Category: Security News

A vpnMentor’s research team revealed a failure in a database belonging to Autoclerk, a reservations management system held by best Western Hotels and Resorts Group. The secretary included subject matter about a number of hotel consumers who made reservations around the world using various services. Autoclerk is a reservations management system utilized by resorts to manage web bookings, profits, loyalty programs, guest profiles and payment activity. Victim of this leak was the U.S. government, military and Department of Homeland Security, says the research. On September 13 this year, according to information of security experts, they disclosed a defenseless Elasticsearch database during a large-scale scan of open ports in a certain range of IP addresses. “Open Elasticsearch database was discovered through vpnMentor’s web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within”, — Read more

Social networking site Twitter revealed today that it used phone numbers provided by users for two-factor authentication (2FA), along with email addresses to display targeted ads. “We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system”. The phone numbers and emails that became visible to several advertisers were the same one that were entered by users in the multi-factor protection section with purpose to boost up their accounts security levels. This time users were not able to avoid the targeted advertisements. Twitter mentioned that they didn’t performed such nasty acts deliberately. The issue has been fixed on September 17 and Twitter accounts have stopped providing advertisers with user contact information. Company stated that, no other used-based data was Read more

Highlights: Reportedly, a phishing campaign invades yet unknown number fo Youtube influences who are specialized in gaming, car industry, tech and other topics as well. Over the last weekend, many users have found they are unable to login their Google and Youtube accounts. After it turned out, a massive phishing campaign was launched by still unknown group of hackers who are mostly targeting popular influencers from various industries. However, the mostly affected industry as per the reports by ZDNet is automotive industry. Initially, the Youtube account hijacking incidents were not tied up together, but later on the fact become clear that the targeted attack was launched with intention to steal particular accounts. However, it’s still unknown that how many accounts were affected, but the victims among them are mostly the famous ones on Youtube. Youtube account hacking were possible due to phishing campaigns under which the attackers sent phishing emails Read more

Hackers continue to target celebrity Instagram accounts for their delicate welfare. This time, they have targeted Mexican weather girl and social media star Yanet Garcia (11.5 million followers) and also singer Nicole Scherzinger (3.9 million followers). After acquiring complete control over these accounts, scammers modify the bio to a TinyURL or Bit.ly link atht leads users who tap upon them to survey scam web domains that supposedly offer free iPhone XS’s and many more on the Instagram Story. By doing such things, hackers can generate revenues in two ways, first is earning a fee for each survey finished and other is reselling the data provided by the users. The experts observed the Cyber criminals behind the attacks following a particular scam pattern. “Each of the Instagram accounts were hijacked over the past couple of weeks and the attackers were in control enough to rotate multiple shortened links leading to webpages Read more

Researchers have discovered a security weakness in the feature that was introduced by the Intel in some of its server processors few years ago to help enhance its performance. It has been found to be capable of monitoring keystrokes across a network and steal sensitive information without using any vicious application. The weakness is in the Data-Direct I/O (DDIO) feature in some Intel Xeon processors and the attack which was reported by researchers from Vrije University in Amsterdam allows them to leak information from the cache of a compromising processor. The NetCAT (Network Cache Attack) attack can be triggered remotely across a network as it is known and can be used to steal data such as keystrokes in an SSH as they happen. The researchers from VUSec wrote in their explanation of the attack “We show that NetCAT can break confidentiality of a SSH session from a third machine without Read more

Easy methods to delete News-mars.com Redirect Virus (Step By Step Process) This article will give you complete information about News-mars.com as well as you will get some recommended tips to remove it from machine. You can read this article for learning or educational purpose also. According to Cyber security experts, it is very devastating malware and computer infection that is belongs to browser hijacker family. It is able to hijack your main browser and modifies its default setting as well. It traces your online habit and steals your personal information that causes serious troubles. Don’t be panics, please read this article carefully. Threat Summary Threat Name: News-mars.com Threat Type: Adware, PUP, Browser Hijacker or Redirect Virus Description: This nasty malware injects malicious codes in your main browser as well as in your System’s settings Distribution Methods: Bundles of free software packages, malicious ads or popup messages and many other tricks Read more