Archive for July 2017

7 Worst Cyberattacks in Recent History

Malware and hacking tactics are becoming more advanced, and users need to be prepared against attack

It’s one thing to click the wrong link and accidentally download some annoying adware on your personal 7 Worst Cyberattacks in Recent Historydevice. It’s another thing to watch as hospitals, train stations, nuclear power plants, and private businesses fall victim to a devastating cyber attack that obliterates their networks and decimates their data.


While viruses and worms of the ‘90s and early ‘00s might be memorable, the malware of the past few years have been unbelievably destructive. Because the internet is everywhere these days, hackers are finding it easier than ever to spread malicious software and gain access to highly sensitive information. If you need more proof that recent cyber attacks are some of the worst in history, the following devastating attacks should be evidence enough.

WannaCry
While a spate of similar malware programs has spread in its wake, WannaCry is certainly the most talked-about attack this year. Using a vulnerability developed by none-other than the U.S. National Security Agency, WannaCry was able to infiltrate computer networks running outdated operating systems, taking them and their data hostage. As a result, more than 230,000 machines in more than 150 countries fell victim to the attack, including dozens of hospitals and care centers in the U.K., a train system in Germany, and a telecommunications provider in Spain. Fortunately, most home users can stay safe from WannaCry by updating their software whenever there is an update and by installing strong internet security software.

Shamoon or Disttrack
A computer virus that targeted devices linked to the energy sector, Shamoon was developed in 2012 by a hacker group known as “Cutting Swords of Justice.” The group’s goal was to destabilize Saudi Amarco Company, an energy giant in the Middle East – and it was somewhat successful. More than 30,000 workstations were impacted by the virus, which prevented machines from connecting to the web and communicating with each other. Also affected were Qatari RasGas Company and LNG Company, though it’s unknown whether they were additional targets of the attack.

Operation Olympic Games or Stuxnet
At the end of President Bush’s administration, the U.S. government attempted to disrupt and sabotage Iranian nuclear facilities with a concentrated cyberattack. Working in conjunction with Israel, the U.S. developed a worm, named Stuxnet, that could take command of devices and use them to control machinery connected to them. Stuxnet was ruthless in its attack, incapacitating over 1,000 centrifuges in just one Iranian nuclear plant; it is a powerful digital weapon, and security experts believe it is being traded around black hat hacker circles – which means the most physically damaging cyber attack is likely on the horizon.

Operation Shady RAT
Operation Shady RATAs you read, a cyber attack is being waged. In 2008, a cybersecurity professional uncovered a series of similar attacks, which he dubbed Operation Shady RAT, launched against government institutions and private agencies in 14 different countries. Though investigations have yet to determine the source of the extensive attack, many analysts believe the operation is sponsored by the Chinese government.

Titan Rain
In the early 2000s, American computer systems experienced an onslaught of epic proportions. Contractors working with the Department of Defense, to include dozens of private businesses like Lockheed Martin and Redstone Arsenal, lost an inordinate amount of sensitive information to attackers, who most security professionals believe were working for China. The attacks continued for three full years before cybersecurity received enough funding to build proper digital defenses. The British Ministry of Defense endured similar attacks, though on a smaller scale.

OpIsrael
Beginning on Holocaust Remembrance Day in 2013, a series of cyber attacks coordinated by anti-Israeli groups and individuals began taking down Israeli websites. The hacks ranged from annoying defacements to disruptive database hijacking and devastating leaks. Unfortunately, the attack debilitated schools, newspapers, small businesses, nonprofit groups, and banks – many of which were not Israeli in origin, effectively working counter to the attackers’ main goal of showing discontent with Israel.

July 2009 Cyberattacks
Though they still lack a flashy name, these attacks propagated against South Korea and the U.S. affected more than 100,000 computers. It seems that attackers targeted governmental websites, including the South Korean National Assembly, the White House, and the Pentagon, as well as a handful of media outlets. To this day, the source and intention of the attacks are unknown, though many experts believe the North Korean telecommunications ministry is to blame..
Thursday, July 27, 2017
Posted by Sivapriya

What is Tabnapping? Protection & Prevention Techniques

The word ‘Tab Napping’ comes from the combination of ‘tab’ and ‘kidnapping’ used by clever phishers, scammers, and hackers. Tabnapping is an interesting, tricky, clever, and smart hacking technique for phishing and scamming.
Through this, attackers take advantage and control a victim’s unattended browser tabs by hijacking and redirecting him to malicious URLs where they can perform a phishing attack and execute scripts and data URIS.

For example:
You are already logged in to your Facebook account and suddenly you see an interesting post with a web link. After clicking on the link, a new tab opens. Now, you are visiting an interesting post link on the new tab and unknowingly your previous tab will change to a fake Facebook login page. When you go back to the previous tab to log in to Facebook, your login information will be sent to the attacker and your successful login to Facebook because you never logged out.

Protect Yourself From Tab Napping:
Always check the URL in the address bar and ensure that it is using secure protocol HTTPS
Most web developers use target=”_blank” only to open links in new tab. If you use target=”_blank” only to open links in a new tab, then it is vulnerable to an attacker. When you open a link in a new tab ( target=”_blank” ), the page that opens in a new tab can access the initial tab and change its location using the window.opener property.

javascript code:
window.opener.location.replace(malicious URL)

Prevention:
rel=”nofollow noopener noreferrer”

"Cyber world is hitting by Tabnapping. Many sites like Google and Facebook is affected by Tabnapping. Many of us is unaware about this hacking technique, so hackers are targeting us, using this attack "

Important Note:
It is just for educational purpose only.

Tuesday, July 11, 2017
Posted by Sivapriya

Total Pageviews

- Copyright © REDBACK COUNCIL - RISC -- Powered by Redback - Designed by Redback Council -