19 March 2016

Incredible epic fails in IT security community of past week

Incredible epic fails in IT security community of past week

We all need security for a reason, but sometimes we completely forget about the true meaning of this reason and the intentions for enforcing security measures. In this article we will cover the funniest stories from IT security community, which happed last week.

Prison break (Russian version)

Russian carder Kamo Voskanyan escaped home arrest one day before the final hearing and his location is currently unknown. He was wearing an ankle bracelet, and supposedly caring his favorite cat. The alert about Mr. Voskanyan leaving his apartment was triggered at 2 A.M. Unfortunately, working day in Saint Petersburg police starts only at 9 A.M., and there was no one to react to the alert during the night (!).

But Mr. Voskanyan was not the original inventor of this incredible escape. In August 2015 Alexander Shapovalov managed to do the very same thing. His ankle bracelet was discovered in airport, and he was able to fly away.

Information leaks

In Kazakhstan lawmakers were forced to disable usage of smartphones connected to the Internet in governmental institutions. The main concern was that people are using mobile applications to make pictures of secret documents and then publish them. The memorandum about limitations of smartphone usage was also leaked using smartphone.

Presidential hack

First victim of Anonymous hacktivists was Donald Trump. Hackers published his personal information, including phone numbers, addresses and social security number. The second victim was Ukrainian acting president Peter Poroshenko. Hackers published personal information of Poroshenko’s family members and accused one politician of pro-presidential party in working for Russian Secret Services (FSB).

Wrong patching

In late 2013 Oracle issued a patch for critical vulnerability in Java (CVE-2013-5838). Unfortunately, that patch was not effective. Experts from Security Explorations published a PoC code, which triggers the vulnerability in latest Java SE 7 Update 97, Java SE 8 Update 74 and Java SE 9 Early Access Build 108.

Back to the list

Latest Posts

ATM Skimmers: What You Should Know

ATM Skimmers: What You Should Know

We hear about data breaches every day, criminals sell credit cards details (numbers, expiration date, and cardholders’ names) on black markets, and more people become victims of identity theft.
16 November 2017
Review of November’s Patch Tuesday for Microsoft, Adobe, and Mozilla

Review of November’s Patch Tuesday for Microsoft, Adobe, and Mozilla

The TOP software vendors fixed yesterday 153 vulnerabilities.
15 November 2017
Week in review: major cybersecurity incidents in November 6-12

Week in review: major cybersecurity incidents in November 6-12

The article contains a brief report of cybersecurity incidents for the past week.
14 November 2017