Heena Sharma Blog

Hackers have sold personal data of a whopping 267 million Facebook users for just Rs 41,500 (approximately 500 Euros). The data includes email addresses, names, Facebook IDs, dates of birth and phone numbers. Thankfully, no passwords of the 267 million Facebook users were exposed by the hacker, according to the cyber risk assessment platform Cyble. The Cyble researchers executed the sale and were able to download and verify the data. "At this stage, we are not aware of how the data got leaked at the first instance. It might be due to a leakage in third-party API (Application Programming Interface) or scrapping," the company said in a statement. Read More

Microsoft Corporation has agreed to buy the domain corp.com from a private owner for an undisclosed sum, in an effort to prevent cybercriminals from abusing it owing to a problem known as "namespace collision". According to KrebsOnSecurity, a blog run by journalist Brian Krebs, Microsoft has bought the domain from its Wisconsin-based owner Mike O'Connor "in a bid to keep it out of the hands of those who might abuse its awesome power". "We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the Corp.com domain," the company said in a statement. Mike bought corp.com 26 years ago and hoped Microsoft would buy it someday because "hundreds of thousands of confused Windows PCs are constantly trying to share sensitive data with corp.com". Read More

The coronavirus (COVID-19) outbreak has cast a shadow on cyberspace as well. Subex, a Bengaluru-based firm that provides analytics to telecom service providers, said hackers are using the panic and confusion to trick employees and other stakeholders into downloading infected payloads or malware. In a situation where many employees work from home or access wi-fi networks that operate at enterprise-level security, devices such as routers can be hacked to plant a range of malware into handheld devices used by employees. “ Such devices could be turned into zombies or bots and added to botnets or used to launch attacks on systems and networks it connects once the employee is back in the office,” said Prayukth K V, chief marketing officer, Internet of things (IoT), Subex. Subex said this indicates a high level of adaptability as far as hackers are concerned. It said there were concerns that the outbreak could be used to breach networks and infrastructure components to either atta...

The US counter-spy agency has said that cyber and surveillance technology advances have multiplied the intelligence threat to the country, putting hacktivists and online manipulators on a par with venerable foe Russia. The biennial National Counterintelligence Strategy on Monday for the first time singled out anti-secrecy organizations, independent hackers and Islamic extremist groups as espionage threats requiring close attention. "The United States is facing increasingly aggressive and complex threats from foreign intelligence services, as well as state and non-state actors," said William Evanina, director of the National Counterintelligence and Security Center, which issued the report. Previous editions of the report singled out Russia, China, Iran and North Korea, along with transnational crime groups, as the central spying threats to the United States. The new strategy report adds Cuba, Hezbollah, Islamic State and Al-Qaeda as groups able to undertake intelli...

Microsoft has said that it obtained a court order allowing it to seize web domains used by North Korean hacking groups to launch cyberattacks on human rights activists, researchers and others. The US technology giant said on Monday that a federal court allowed it to take control of 50 domains operated by a group dubbed Thallium, which tricked online users by fraudulently using Microsoft brands and trademarks. "This network was used to target victims and then compromise their online accounts, infect their computers, compromise the security of their networks and steal sensitive information," said Tom Burt, Microsoft's vice president for customer security and trust. "Based on victim information, the targets included government employees, think tanks, university staff members, members of organizations focused on world peace and human rights, and individuals that work on nuclear proliferation issues. Most targets were based in the US, as well as Japan and Sou...

To avoid falling for cybercriminals' fraudulent schemes and losing personal data, it is suggested that users should not spread questionable links among their friends Current Affairs News : While legitimate apps like Tokenfire and Swagbucks buy card codes from vendors, to then give them to clients as a reward for certain activities, criminals have apparently recognised the popularity of such websites and have decided to deceive users using a simple algorithm. "The success of these new fraud schemes is based on criminals exploiting the drive of users to get something for free," Lyubov Nikolenko of Kaspersky Lab said in a statement this week. "However, at best they will spend hours of personal time doing worthless tasks, and at worst lose money without receiving anything in return. So, if you want to get your hands on a free gift card, try to earn it on legal and trustworthy sites," Nikolenko added. When on the fake site, the user is asked to...