Hacken Token
$ -- --.--
Weekly Digest #26

Weekly News Digest #26

Face verification at ATMs in Singapore

The customers of OCBC Bank can authenticate their identity at ATMs without using an ATM card. Face verification is now available at selected ATMs across Singapore. Currently, this technology allows customers only to check the balance, however, other operations will soon become available. 

Currently, there are 8 such ATMs in Singapore located in the bank’s main branches, at a convenience store, and in CBD. The officials of the Bank are going to expand the functionality of new technology by allowing customers to withdraw cash without their ATM card, however, the exact timeline is not specified. Such operations as cashcard top-ups, funds transfer to other banks, credit card bill payments, and cash deposits will become available to customers starting from 2022. 

According to the statement made by OCBC, cash withdrawals and balance queries are the two most frequently used services at the Bank’s ATMs since they account for 80 per cent of transactions performed at these machines in the country. 

Read more

US and UK schools are targeted by PYSA ransomware operators

According to the information provided by the FBI, schools in the USA and UK are frequently falling victim to the attacks committed by ransomware operators. The primary objective of these criminals is to steal data for requesting payment (ransom).

The FBI has investigated that attackers leveraged PYSA ransomware that is also known as Mespinoza that was firstly detected in October 2020 when criminals applied it to attack large corporate networks.

The criminal groups used PYSA to exfiltrate data from K-12 schools, seminaries, and higher education and then encrypted victims’ systems so that to increase the possibility of getting the requested ransom payments. The cyber actors in question have not been identified yet.

PYSA ransomware uses such extensions as .locked and .pysa to encrypt the compromised systems. Among the tactics applied by cyber actors to enter into a target system, it is important to outline social engineering, phishing emails, and the compromise of Remote Desktop Protocol (RDP) performed through brute-force or theft.

Read more

Telecom companies’ 5G secrets at risk 

Telecom companies worldwide are facing a series of attacks related to cyber-espionage campaigns aimed at stealing sensitive information such as data on 5G technology from the victims. 

The McAfee cybersecurity researchers state that this campaign is focused on telecommunications providers representing Europe, North America, and Southeast Asia. The series of attacks has been named Operation Diànxùn and, according to the researchers, it has been performed by a hacking group operating on the territory of China.  

The hacking group in question is also known in the world as Mustang Panda and Red Delta. This group committed a number of hacks and espionage campaigns against companies worldwide before switching its attention to compromising the companies from the field of telecommunications.

Read more

The release of Spectre PoC Exploit For Chrome by Google

The proof-of-concept (PoC) exploit code has been released by Google. The code is used to conduct a Spectre attack against the Chrome browser to extract data from device memory.

The Spectre attack was firstly discovered in 2018. Now, a group of researchers has released a special demonstration website that is written in JavaScript to leverage the attack. The main objective of the researchers is to demonstrate to web application developers the importance of taking active steps aimed at protecting their sites.  

In early 2018, the silicon industry was rocked by the detection of the Spectre (CVE-2017-5753 and CVE-2017-5715) alongside the Meltdown (CVE-2017-5754) flaws. The presence of the Spectre vulnerability enables malicious applications to access data under processing on the device. The vulnerability in question can expose documents, emails, passwords, etc.  The exploited vulnerabilities affect other well-known browsers as well. Through a side-channel analysis, a hacker who has local user access can disclose information without any authorization. 

Read more

Users of Mac and Windows are warned about Zero-day Flaw

Google Browser has experienced a third zero-day flaw this year. The company is actively trying to issue a fix for the vulnerability in question. By exploiting the flow hackers can perform denial-of-service attacks on the affected systems as well as remote code execution.

The vulnerability has been detected in the Chrome browser engine Blink that was developed as a part of the Chromium project. The role of browser engines is related to converting web page resources such as HTML documents into visual representations that may be viewed by end users.

Google has updated the stable channel to 89.0.4389.90 for Mac, Windows, and Linux and the company will roll out them soon. 

According to CVSS vulnerability-rating scale, the (CVE-2021-21193) flaw ranks 8.8 out of 10 and, thus, may be considered as a high-severity flaw. The vulnerability is related to dynamic memory improper use during the phase of program operation. Subject to the description of the vulnerability, in case the pointer to the memory is not cleared by the program after a memory location freeing, a cybercriminal can exploit the error for hacking the program.

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.

    hackenproof logo

    The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.