Skip to main content

Posts

Showing posts from October, 2019

Two Hackers Who Extorted Money From Uber and LinkedIn Plead Guilty

Two grey hat hackers have pleaded guilty to  blackmailing Uber , LinkedIn, and other U.S. corporations for money in exchange for promises to delete data of millions of customers they had stolen in late 2016. In a San Jose courthouse in California on Wednesday,  Brandon Charles Glover  (26) of Florida and  Vasile Mereacre  (23) of Toronto admitted they accessed and downloaded confidential corporate databases on Amazon Web Services using stolen credentials. After downloading the data, the duo contacted affected companies to report security vulnerabilities and demanded money in exchange for the deletion of the data, according to a press release published by the US Justice Department. "I was able to access backups upon backups, me and my team would like a huge reward for this," the hackers said to the victim company in an email. "Please keep in mind, we expect a big payment as this was hard work for us, we already helped a big corp which paid close to 7 dig...

Indian Nuclear Power Plant Hacked ? Everything that we know up till now.

A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant. Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage widely suggesting a piece of malware has compromised "mission-critical systems" at the  Kudankulam Nuclear Power Plant . Relax! That's not what happened. The attack merely infected a system that was not connected to any critical controls in the nuclear facility. Here we have shared a timeline of the events with brief information on everything we know so far about the cyberattack at Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu. From where this news came? The story started when Indian security researcher Pukhraj Singh  tweeted  that he informed Indian authorities a few months ago about an information-stealing malware, dubbed Dtrack, which successfully hit "extremely...

Approx 500 Million UC Browser Android Users are Vulnerable to Man-in-the-Middle Attacks

Researchers discovered various unusual activities in UC Browser for Android and it abusing the Google play policies and exposing more than 500  users to Man-in-the-Middle attacks. UC browser is the most popular browser in the Android platform with more than 500 million users and UC Browser Mini has 100 million downloads from the Google Play store alone. GBHackers on Security has been reported several UC browser-based incidents including  malicious activities ,  vulnerabilities  before and it is a very serious concern that needs to be addressed for any unusual behaviors since it will directly affect the hundreds of millions of users. Recent research from Zscaler reveals that the UC Browser and UC Browser Mini apps unusually made a request over unprotected (HTTP) channel to download an additional Android Package Kit from the remote server. There are 3 main unusual  activities found from  UC Browser app in this research : Downloadi...

Authentication Bypass Vulnerability in Cisco REST API Let Hackers Take Control of Cisco Routers Remotely

Cisco released a security update for critical Authentication Bypass vulnerability that resides in the Cisco REST API virtual service container for Cisco IOS XE Software allows a remote attacker to bypass the authentication in managed Cisco devices. Cisco IOS XE is an internetworking OS that mainly deployed in Cisco ARS 1000 series routers and Catalyst  switches  such as 3850 that operating in enterprise wired and wireless access, aggregation, core, and WAN. An Authentication Bypass vulnerability affected the Cisco IOS XE due to an improper check performed by the area of code that manages the REST API authentication service. Cisco REST API is an application that running in the virtual service container, a virtualized environment on a device. An attacker could exploit the vulnerability by sending malicious HTTP requests to the targeted device. Once the target system has been successfully exploited, the attacker to obtain the  token-id  of an authenticated u...

Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps

Following a series of  security mishaps  and  data abuse  through its social media platform, Facebook today expanding its bug bounty program in a very unique way to beef up the security of third-party apps and websites that integrate with its platform. Last year, Facebook launched " Data Abuse Bounty " program to reward anyone who reports valid events of 3rd-party apps collecting Facebook users' data and passing it off to malicious parties, violating Facebook's revamped data policies. Apparently, it turns out that most of the time, Facebook users' data that had been misused was exposed in the first place as the  result of a vulnerability  or  security weakness  in third-party apps or services. The Facebook ecosystem contains millions of third-party apps, and unfortunately, very few of them have a vulnerability disclosure program or offer bug bounty rewards to white-hat hackers for responsibly reporting bugs in their codebase. Because of this...