Silensec Newsletter

Top News

The Massive OPM Hack Actually Hit 21 Million People!

The massive hack that struck the US Office of Personnel Management affected some 21.5 million people, all of them people who had information stolen about them from a backgrounds investigation database used for evaluating people who sought classified clearances from the government. The stolen information includes about 1.1 million fingerprints as well as findings that investigators obtained from interviews conducted with neighbors, friends and family members for background checks. Read more... 







Pwned Hacking Team tells cops, govts to shut down software

Flayed surveillance outfit Hacking Team is telling customers to suspend running instances of its software after 400GB of its source code and internal data was stolen and posted online.
The company has now asked customers to temporarily suspend use of its software while it investigates if their spying operations have been exposed among the huge cache of released emails and source code.
Read more...

 

 

 

Read more...
Top News

Mastercard to verify purchases using SELFIES!

Mastercard will begin using selfies as a means to verify payments. Users will need to hold their mobile phones at eye-level and blink once when instructed for the check-me-out checkout process to complete, taking a photo, instead of punching in PINs, a move MasterCard chief productsecurity officer Ajay Bhalla says will be popular with youth.

That process is designed to thwart obvious attacks where attackers could use a still image of a victim to verify fraudulentpayments
  Read more...



 

 

PeopleSoft p0wnage possible with a day of GPU brute-forcing.

ERPScan researcher Alexey Tuyrin says hundreds of Oracle PeopleSoftusers, including banks, are running publicly-exposed services that are open to a token-plundering vulnerability. The penetration tester says a breach could be worse than that of the Office of Personnel Management which recently lost millions of records in a hack pinned on China.

Oracle's PeopleSoft Human Resource Management System is used by more than 7000 companies including half of the Fortune 100, of which about a third are higher education organisations mainly based in the US. He says some 231 of that total are vulnerable to the so-called TokenChpoken attack that allows tokens to be recreated allowing attacks to pop data stores and other connected systems. His company has also found cross-site scripting and authentication bypass vulnerabilities he says have been unresolved for years. Read more...

 

Read more...
Top News

Phishers Change Tack to Target Corporates!

Cyber-criminals have rapidly adapted their phishing campaigns over the past year, abandoning social media lures in favor of a new focus on business users with communication notification templates, according to Proofpoint.

“While an important tool, user education cannot be the last line of defense,” Proofpoint, Inc. warned. “Organizations should deploy automated defenses capable of detecting and blocking threats that do not look or behave like previously known threats.” Read more...






Hotels.com Phishing Scam Duping Travelers!


​An undisclosed number of travelers who use Hotels.com may have been victims of a phishing scheme.

The company said some customers were recently tricked into disclosing their names, phone numbers, email addresses and travel bookings. An individual was reportedly able to convince customers that they represented either Hotels.com or the hotel where they booked a stay through phony emails and SMS messages, according to an email sent to travelers this week.

Unsuspecting travelers who stay at hotels are consistently a prime target for hackers. Read more...

 

 

Read more...

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed