Category Archives: Uncategorized

  • 0
Retailer Debenhams's Flowers website hacked

Retailer Debenhams’s Flowers website hacked

Category : Blog , Uncategorized

Retailer Debenhams’s Flowers website hacked

Retailer Debenhams’s Flowers website hacked. The news came that Retailer Debenhams’s Flowers website was hacked and up to 26,000 customers, personal data has been compromised.

Department store chain Debenhams has issued a statement on the data breach, revealing payment details, names and addresses were potentially taken , which targeted Ecomnova, a third party e-commerce company that owns and operates the flower and gifting website. Debenhams said it has contacted customers whose data was accessed. While, customers of  Debenhams.com, which is a separate website, have not been affected.

On  24 February , the company noticed the cyber attack for the first time and then again on  11 April from then Debenhams Flowers website is offline.

Retailer Debenhams's Flowers website hackedDebenhams stated, “Our communication to affected customers includes detailing steps that we have taken and steps that those customers should take”.

In an interview with BBC, a spokeswoman has said that they have sent emails to up to 26,000 customers and informed them about the cyber attack followed up with a letter in the post.

Customers who suspect they’ve been the victim of fraud must immediately contact their bank or credit card provider, as well as Action Fraud, the UK’s national fraud and internet crime reporting centre, on 0300 123 2040 or online.

Debenhams chief executive Sergio Bucher said in a statement “As soon as we were informed that there had been a cyber-attack, we suspended the Debenhams Flowers website and commenced a full investigation”.

“We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk” , they said.

The Information Commissioner’s Office (ICO) has already been informed about the incident.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


  • 0
facebook spam

Facebook spam – New way to hack Android Devices – Be aware

Category : Uncategorized

Facebook spam to hack your android devices

 

Facebook spam with a news of DONALD TRUMPH dead in a heart attack is new way to hack into your android device.

 

What it Does ?

Victims if click on the Facebook spam post are redirected to new page and the phone starts vibrating.

Victim is forced to click OK button and the application gets downloaded in the device.

The application automatically shares its post on the timeline of the victim.

 

Facebook spam

 

This post is harmless if you open it from your laptop or Desktop.

 

Clever and a new way to hack into your android devices.

 

Following are the screen shots on the Android devices after you click on the post

After You Click on the post 

hacking news Kolkata

After you click on the cross button on the pop up option of Facebook Share 

facebook phishing

The previous page automatically redirects to this page and the option pops up and your Smart Phone starts vibrating

facebook hacking

Ethical Hacking Training in Kolkata

 

Get hired by MNCs as a security professional. According to NASSCOM research 77,000 ethical hackers are demanded in India every month. Due to high rise in cyber attack all over the world MNCs are attacked by malware’s and are facing huge risk.

Get the best training in Kolkata

  1. CEH v9 | Global certification by EC Council
  2. CCNA training in Kolkata
  3. Diploma in Network Security
  4. Android Penetration Testing 

 

Free online LIVE training video of Indian Cyber Security Solutions | CEH v9 Training

 


  • 1
DDoS attack

DDoS attack

Category : Blog , Uncategorized

DDoS attack set Liberia out of internet- culprit Mirai Botnet

 

DDoS attack had put the whole country of Liberia under distress, when people of the country could not access to internet. The culprit used Mirai malware to shut down the internet of insecure IoT devices. Mirai malware is remotely controlled by the bots, the systems that runs on Linux and have tendency to attack in large scale network.

 

It started just after, when a cyber-criminal published the source code of Mirai Malware that is designed to target IoT devices that exploits into botnet network; this leads to the attack and affects massively.

An enormous DDoS attack had caused internet outage of a DNS provider called Dyn using same Mirai which was later reported that approximately 100,000 were IoT devices were infected.

DDoS attack

Few days back, past a week hackers have taken down the internet of entire Liberia using another botnet that is known as Botnet 14. Major concern of attacks had been briefed by the experts that 10Tbps DDoS attacks can happen which is too large a number that can make whole country go out of internet. Again, in another incident Keivin Beaumont, security researcher did notice that a telecommunication company, Lonestar Cell MTN has faced faced the same, that provides internet services in Liberia to 10-15% from undersea fiber cable via single entry point.

 

Shocking isn’t it?

 

Liberia has faced civil war in past decade which has unestablished the telecommunications infrastructure of the country. Very small amount of citizen could actually access to internet through satellite communication. However the country is trying well to rebuild the infrastructure undersea fiber optics.

5.12 Tbps is the total capacity of the cable of 23 countries, since a massive DDoS attack has just turned down the IoT devices using Mirai botnet which leads capability of hacking of almost 1 million IoT devices.

With these capacity not the attackers could

disrupt not only Liberia bot all of Europe and Africa that completely thrives on internet of ACE fiber cable.

 

Know the cause

Vulnerable IoT devices leads to insecurity that will build more Mirai bots. Questions is how to protect your device? Answer to that will be be more alert towards to the smartness of the devices that is use because u must remember that they can be tracked down.

 

 

 

You may also like

WhatsApp hacking- Your privacy is at stake

Hackers targeting the election system of United States

 

Courses Indian Cyber Security Solutions (ICSS) offers

 

 


  • 3
Unreal Tournement Hacked

Unreal tournament gaming hacked, Epic gaming forum hacked

Category : Uncategorized

Unreal tournament gaming hacked

Unreal tournament gaming hacked, Epic gaming forum hacked!!!!

Till now the gamers have ‘hacked’ their way through the game but now the gamers themselves have been compromised by a real band of hackers.

It seems that more than 8, 00,000 forum accounts of Unreal Engine and its creators Epic Games’ forum have been compromised by a hacker or a group of hackers. It has been known that by exploiting a known vulnerability that resided in an outdated version of vBulletin forum software the hacker(s) were able to accomplish their intended malicious activities.

Hacking, system compromise and data breaches to be stopped in this present scenario would require not only a lot of effort and awareness but also terrific skills. Well trained individuals with good command in Ethical Hacking are very much required in this scenario to effectively fight against this.

 

Unreal Turnament compromised

Big Element of Risk for Epic Games Players as Epic gaming forum hacked big time!!

It is believed by Epic that various sensitive registration information like that of user names, scrambled passwords, dates of birth, email addresses, IP addresses etc. may have got disclosed with the attack. However, in an official announcement on the Unreal Engine forum website reads that although the forum has been compromised with email addresses and other data that were available in the forum but no passwords in any form (salted, hashed, plain text) have been leaked.

Though most of the passwords that have been stolen are scrambled, still there remains a good chance of systems of the forum members’ getting affected and infected by ransomware or other malicious software. This is because the hackers can exploit the other stolen data to send phishing messages to other forum members’ email addresses as a malicious endeavour.

Some other games in the affected list as well as Unreal tournament gaming hacked, Epic gaming forum hacked using an SQL security flaw

There is further bad news for gamers of Infinity Blade, Gears of War and also older versions of Unreal Tournament games because hackers may have compromised their salted hashed passwords along with their e-mail address and other data entered that are entered into the forums.

The forums of both Epic Games’ forum and Unreal Engines forum were down after the incident.

Possible Mitigation:

LeakedSource has already added the breached data from the Epic Games’ forum into its database including the password hashes so as to enable its users to search for their stolen data.

Precautionary Measure:

So in this precarious circumstance do change your password right away if you have ever taken part in online forums of the Epic games or have been associated with Unreal Tournament and particularly if you are using the same password for multiple websites.

 

 


  • 0
Android Devices

Android devices vulnerable to Linux Kernel flaw

Category : Blog , Uncategorized

Android devices vulnerable to Linux Kernel flaw

Android devices running Android 4.4 KitKat and higher are vulnerable to a recently disclosed Linux Kernel flaw and guess what even the latest, updated and improved technology of Android Nougat Preview also seem to have not been able to evade it. This vulnerability is estimated to be present on 80% of Android smartphones and tablets which amounts to nearly 1.4 billion devices. It provides the hacker with the opportunity to terminate connections, unencrypted traffic or inject malware into the parties’ communications. The vulnerability (CVE-2016-5696) shortcoming that was first visible in the execution of the TCP (Transmission Control Protocol) protocol in all Linux systems deployed since 2012 (Android Smartphones) (version 3.6 and above of the Linux OS Kernel) and the Linux Foundation has already patched the Linux Kernel on July 11, 2016. As it stands out, hackers are able to spy on your communications without even compromising your network via man-in-the-middle-attack.

Android Devices

As per a blog post released on Monday by Lookout, a mobile security firm, all Android devices having KitKat 4 .4 and above possess this Linux flaw which also includes the latest developer preview of Android Nougat. Lookout has also mentioned in their blog post that though man-in-the-middle attack is not required in this scenario, however, in order to successfully carry out the attack it is imperative on the part of the attacker to know the source and destination IP (Internet Protocol) address. Windows and Macs are free from this vulnerability. The good news of course is that a patch for this vulnerability may be just around the corner as according to Google, engineers are already aware of it and working on it as well to come up with the much-needed solution. As for temporary mitigation, do ensure that you use a VPN (Virtual Private Network) and that your internet traffic is encrypted.

In today’s environment of ever-so frequent hacks and compromise it is possible to stand affirm against these attacks and lay a good chance for yourself in being resilient to it if you are well versed with Android App Penetration Testing.


  • 0
Android Security

Push notification enhances android security

Category : Uncategorized

Push Notification Enhances Android Security

Push notification is Google’s next endeavour in keeping its security as tight as possible in Android phones. After the recent announcement of already implementing some vital security features in the next Android OS version Android Nougat it is now on its way to bring to the table a new feature named Native Android Push Notification. With this feature if a new device is added to your Google account i.e. to say when a new device accesses your account, you would be instantly notified through a push notification as to whether you have signed in. If the activity somehow appears suspicious to you will just need to tap the “Review account activity” button to know the details of the newly logged in device on your Google account.

Push Notification in android

The e-mail notifications for Google is not new anymore and with the company believing that people generally pay four times more attention to push notifications on their mobile devices in comparison to email notifications this is probably the best foot forward in tightening the security on Android devices even further. This will always provide you with the opportunity to change your password before an intruder gets in. Or even if the situation is a little different and you are worried if someone has actually accessed your account already you can immediately change your password and add two-factor authentication while being on the go. This 2-factor authentication has again been made much easier for the user by Google recently as you can log in by simply by a single tap instead of typing codes. This is called “Google Prompt”. So as Google has mentioned in its official blog that with this new feature on board the transparency of the users would also be increasing automatically as they get to see the actions they have performed. This new feature will be taking around about two weeks to spread totally all across the globe.


  • 0

Israeli Hacker Hacks Again

Category : Uncategorized

Israeli Hacker Hacks Iranian ISP ‘Daba’

Israeli Hacker does it again, Iranians exposed to privacy breaches, yet once more!!

The login credentials of thousands of online registered users of an Iranian Internet Service Provider (ISP) called Daba have been leaked earlier today by a hacker operating by the name of Zurael_sTz after who was able to hack the official website of Iranian Internet services provider Daba. This hacker Zurael_sTz is no new to the hacking world and has been doing the same in the recent past by hacking Palestine, Egyptian and Jordanian sites. And now he has taken his latest breach to twitter and shared 3 files containing data acquired from the Daba domain. (Parsiva.daba.co.ir) The hacker has been identified as a pro-Israeli and from the tweet information it can be comprehended that there are 52K users in the list.

Israeli Hacker

However, courtesy to Israeli data mining company Hacker-DB it has been learnt that though the hacker is claiming to have leaked 52,000 users’ credentials but post-scanning the leaked files the claimed number of data was not found.  It is however possible though that his assertion is true and he might post the remaining data in the future. It doesn’t end here. The administrator account is also exposed in the leak which includes the username, password, e-mail address and name.

The data breach exposed sensitive data such as hashed passwords, bank account numbers, email addresses, telephone and mobile address besides exposing 342 e-mail accounts with 2960 usernames.

It is indeed a huge blow to numerous innocent Daba users as the company provides dial-up, voice services, ADSL communication, Internet cards and other services to users in Iran. It’s also a matter of grave concern to the entire nation of Iran as it is constantly facing cyber attacks for it was just in the last month that an Internet bot exposed the personal details of thousands of telegram users in Iran containing personal information like full names, phone numbers and personal address of registered telegram users.


Show Buttons
Hide Buttons