Silensec Newsletter

Top News

Phishers are upping their game. So should you

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and hosting scam pages over https:// connections — complete with the green lock icon in the browser address bar to make the fake sites appear more legitimate.

According to stats released this week by anti-phishing firm PhishLabs, nearly 25 percent of all phishing sites in the third quarter of this year were hosted on HTTPS domains — almost double the percentage seen in the previous quarter.

“A year ago, less than three percent of phish were hosted on websites using SSL certificates,” wrote Crane Hassold, the company’s threat intelligence manager. “Two years ago, this figure was less than one percent.”

Hassold posits that more phishers are moving to HTTPS because it helps increase the likelihood that users will trust that the site is legitimate. After all, your average Internet user has been taught for years to simply “look for the lock icon” in the browser address bar as assurance that a site is safe.

Read more...

Major banking applications were found vulnerable to MiTM attacks over SSL

A group of security researchers has discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers.

An attacker could intercept SSL connection and retrieve the user'€™s banking credentials even if the apps are using SSL pinning feature, which provides an additional level of protection against man-in-the-middle attacks, the certificate pinning is implemented to avoid detection of security solutions that use their own certificates to inspect the traffic.

Read more...

Read more...

Top News

.GIF garage Imgur plugs 1.7M subscriber creds breach

The world's self-described "most awesome" collection of images, Imgur, has confessed to leaking 1.7M user records in 2014.

Imgur's chief operating officer posted a confirmation of the breach saying that users' registered email addresses and hashed passwords were leaked, but no personally-identifying information was compromised.

The only risk to passwords is that until 2016 Imgur used the SHA-256 algorithm to encrypt passwords, which is susceptible to brute-force attacks.

Read more...

A new Mirai variant is rapidly spreading, 100k+ IPs running the scans in the past 60 hours

Researchers noticed big upticks on port 2323 and 23 scan traffic, with almost 100k unique scanner IP came from Argentina.

According the researcher, a publication of the proof-of-concept (PoC) exploit code in a public vulnerabilities database is the root cause of the increase of activity associated with the Mirai botnet, the experts observed scans using it.

After investigation, the researchers are convinced that this is a new mirai variant.

Read more...

Read more...

Top News

Uber concealed hack of 57 million accounts for more than a year!

Hackers stole names, email addresses, and phone numbers of 57 million Uber riders around the world in a breach dating back to October 2016. Data on more than 7 million drivers was also stolen, including over 600,000 drivers' license records. Trip records, location data, and social security numbers were not stolen in the breach, the company said.

The company's former CSO kept the hack a secret & paid the hackers $100,000 to delete the data and to keep details of the breach quiet. The breach happened under the watch of former chief executive Travis Kalanick, who knew about the cyberattack. His former deputy, CSO Joe Sullivan, a former federal prosecutor and senior Facebook executive, covered up the breach, the publication reported.

The company confirmed the breach.

Read more...

Firefox to warn users who visit p0wned sites

Do you really want to go there? Mozilla developer Nihanth Subramanya has revealed the organisation's Firefox browser will soon warn users if they visit sites that have experienced data breaches that led to user credential leaks.

Subramanya explained that Mozilla has teamed with haveibeenpwned.com to source data that will warn users.

The feature's not complete, in code or conceptually.

Read more...

Read more...

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed