Mauritian President Ameenah Gurib-Fakim's Facebook account has recently been hacked. According to l'Express newspaper, the president is at the moment in New York and will report this to the cybercrime as soon as she is back to Mauritius. The said account has been deactivated and the cybercrime has already started their investigation.
Mobile security researcher, Ryan Welton , from NowSecure identified a remote execution vulnerability in SwiftKey. This is a preinstalled Android apps that is found on most Samsung devices.
This vulnerability allows attacker to access sensors on the device, its camera, GPS, microphone, pictures and even text messages. Additionally, it allows attacker to install malicious apps without the user's permission, alter existing apps and listen to incoming and outgoing messages and voice call in real time.
The flaw was discovered last year and Samsung was notified in December 2014. NowSecure also notified CERT who assigned CVE-2015-2865. Google Android security team was also notified. Samsung started providing a patch to mobile network operators in early 2015 and its unknown whether the carriers provided the patch to the devices on their network.
A list of the most probable Samsung devices which may be vulnerable has been listed by NowSecure.
The password management service LastPass has been hacked and users are advised to change their master passwords as soon as possible.
This was announced on June 15 2015 where they stated that they discovered and blocked the suspicious activity on Friday. LastPass also added that they are confident about their encryption measures,
"We are confident that our encryption measures are sufficient to protect the vast majority of users. LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side. This additional strengthening makes it difficult to attack the stolen hashes with any significant speed."
LastPass is also sending emails to all their users to all their users regarding the incident.One good news is that encrypted user data was not stolen and users do not have to change their passwords on sites stored in their LastPass vault.
A new virus scanner was recently added on the list of VirusTotal,an online free malware scanner. Arcabit is a Polish antivirus solution that protects users from threats downloaded from the internet and via attachments. It also includes anti-spam, parental control, firewall, registry and system monitoring tools and a scanner for HTTP traffic.
"Arcabit is a Polish vendor of the antivirus and protection software. Arcabit antivirus engine is the hybrid of two solutions - Bitdefender and its own, constantly developed engine with rapid response to the new threats. Arcabit uses advanced cloud solutions to identify trends in malware development and to ensure an early response to new threats. The heuristic mechanisms implemented by Arcabit (identified as HEUR.*) offer the efficacy at the level of 99.9% in detecting threats spreading through popular Web channels - www, email etc."
Recently, L'express.mu newspaper published about five Mauritian websites which were defaced. Among these, L'express newspaper listed eruption.mu website. Yesterday, 08/06/2015, the management of Eruption Studio published an announcement on their official Facebook fan page,as well as on their official website, stating that their website was never defaced.
We would like to add that, actually, two sub-domains of Eruption Studio's website were in fact defaced. The sub-domains are not accessible anymore but a mirror of how one of the webpage looked at the time of defacement has been provided. It was defaced on 2015-04-24 at 14:43:30.
Our friend, Ish Sookun, the linux expert, first published about the defacement of the Eruption Studio on his personal blog,where he provided a screenshot of http://erp.eruption.mu/postfixadmin at the time of defacement. After conduction a further search, we came across the other sub-domain defaced,which is http://film.eruption.mu/index.html.
Two students of San Dimas High School, California are accused of hacking school's computer network and modifying scores of up to ten students. Among the 'hackers', one is known for previous hacking in return of monetary . Both suspects,18, were arrested on Thursday for unauthorized computer access and fraud. Detail about how the student hacked into the system was now disclosed.