Zscaler Blog

Get the latest Zscaler blog updates in your inbox

News & Announcements

Amazon accounts hacked! | This week in cybersecurity

April 13, 2017 - 2 min read

Amazon’s Third-Party Sellers Hit by Hackers

Hackers are targeting the growing population of third-party sellers on Amazon, using stolen credentials to “post fake deals and steal cash.” Hackers have gone into active seller accounts and changed the bank-deposit information to steal tens of thousands of dollars from each.  They have also posted fake listings at high prices with big discounts in order to pocket the cash. The fraud was made possible largely due to email and password credentials that were stolen from previously hacked accounts and were then sold on the dark web. Read more.

Hackers Breach Dallas Emergency Alarm System

Hackers reportedly turned on 156 of Dallas’ emergency alarm systems at once on Friday, despite the fact that there was no sign of any natural emergency. The mayor of Dallas noted that “this is another serious example of the need for us to upgrade and better safeguard our city’s technology infrastructure,” and highlights how critical infrastructure systems are vulnerable to attack. Read more.

Microsoft Word Zero-Day Used for Dridex

“Booby-trapped documents exploiting a critical zero-day vulnerability in Microsoft Word have been sent to millions of people around the world in a blitz aimed at installing Dridex, currently one of the most dangerous bank fraud threats on the Internet,” reports Ars Technica. Read more.

Feds Deliver Fatal Blow to Kelihos Botnet

Federal prosecutors say they’ve dealt a fatal blow to Kelihos, a network of more than 10,000 infected computers that was used to deliver spam, steal login passwords and deliver ransomware and other types of malware since 2010. Reuters reported that the takedown was announced on Monday, one day after authorities in Spain reportedly arrested alleged Kelihos operator Pyotr Levashov. Read more.

Hackers Can Use Your Phone’s Sensors to Steal your PIN Number

According to Mashable, hackers might be able to steal your PIN number just based on the way you tilt your phone. Researchers say that embedded JavaScript code can compromise user’s sensitive information by, “listening to the side channel data provided by the motion and orientation sensors without user permission.” Read more.

Vulnerabilities in Travel Routers

According to ZDNet, several popular travel routers are at risk of a number of vulnerabilities including easily exploitable flaws. One of the routers studied could be tricked into turning over its plaintext admin credentials and wireless network address, which run as root, with a text message containing a simple line of code. Read more.

Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.