Vaibhav Shukla

Anonymous Indian hackers claim to have leaked database of 1.7 million Snapchat users, which they hacked last year. Indian hackers are among the top Bug Bounty hunters in the world working of IT giants finding bug in their system. Hackers said they had found the bug earlier but never used the data but ‘arrogance’ of the Snapchat CEO had miffed them.

The move by the hackers came in retaliation to Snapchat’s CEO Evan Spiegel’s remark on expanding the business to ‘poor countries’ like India. According to Indian hackers, they had found vulnerability in Snapchat database last year and had siphoned details of 1.7 million users. Hackers leaked and made this data based available on the darknet to mark their resentment against company’s remark for India. They have further threatened to carry out intensive strike against company on the virtual world till the CEO apologies for his remark.Indian users began uninstalling the app and downgrading its rating to a single star on the app store

http://www.dailymail.co.uk/indiahome/indianews/article-4417216/Snapchat-denies-CEO-called-India-poor-hackers-retaliate.html

http://www.thenewsminute.com/article/indian-hackers-retaliate-snapchat-ceo-s-india-remarks-leak-data-17-million-users-60475

There has been this constant question in my mind about why healthcare records are so valuable to criminals and what would a criminal do by knowing the health history of some unknown persons.But here lies the answer to it.

Stealing EHRs is better for cybercriminals than stealing credit cards, which can be used only until the card expires, is maxed out or canceled.An EHR database containing PII that do not expire — such as Social Security numbers — can be used multiple times for malicious intent.Stolen EHR can be used to acquire prescription drugs, receive medical care, falsify insurance claims, file fraudulent tax returns, open credit accounts, obtain official government-issued documents such as passports [and] driver’s licenses, and even create new identities.”Another important statistic that helps explain why cybercriminals are attracted to EHR data is that 91 percent of the U.S. population has health insurance. It’s no wonder, then, that 113.2 million healthcare-related records were stolen in 2015

http://www.technewsworld.com/story/84417.html

Forced to decide between disclosing a Tor vulnerability used to gather evidence or dismiss the child porn case it had built; the U.S. Department of Justice chose to protect the exploit.The undisclosed Tor vulnerability was used by the FBI to deanonymize user traffic to the Playpen child porn website hosted as a Tor hidden service. However, the evidence was deemed inadmissible by the court unless the FBI disclosed the method used to gather it

http://searchsecurity.techtarget.com/news/450414394/FBI-chooses-to-protect-Tor-vulnerability-and-dismiss-child-porn-case

Thousands of MySQL databases are potential victims to a ransom attack that appears to be an evolution of the MongoDB ransack campaign observed a couple months ago.As part of the attack, unknown actors are brute forcing poorly secured MySQL servers, enumerate existing databases and their tables, stealing them, and creating a new table to instruct owners to pay a 0.2 Bitcoin (around $200) ransom. Paying, the attackers claim, would provide owners with access to their data, but that’s not entirely true, as some databases are deleted without being stolen.

Attackers were observed overwriting each other’s ransom notes on the targeted databases, and were no longer copying the original data, but simply deleting it. Victims couldn’t retrieve their data even if they paid the ransom.Now, MySQL databases are under fire: using online tools, actors search for servers secured with very weak passwords, brute force them to gain access, then replace the databases with their own table containing a ransom note

http://www.securityweek.com/mysql-databases-targeted-new-ransom-attacks

Analysis-PPT

summary report

A newly discovered piece of malware targeting Magento stores has a self-healing routine to restore itself after deletion, security researchers have discovered.The recently spotted Magento-targeting malware is using a database trigger to restore itself in the event it has been deleted: every time a new order is made, injected SQL code searches the compromised Magento installation and, if it doesn’t find the malware, it re-adds it. The malware leverages SQL stored procedures for this operation.

Malware’s behavior renders previous cleaning routines useless, because removing the malicious code from the infected records will no longer ensure that the infection is gone. This would only work for regular Javascript-based malware, which normally gets injected in the static header or footer HTML definitions in the database.The newly observed malware ensures that the self-healing trigger is executed every time a new order is made. The query checks for the existence of the malware in the header, footer, copyright and every CMS block. If absent, it will re-add itself.Malware detection should now include database analysis as well, because file scanning is no longer efficient. This discovery shows we have entered a new phase of malware evolution

http://www.securityweek.com/self-healing-malware-hits-magento-stores