Hi guys! I'd like to show you the second part of my cyberdigest. I've collected the most interesting news in the past week. Enjoy and comment
1) South Korea’s intelligence agency told lawmakers North Korean hackers could have been behind the $530 million theft of virtual coins from a Japanese cryptocurrency exchange last month, people familiar with the matter told Reuters on Tuesday. Link
2) Hackers broke the servers of Metal Gear Solid V. Thanks to it the confidential ending of the game has appeared on the Internet. Link
1) Associated Press announced that hackers known as Fancy Bear went after at least 87 people working on american militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities. Link
2) Uber says hackers who hacked ride-hailing firm Uber’s data in 2016 were in Canada and Florida at the time. About 25 million people whose data was compromised in the breach live in the United States. Of those, 4.1 million were drivers. Uber disclosed the breach of 57 million worldwide users in November, about a year after it occurred. Link
3) A CYBER hacking tool that allowed criminals to take full control of victims’ computers is no longer available thanks to an operation led by the South West Regional Cyber Crime Unit. The Luminosity Link RAT (a Remote Access Trojan) enabled hackers to connect to a victim’s machine undetected. They could then disable anti-virus and anti-malware software, steal data and passwords and watch victims via their webcams.Detective inspector Ed Heath, head of the South West Regional Cyber Crime Unit, said: “The sale and deployment of this hacking tool were uncovered following a single arrest and the subsequent forensic examination of the computer. Link
1) Hacker Group Fancy Bears has leaked documents obtained from Canadian winter sports federations, revealing that North American officials are among the fiercest agitators against Russia. In their latest leak, the hackers emphasized the fact that an independent investigation into alleged doping scheme in Russia was held by a Canadian lawyer, Richard McLaren, acting on behalf of the World Anti-Doping Agency, which is based in Montreal, Canada. Link
2) Hardly a week before the commencement of the 2018 Winter Olympics at PyeongChang, hackers are targeting companies associated with the Olympics in an attempt to siphon off sensitive data. Investigations by cybersecurity firm McAfee have uncovered Operation GoldDragon which is a campaign to obtain data from organisations affiliated with the Olympics by sending phishing emails to lure victims into malicious content. Link
3) Hackers try to sell personal data of ukranian people who allegedly are clients of logistic company Nova Poshta in Ukraine. Two bases were offered for sale. The first is on 18 million users, but without specification, the second is on 500 000, with data like a full name, a phone number and the passport number.
4) Security researchers at SentinelOne and Malwarebytes discovered that MacUpdate, a popular platform that hosts and aggregates software and applications for MacOS, was hacked and used to distribute a cryptocurrency miner onto the machines of unsuspecting users. The platform was spreading the cryptocurrency miner starting on Feb. 1. The issue was resolved by Feb. 2, but users who downloaded software from the site during the window while the miner was active are still at risk. Link
1) A source code for a key component of the iPhone's operating system was leaked online, potentially handing hackers coveted data which will make it easier to break into iOS. It was removed after Apple filed a takedown request. The code posted on GitHub is for the iOS 9.3 version of iBoot, a vital component of iOS which ensures the booting of the operating system. Link
1) A critical flaw in Cisco's Adaptive Security Appliance is under attack, according to a security advisory posted by the company. "The Cisco Product Security Incident Response Team (PSIRT) is aware of public knowledge of the vulnerability that is described in this advisory," the advisory reads. "Cisco PSIRT is aware of attempted malicious use of the vulnerability described in this advisory." Cisco has been urging users to patch their systems to protect against a critical VPN vulnerability after it was first reported earlier this week. With actual attacks attempted, though, the need for IT to begin updating ASA systems is paramount. Link
2) The organizers of Pyeongchang Winter Olympics announced that the Games fell victim to a cyber attack during the opening ceremony on Friday, but they refused to disclose the source. The Games systems, including Internet and television services, were influenced by the hacks two days ago, but the organizers said they did not compromise any critical part of their operations. Link
3)Security researchers from Positive Technologies have revealed the cyberattack which was aimed at the enterprises of defense industry in Russia. Also experts say that companies from US, Japan and other countries were attacked.