Another week has passed and another news recap beckons, not a terribly busy week this week but hey a bit of quiet is good every once in a while, right?
- So, a while back we brought you the news of a Bangladesh bank that had about 81 million dollars stolen, and if it wasn’t for a typo it would have cost them significantly more. Well, finally some details are emerging from the breach investigations and it looks like the main reason the hack went undetected was due to a custom piece of malware that took advantage of a vulnerability in the SWIFT software used by a large number of world banks. However, the bank’s network was also very much at fault as it looks like they were using off brand extremely cheap equipment, and had no firewalls in place.
- Read More @ http://thehackernews.com/2016/04/swift-bank-hack.html
- A security researcher attempting to collect a bug bounty from FB compromised one of their servers just to find out that someone has already beaten him to the punch, and installing credential stealing malware on the server. According to FB security engineers the credentials harvesting software was planted by another security researcher.
- Read More @ http://www.theregister.co.uk/2016/04/22/i_hacked_facebook_and_found_someone_had_beaten_me_to_it/
- So, ransomware, extortion, not really new concepts but this story has a bit of a twist. A group of criminals has extorted upwards of $100,000 from different businesses by claiming to be a part of the “Armada Collective” and threatening to DDoS unless they get paid. Twist here being that they never actually launched a single attack, and they were not actually a part of the “Armada Collective” either.
- Read More @ http://thehackernews.com/2016/04/ddos-extortionist-ransom.html