Skip to main content

Posts

Showing posts from 2017

CBI techie nabbed over software that hacks Railways Tatkal ticket system

CBI techie nabbed over software that hacks Railways Tatkal ticket system      How do some travel agents manage to book confirmed railway tickets under Tatkal category, while thousands of passengers make unsuccessful bids on their computers or at reservation counters? Well, it seems it is all programmed. A software programmer of the anti-corruption agency CBI is alleged to be the brain behind one such illicit software which subverted the Railways reservation system, allowing the agents to book hundreds of Tatkal tickets at a single click of the mouse, officials said on Wednesday in New Delhi.   The Central Bureau of Investigation (CBI) has arrested its assistant programmer Ajay Garg and his front, Anil Gupta, for developing and distributing the software to agents for a price, agency spokesperson Abhishek Dayal said. Besides Garg and Gupta, the agency has booked 13 others, including Garg's family members and travel agents. Garg's parents, wife,

1.4 Billion Clear Text Credentials Discovered in a Single Database

Largest Breach A Massive Resource for Cybercriminals Makes it Easy to Access Billions of Credentials. Now even unsophisticated and newbie hackers can access the largest trove ever of sensitive credentials in an underground community forum. Is the cyber crime epidemic about become an exponentially worse? While scanning the deep and dark web for stolen, leaked or lost data, 4iQ discovered a single file with a database of 1.4 billion clear text credentials  — the largest aggregate database found in the dark web to date. None of the passwords are encrypted, and what’s scary is the we’ve tested a subset of these passwords and most of the have been verified to be true. The breach is almost two times larger than the previous largest credential exposure, the Exploit.in combo list that exposed 797 million records. This dump aggregates 252 previous breaches, including known credential lists such as Anti Public and Exploit.in, decrypted passwords of known breaches lik

Vault 8: WikiLeaks Releases Source Code For Hive - CIA's Malware Control System

Almost two months after releasing details of 23 different secret CIA hacking tool projects under Vault 7 series, Wikileaks today announced a new Vault 8 series that will reveal source codes and information about the backend infrastructure developed by the CIA hackers. Not just announcement, but the whistleblower organisation has also published its first batch of Vault 8 leak, releasing source code and development logs of Project Hive—a significant backend component the agency used to remotely control its malware covertly. In April this year, WikiLeaks disclosed a brief information about Project Hive, revealing that the project is an advanced command-and-control server (malware control system) that communicates with malware to send commands to execute specific tasks on the targets and receive exfiltrated information from the target machines. Hive is a multi-user all-in-one system that can be used by multiple CIA operators to remotely control multiple malware implants used