Hacken Token
$ -- --.--
Weekly News Digest #22

Weekly News Digest #22

Singtel Hacking Resulting Customers And Employees Data Leakage 

A security breach of a third-party file-sharing system led to the leakage of personal information of 129.000 clients and former Singtel employees.  The data of 23 enterprises, credit card details of the staff of a corporate client were also revealed.

After the investigation, the company stated that customers private data contained the name, date of birth, address, and mobile number. What is more, 28 former staff of Singtel suffered from the leakage of bank account info, and 45 employees of a corporate client went through the loss of credit card details. 

Read more

Kia Motors Brings $20m to Hackers

An extended system outage of Motors America appeared to be a hacker attack. The ransomware band, known as DoppelPaymer, announced the cyberattack of the company, locking down the company’s data and requiring a $20 million redeem. 

In case of meeting the blackmailers’ demands, the sensitive data bits of KIA will not be published on the hacker’s site.

Ransom company mentioned that they aimed at Hyundai Motor America, the parent company of Kia Motors America, based in Irvine, Calif. DoppelPaymer gave Motors America 2 -3 weeks to pay 404 Bitcoins (approximately $20 million). Hackers threatened to raise $30 million.

Read more

Privacy Suffers: Tracker Pixels In Emails

Analytics claim that, nowadays, invisible pixels tracking emails are now ubiquitous.

Spy pixels (tracking pixels, or web beacons) are invisible. They represent tiny image files like PNGs or GIFs,  are included in the content body of an email. Usually, their size doesn’t exceed 1×1 pixels, and they merge with the content to become invisible to users. Such pixels come in handy to track the visitors on web domains.

Read more

Microsoft Flash Will Be Removed Via The New KB4577586 Windows Update

Recently Microsoft has launched extending the new KB4577586 update in order to remove the Adobe Flash Player software from Windows gadgets. 

Since October 2020, browser developers were preparing for the Flash expiration date (end of 2020). To avoid security issues, system administrators who wanted to delete Flash beforehand could access the Microsoft Update Catalog and download the KB4577586 packages before EOL.

Read more

Zero-Day Vulnerabilities In Gaper

Gapers is an application with 800.000 users created for those who seek dating younger or older partners. Researchers warn that any user profile of the dating app Gaper could be hacked due to zero-day flaws. 

There is no access control and multifactor authentication in the app. Consequently, attackers could get private information and take the account over for 10 minutes.

Given that certificate pinning was not enforced, Burp Suite proxy allowed to obtain a manipulator-in-the-middle (MitM) position.

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.