Skip to main content

Posts

Showing posts from May 8, 2020

Mega Hosting Provider GoDaddy Hacked - Attackers Gained SSH Access to Customer Hosting Accounts!!

GoDaddy, the world’s largest domain registrar and hosting provider announced a data breach that impacts web hosting account credentials. The company notified unauthorized party access to their web hosting account credentials used to connect via SSH. GoDaddy Hack Godaddy found that the incident took place on October 19, 2019, was discovered on April 23, 2020, by GoDaddy security who found an SSH file altered in the hosting environment. “We recently identified suspicious activity on a subset of our servers and immediately began an investigation,” the company said in a data-breach notice filed with the California Attorney General, obtained by media. The company notified to the customers in an email signed by GoDaddy CISO and vice-president of engineering, Demetrius Comes, revealed that the security incident in question came to light after suspicious activity identified. The email notification  revealed  an “an unauthorized individual had access to your login infor...

A new Secure Proxy to Browse the Internet for Free, Launched By Facebook CodeName 'Discover'

More than six years after Facebook launched its ambitious  Free Basics  program to bring the Internet to the masses, the social network is back at it again with a new zero-rating initiative called  Discover . The service, available as a mobile web and Android app, allows users to browse the Internet using free daily data caps. Facebook Discover is currently being tested in Peru in partnership with local telecom companies such as Bitel, Claro, Entel, and Movistar. Unlike the regular rich-content browsing, Facebook's latest connectivity project only provides low-bandwidth text-only based browsing, meaning other forms of data-intensive content such as audio and video are not supported. Another key differentiator is that it treats all websites equally, whereas users of Free Basics are limited to a handful of sites that are  submitted by developers  and meet  technical criteria  set by Facebook. The move, ultimately, drew  criticism  for viola...

Reliance Jio’s Coronavirus Symptom Checker App Exposes Users Data Online Due to Security Error

A security error with Reliance Jio’s  Coronavirus  Symptom Checker App exposes its core database to the Internet without a password. The COVID-19 symptoms checker app was launched by India’s largest cell network provider Jio in late March, this app allows users to check from their phone for COVID-19 infection. Jio Symptom Checker Database Leaked The security error was first observed by security researcher  Anurag Sen  on May 1 and contacted TechCrunch to notify the company. TechCrunch  contacted  Reliance Jio and the database contains reports of users’ Covid-19 tests that were taken offline quickly. The leaked database includes millions of results starting from April 17 to the time it was taken offline. It includes details of users such as age, gender, symptoms, and health data of the people who signed in to create a profile. The database also contains details such as a person’s user agent, user’s precise location if they allowed the app t...

A Highly developed Cyber Espionage Campaign Went Undetected for 5 Years in Pacific - Asia reason

An advanced group of Chinese hackers has recently been spotted to be behind a sustained cyber espionage campaign targeting government entities in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar, and Brunei—which went undetected for at least five years and is still an ongoing threat. The group, named 'Naikon APT,' once known as one of the most active APTs in Asia until 2015, carried out a string of cyberattacks in the Asia-Pacific (APAC) region in search of geopolitical intelligence. According to the latest investigation report Check Point researchers shared with The Hacker News, the Naikon APT group had not gone silent for the last 5 years, as initially suspected; instead, it was using a new backdoor, called " Aria-body ," to operate stealthily. "Given the characteristics of the victims and capabilities presented by the group, it is evident that the group's purpose is to gather intelligence and spy on the countries whose governments it has ta...