Red Securium

  The affected individuals included 14,200 individuals who had been diagnosed with HIV, of which 5,400 individuals were Singaporeans and 8,800 were foreigners. The leaked information included names, identification numbers, phone numbers, addresses, HIV test results, and other related medical information. Private data of almost 14,200 individuals who had been diagnosed with HIV up to January 2013 were leaked online. A US citizen residing in Singapore gained unauthorized access to the HIV registry and leaked the data online . Out of the 14,200 affected individuals, 5400 individuals were Singaporeans and 8,800 were foreigners. The leaked information included names, identification numbers, phone numbers, addresses, HIV test results, and other related medical information. US citizen gained illegal access to the HIV registry On 28, January 2019, Singapore's Ministry of Health confirmed in a  statement , that Mikhy K Farrera Brochez, a US citizen residing in Singapore on

  A bug in Apple iOS allows Facetime users to listen and watch the call recipients before the call is even picked up. Researchers confirmed that this bug exists in iOS 12.1.2 version. Researchers uncovered a critical bug in Apple iOS devices that could allow Facetime users to access the microphone and front camera of who they are calling even if the call recipient does not answer the call. The bug was first reported by  9to5Mac  which stated that the bug could allow Facetime users to listen to the audio of the person they are calling even before the recipient accept the call. Later,  Buzzfeed  reported that this bug allows Facetime users to access the front camera as well. How can the bug be exploited? To use this bug an iOS user should call a person via Facetime and should add themselves as an additional contact to Group Facetime before the recipient answers the call. By doing so, the microphone of the call recipient will be turned on and the caller can listen to

The spam emails contained PDF attachments with links that redirect to fake adult dating sites. One of the redirects showed a mysterious message “follow the white rabbit”, a famous reference in pop culture. An unusual form of spam campaign has surfaced in the cyberspace. In this phishing campaign, the spam email contains attachments with links that redirect to fake adult dating sites. Some links also impersonate the popular dating site Ashley Madison with their own fraudulent version. Security site Bleeping Computer reported details of the spam mails observed in this campaign. A sample received by the site shows that the email comes from a user named Gell with an address info@reeedirect[.]ru. Subject lines in the mail consist of random names. At the bottom of the email, there is an attachment in PDF form. If users click on the links present in the PDF attachment, it initiates a series of redirects which ultimately takes them to a fake adult dating site. Following the whi

AZORult hides as a Google Updater program and replaces the legitimate Google Updater program on the compromised systems. As the malware replaces the legitimate Google Updater program, it can achieve persistency without having to alter Windows registry or add any scheduled tasks on its own. Researchers recently observed the AZORult information stealer malware disguised as a Google Updater program and achieving persistence by replacing the legitimate Google Updater program on the compromised systems. Researchers from Minerva Labs, Asaf Aprozper and Gal Bitensky, detected the malware after they received a GoogleUpdate.exe binary signed with a valid certificate which was blocked by their security tool. Fake Google Update binary The researchers noted that the Google Updater program appeared to be legitimate, having the right icon and being signed with a non-revoked certificate. However, upon closer inspection, the researchers found that the binary was actually signed

    Vulnerabilities within web applications and information stealing malware were leveraged to perform the attack. One vulnerability that was exploited in the attack was related to privilege escalation - CVE-2018-1038, also known as TotalMeltdown. According to a recent report from the Australian Cyber Security Center (ACSC), eight Australian web hosting providers were compromised in a malware attack in 2018. Vulnerabilities within web applications and information stealing malware were leveraged to perform the attack - which was dubbed as 'Manic Menagerie' by the ACSC. Attack method It was revealed that hackers abused the flaws with web applications to get root access to web servers. Upon gaining access, they installed a malware - that included both password stealing tools and the Gh0st remote access tool (RAT). Further analysis revealed that the attackers used a web browser to manually interact with the targeted websites and find the vulnerabilities. Once id

  The program which is a part of a survey will help the government figure out the number of insecure IoT devices in the country. The survey is scheduled to kick off next month and involves the security test of over 200 million IoT devices. The Japanese government has approved a new amendment that would allow government officials to hack into citizens’ IoT devices. The program which is a part of a survey will help the government to figure out the number of insecure IoT devices in the country. About the survey The survey is scheduled to kick off next month and involves the security test of over 200 million IoT devices. Devices in homes and on enterprise networks will be tested alike under the penetration test program. The  survey  will be carried out by employees of the National Institute of Information and Communications Technology (NICT) under the supervision of the Ministry of Internal Affairs and Communications. A list of default passwords and password dictionarie

    Authorities from the US and Europe have seized the online forum xDedic. xDedic was a trading platform where cybercriminals used to buy or sell a variety of illicit products such as hacked servers, hacking tools, and more. xDedic, the shady marketplace that offered various hacking tools and other malicious products, was taken down earlier by authorities. The forum was responsible for fraudulent transactions totaling more than $68 million along with stealing information from victims. Authorities from the US, Belgium and the European law enforcement agency Europol collaborated together to bring down xDedic. From the US, the Federal Bureau of Investigation (FBI) and Internal Revenue Services (IRS) led the hunt, while from Europe, it was led by the federal prosecutors from Belgium, Ukraine, and Germany. “The victims span the globe and all industries, including local, state, and federal government infrastructure, hospitals, 911, and emergency services, call centers, major

     Customers of former DDoS-for-hire site WebStresser are now chased by police and law enforcement agencies. WebStresser was seized by authorities from the US, UK, and the Netherlands in April 2018. Users registered on WebStresser are in for a bad ride as police authorities plan to track those who conducted small-scale DDoS attacks. The popular DDoS-for-hire site was shut down in April 2018 after authorities found that the site was responsible for over four million attacks in a span of three years. Once WebStresser was seized up, police uncovered information of its more than  150,000  registered users. Currently, UK’s National Crime Agency (NCA) is leading the way to track down all the users, followed by police authorities from 19 countries around the world. “In the United Kingdom, a number of webstresser.org users have recently been visited by the police, who have seized over 60 personal electronic devices from them for analysis as part of Operation Power OFF. UK p

Intro duction:     Cyber security is the protection of internet-connected systems, including hardware, software and data, from cyber attacks. velevate provides cyber security ,penetration testing in uk In a computing context,  security  comprises cyber security and physical security -- both are used by enterprises to protect against unauthorized access to data centers and other computerized systems. Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset of cyber security. velevate provides cyber security ,penetration testing,vulnerability assessment,bug bounting,mobile security,web application security, in uk. This is the no.1 company in u k.   Elements of cyber security Ensuring cyber security requires the coordination of efforts throughout an information system, which includes: Application security Information security Network security Disaster recovery / business continuity planning