14 DAY TRIAL // Let’s take a look at this week’s most important stories, just in case you’ve missed some of them.
The Syrian Electronic Army has announced one of its biggest hacks so far. The hacktivists have managed to breach Forbes' publishing platform and gain access to readers’ information, including usernames, email addresses and encrypted passwords.
The details of over 1 million people have been published online. The hackers say they’ve targeted Forbes for the articles it has published on Syria and the Syrian Electronic Army.
Flappy Bird made a lot of headlines after its creator decided to pull it from app markets. Cybercriminals and scammers are busy leveraging the game’s popularity. Experts have spotted trojanized versions designed to send SMSs to premium rate numbers, scam sites promising cheats, and Twitter schemes.
Furthermore, experts say 30% of top Google search results point to fake versions of the game.
The existence of an interesting Mac OS X malware has been brought to light this week. It has been dubbed OSX/CoinThief and it has been distributed on high-profile websites, including GitHub, Download.com and MacUpdate. Apple has updated XProtect to guard users against the threat.
As far as vulnerabilities are concerned, experts have found a CSRF in Instagram, a remote code execution flaw in GitHub, vulnerabilities in x-ray machines, a critical bug impacting 200,000 Magento-powered stores, and several security holes on Glenn Greenwald’s new website The Intercept.
Oracle has finally confirmed the existence of the 30 Java Cloud Service vulnerabilities reported by Security Explorations. It’s also worth noting that Secret has launched a bug bounty program.
In the industry news category we have two major acquisitions. India-based UTM and NGFW provider Cyberoam has been acquired by Sophos, and Bit9 has merged with Carbon Black (the Bit9 name will be kept).
In the hacks category we have an attack on the websites of several casinos operated by Las Vegas Sands. The company says gambling systems and player details have not been compromised.
Comcast still hasn’t provided any details regarding the recent data breach. The company says there’s no evidence that customer information has been obtained by the hackers, but experts advise users to change their passwords anyway.
When it comes to cybercrime, we’ve learned that 30-year-old Tokyo resident Yusuke Katayama has denied accusations that he’s responsible for developing the piece of malware that has been posting death threats from infected computers.
In the Netherlands, the National Police shut down Utopia, the TOR-based underground marketplace that had been launched only a week before. Five people have been arrested on suspicion of being the operators or customers of the website.
Here are some other important stories, in case you’ve missed them:
The Obama administration has announced the final version of the Cybersecurity Framework
Spanish-speaking cybercriminals have been targeting organizations from 31 countries in an operation dubbed The Mask
CloudFlare mitigated a DDOS attack that exceeded 400 Gbps
LulzSec Peru hacked the Twitter account of Venezuela’s United Socialist Party
Email addresses and passwords of over 2,000 Tesco customers leaked online
5 women passionate about cyber security can attend HITB on a Google grant