Over 60 websites including several educational intuitions have been hacked which appears to be a case of a cyber-war.
According to sources, the website of Odisha Administrative Services Association (OASA), Daitapati Nijog office, several government and colleges have been hacked. The websites of Salipur college, Hindol college, Sarankul College, Ranpur Degree college and several other private institutions have also been hacked, sources said.
“The websites of several government and private institutions have been hacked due to poor cyber security measures. After hacking the websites, the hacker might be accessing the data. It is certainly a matter of concern as the personal and other confidential data of students and others might be misused,” said Chirag Rath, cyber expert.
Social media was abuzz with screenshots of a meme featuring Prime Minister Narendra Modi. Below the meme was a music video of "Bohemian Rhapsody".
The meme poked fun at a clip in which German Chancellor Angela Merkel walks past Modi as he extends his hand.
Later, while trying to open the website, it showed the following message: "We will be back soon! Sorry for the inconvenience but we're performing some maintenance at the moment. We'll be back online shortly."
The party was yet to comment on whether it was a hacking attempt or the site was undergoing maintenance.
Earlier media reports said that nearly 70 Indian government websites were targeted by hackers.
For stealing the money, the boy allegedly hacked Monappy, a website where users can keep the cryptocurrency monacoin, last year.
Hailing from the city of Utsunomiya in the Tochigi prefecture, the boy made use of a software called Tor that makes it hard to identify the person accessing the system.
But an analysis of communication records left on the website's server led the police to find the person behind the hacking, the report said.
The boy has admitted to the allegations, according to the police.
"I felt like I'd found a trick no one knows and did it as if I were playing a video game," the boy, whose name was withheld because he is a minor, was quoting as saying.
The boy used the ill gotten money to buy items such as a smartphone, the police said.
The hackers of senior Bachchan's Twitter account on Monday and replaced his profile picture with that of Pakistan's Prime Minister Imran Khan. They further modified the superstar's bio with "Actor, well at least some are STILL saying so !! Love Pakistan".
With 37.4 million followers, Bachchan is very active on Twitter and has shared over 64,000 tweets since he joined the platform in 2010.
Teweeple were quick to notice the hacked account of the 'Badla' actor and almost immediately began sharing witty memes and one-liners on the platform.
"Everyone is abusing the hackers in Amitabh Bachchan's account, when he wakes up in the morning and logs into his account he will think that his fans are abusing him," a concerned Twitter user wrote.
The first tweet that was shared after the mega star's account was hacked claimed the cyber attck.
"This is an important call to the whole world! We do condemn the irrespective behaviors of Iceland republic towards Turkish footballers. We speak softly but carry a big stick and inform you about the big cyber attack here. As Ayy?ld?z Tim Turkish Cyber Armny +++," the tweet read, followed by a "We are waiting for your support" post.
"India has reached Mars, poor kids still busy trying to enter our Twitter accounts. Grow up kids," a person posted.
Quoting Bachchan's popular style from 'Kon Banega Crorepati', another user wrote, "Samay agaya hai aapse Vida lenay ka. Good night to Amitabh Bachchan only".
According to Manjunath Singe, Deputy Commissioner of Police, the hack attack is being investigated by the Mumbai Police cyber unit along with the Maharashtra Cyber unit.
The same group of hackers have previously targeted other Bollywood celebrities including Shahid Kapoor and Anupam Kher and have hacked their social media accounts as well.
Taking a rather soft spin at the situation, Bollywood director Vivek Ranjan Agnihotri took to Twitter and wrote, "Can someone hack the poet inside Mr @SrBachchan and expose his poetry to the world? I remember he wrote one beautiful poem when he was injured during 'Coolie'. Can someone find it? Please."
Bachchan's account was restored by the platform within an hour of it getting hacked.
The veteran actor has not acknowledge the cyber attack on his Twitter handle as yet.
SQLite - the most widespread database engine in the world - is available in every operating system (OS), desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.
Security firm Check Point has demonstrated a technique being used to manipulate Apple's iOS Contacts app. Searching the Contacts app under these circumstances triggers the device to run malicious codes, Apple Insider reported on Saturday.
The vulnerability has been identified in the industry-standard SQLite database.
Documented in a 4,000-word report, the company's hack involved replacing one part of Apple's Contacts app and while apps and any executable code has to go through Apple's startup checks, an SQLite database is not executable.
"Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple's Secure Boot. Luckily for us, SQLite databases are not signed," the report quoted the Check Point researchers as saying.
As of now, Apple has not commented on Check Point's report.
He named the device "keyless repeater" which he sells for $9,000 and demonstrated how it works in a video which he released recently.
The video shows him approaching an unattended car which belongs to his friend who gave him permission to use it and using the small handheld device with an antenna to unlock the driver's side door of the car and start the engine, dailymail.co.uk reported on Friday.
In the video, he admits there is no guarantee as to how his customers might use the device.
He said in an interview that his device works on all luxury cars except for those that use frequencies between 22 and 40 khz, such as Mercedes, Audi, Porsche, Bentley and Rolls Royce models released after 2014.
Additionally, he also mentioned about the upgraded version of the same for $12,000 which can unlock any car that uses a wireless fob system.
"Honestly I can tell you that I have not stolen a car with technology, it is very easy to do, but the way I see it, why would I get my hands dirty when I can make money just selling the tools to other people," he said.
Samy Kamkar, a security expert Vice after reviewing EvanConnect's footage, said the keyless repeater technology is commonly known in the field.
"I can not validate that the video is legitimate but I can say that it is 100 per cent reasonable (I have personally performed the same attack on more than a dozen vehicles with hardware I've built and very easy to demonstrate)," the report quoted Kamkar.
(IANS)
According to a report in cybersecurity news portal Quickcyber, the hacker who appeared to be from a Korean hacking group is now planning to dump the data in the public domain for open sale.
The hacker told the publication that the stolen database of Zee5.com contains private details of the subscribers including their recent transactions, passwords, emails, mobile numbers, messages, etc.
ZEE5 was yet to comment on the report.
The breach may have occurred between February end or March.
Ralph Wagner, CEO of software development firm Axinom that provides ZEE5 "software to manage content," told Quickcyber that they "do not manage Zee5 database" and "nor do Axinom system uses the mentioned MySQL database" which is part of the hacking.
"Additionally, we will investigate this case, and will release a statement as soon as our investigations are complete," Wagnerwas quoted as saying.
ZEE5 has over 150 million subscribers worldwide.
Amid the hacking-related breaches leverage, SecureLink, a third-party remote access platform, in its report stated, most firms not aware about their risky password behaviour.
Nearly 80 per cent of hacking-related breaches leverage compromised credentials and neglecting the process of secure access management can create vulnerabilities in the case of vendors and former employees, according to a new report.
In many organizations, these credentials permit access to all corners of the network.
According to SecureLink, enterprises must take note that how network credentials are managed directly reflects overall security.
"Whether it's internal employees or third-party vendors that need access, comprehensive authentication and access control should always be in place," SecureLink said in a statement on Friday.
Passwords, and especially passwords with privileged access, are a target for hackers since they're able to get so information from just one singular password.
"Not only is this an easy way for hackers to get into one account, but if your administrator doesn't use unique passwords across different platforms (both professionally and personally), then there is a whole wealth of information that is available to take," warned the report.
When managing third-party remote access, the only way to ensure a vendor doesn't compromise your network credentials is to never give them out.
"Remote support solutions should hide your network credentials and provide single sign-on (SSO) for vendors. Without this, vendors could share or store privileged credentials insecurely," suggested the report.
The feature also helps to prevent "leapfrogging", or the process of a technician launching additional connections from within the initial target host.
If the technician is never aware of their password, they are prevented from trying to log into other systems with the same account.
One common way for hackers to get to these credentials is to use phishing.
According to a Symantec Internet Security Threat Report, 71 per cent of successful targeted attacks involved a spear-phishing attack.
"With attackers more likely than ever to be able to establish a foothold on your network via phishing methods, defenders will want to strengthen their endpoint defenses to knock down the malware when it tries to infect off a click and also secure higher privilege credentials with technologies," said SecureLink.
Sharing passwords among colleagues, both on purpose and on accident, can inadvertently lead to your credentials getting into the wrong hands.
"The deeper issue of password habits is that far too many users continue to rely on outdated practices that place their security at risk (writing down a password on a sticky note, or using easily guessed passwords). Keep in mind many people do not assume responsibility for having a weak, or crackable password," said the report.
One of the most alarming aspects is that many people aren't even aware of how risky their password behaviours are, or if they are, they accept the risks and simply take the easier, less secure route.
"Create strong passwords. Implement two-factor or multi-factor authentication. If breached, all passwords must be reset. Merely suggesting this as a plan of action lets many consumers to just ignore it," the report noted.
Never have the same password for all accounts/logins.
"So, if one of your passwords is stolen or misused, at least the access given to the bad actor is to one platform instead of all," it added.
(With Agency Inputs)
More Related Stories On Hacking:
India second to US among top destinations for hacking attempts
Hidden Bug In FPGA Chips Can Help Hackers Steal Critical Data
Every social platform has pros and cons and WhatsApp is no different. Latest reports suggest that scammers and hackers are now using OTP tricks to gain illegal access to WhatsApp accounts and steal personal or sensitive data of the users.
The OTP scam which is currently doing rounds allows scammers to hack into your WhatsApp account using an OTP (One Time Password).
If in case you are targeted, the hackers might send you a message in WhatsApp from an unknown number or from a friend's number claiming that they are is some sort of emergency. They might then request you to forward the OTP to them, citing that it was mistakenly sent to you in a text message.
Remember one thing. If you receive any such message, DO NOT share the OTP or indulge in any further conversation with the scammer/hacker, as this could give them complete access to your WhatsApp account and you could be locked out of your own account.
Cyber experts have further warned that even in case you get a WhatsApp message from a friend or a known contact asking for an OTP code, DO NOT respond or follow his/her request, rather you should call him/her to verify the authenticity and confirm whether the message was actually sent by him/her.
HOW CAN YOU SECURE YOUR ACCOUNT AND STAY SAFE FROM HACKERS?
In order to stay safe from this OTP scam, users can enable two-factor authentication on WhatsApp. This apart, the user needs to ensure that s/he does not share OTP or any other private or sensitive information with anyone via WhatsApp.
Follow these simple steps to secure your account:
STEP 1: Open WhatsApp, then click on the three dots on the top right corner.
STEP 2: Tap on the Settings option and then on the Account option.
STEP 3: Now tap on Two-step verification.
STEP 4: You will get an enable option. When you enable that, you will be asked to enter a 6-digit pin sent to you by WhatsApp.
STEP 5: WhatsApp will ask you to enter the pin twice, followed by your email address.
STEP 6: Once you confirm the email address, your two-step verification will be activated.
STEP 7: You also have the option to disable or change the pin using the same steps.
The users should note that once the two-step authentication is enabled, WhatsApp will ask you to enter your password at regular intervals.
Statistics reveal, from nearly 1 billion monthly active users in February 2016, WhatsApp monthly active users have skyrocketed to over 2 billion as on March 2020.