents."

"It is not difficult to access the data of the passengers of the train and it takes at most 20 minutes", noted the author of the post.

"The server of the information and entertainment system of Sapsan trains does not store personal data of passengers. The multimedia portal provides information and entertainment content: news of Russian Railways, movies, books, music and other information, " — said the representative of Russian Railways.

According to the spokesman, for authorization in the system, the user must enter only the last four characters of the document, which he used to buy a ticket, as well as the rail car and the seat number. These data are not personal and in accordance with the current legislation of the Russian Federation are stored on the server for no more than one day.

"The infotainment system server is not connected to the internal network of Russian Railways or other internal control services on the train, it is designed exclusively for entertainment and information topics and does not store any confidential customer data," added the company.

The Russian Railways plans to conduct a technological investigation on the fact of hacking the train system Sapsan.

Earlier, E Hacking News reported that the personal data of 703 thousand employees of Russian Railways, from the CEO to the drivers, were publicly available.

Open databases leaked 93 Million billing files of patients.



Around 93 Million billing files were exposed containing information of patients from drug and alcohol addiction facilities by a misconfigured AWS s3 storage bucket. These three drug and alcohol addiction facilities were operated by San Juan Capistrano, California-based Sunshine Behavioral Health, LLC namely SBH’s Monarch Shores location in San Juan Capistrano; Chapters Capistrano facility in San Clemente, Calif.; and Willow Springs Recovery center in Bastrop, Texas. Patients from these facilities had their data open and accessible and SBH was repeatedly informed by DataBreaches.net about this leak.



The exposed data consisted of billing details like individual's name, birth date, physical and email addresses, phone numbers, debit and credit details like card numbers with partial expiration dates and a full CVV code and health insurance information, including membership and account numbers and insurance benefits statements. Roughly, 93 Million files were released but comparatively fewer individuals were affected as patients had multiple files to their name. The news was covered by DataBreach.net yesterday, but they have been following the case since August.

An anonymous individual tipped DataBreach.net about the open database in late August and they informed Sunshine Behavioral Health regarding the leak on September 4th but to no avail. They then spoke to SBH's director of compliance, Stephen VanHooser and shortly the data was made private. But, unfortunately in November Databreach.net noticed that “the files were still accessible without any password required if you knew where to look.

And anyone who had downloaded the URLs of the files in the bucket while the bucket was exposed would know where to look.”, stated the post. The data and files were finally secured after they again reached out to SBH on Nov 10 and 12. Adding to that, the three-drug and alcohol addiction facilities haven't made the leak public, There has been nothing on their website, the California Attorney General’s website, or HHS’s public breach tool, even though it is more than 70 days since they were first notified,” the blog states. Maybe the affected parties were informed but not the public.