CYBER ATTACKS 2015

WARSAW:  Around 1,400 passengers of the Polish airline LOT were grounded at Warsaw's Chopin airport on Sunday after hackers attacked the airline ground computer systems used to issue flight plans, the company said.The computer system was hacked in the afternoon and fixed after around five hours, during which 10 of the state-owned carrier's national and international flights were cancelled and about a dozen more delayed.

Hackers Ground 1,400 Passengers at Warsaw Airport

The systems were hacked due to the attack known as a Distributed Denial of Service (DDoS) attack -- when a hacker floods an organization's system with so many communication requests that it overloads the server, and it can no longer carry out its normal functions.

"This was a capacity attack, which overloaded our network," said the spokesman, Adrian Kubicki.

INFORMATION ABOUT THE ATTACK

Blocking the Attack with Packet Filters on the Router(s) Blocking the attack by configuring Windows Firewall. In this a script is created to configure firewall so it

 automatically blocks IP addresses when a hacker attack is detected

netsh advfirewall firewall delete rule name="disallow Hacker IP" # ignore wrapping, this should all be on one line netsh advfirewall firewall add rule name="disallow Hacker IP" action=block enable=yes profile=any localip=any protocol=any dir=in remoteip=67.219.58.161,69.163.239.247,174.122.60.235,216.36.57.157

How to block DDoS attack

Hackers hacked Canadian government websites for several hours on Wednesday. The hacker collective Anonymous took responsibility in an online video, saying it was done in protest of a controversial anti-terror law that dramatically expands the powers and reach of Canada's spy agency.

 The government's public website for applying for social services and downloading official forms was briefly shut down in this cyber-attack

Anonymous Hackers Attack Canada Government Websites

The government website was hacked due to the attack known as a Distributed Denial of Service (DDoS) attack

INFORMATION ABOUT THE ATTACK

The Computer Emergency Response Team of India (CERT-In) has detected that the malware identified as 'Bioazih' which can acquire as many as five aliases to hide its evil designs and "can execute commands remotely, upload data, download and execute files" in an unauthorsied manner.

"It has been reported that a new malware having backdoor functionalities dubbed as 'Bioazih' is spreading. The malware propagates by means of spear phishing emails containing attached malicious document exploiting Microsoft Office vulnerability or the Remote Access Trojan (RAT) may infect the targeted users system by means of malware dropper also," CERT-In said in its latest advisory to Internet users.

India Affected by 'Bioazih' Trojan, Warns CERT-In

This malware family can give a malicious hacker access and control of your PC.These threats can be installed when you open a spam email attachment.The following can indicate that you have this threat on your PC:You have these files:1-%ProgramFiles% \common files\Config.exe 2-%ProgramFiles% \Startup\csrss.exe 3- \dmdskngr.dll 4- \dmserver.dll 5- \dssemh.dll 6-%SystemRoot% \tasks\conime.exe 7-%SystemRoot% \tasks\ctfmon.exe 8- \tdmserver.dll 

TO protect from this Windows Defender for Windows 8.1or Microsoft Security Essentials for Windows 7 and Windows Vista  is used

How to  check detect and remove Bioazih virus malware 

Internet users were denied access to Google Inc's Malaysia website, and were redirected to a hacked page saying "Google Malaysia Hacked by Tiger-Mate #Bangladeshi Hacker".

Google Malaysia Service Disrupted by Hackers

Google Malaysia itself noted that there has been no hack of its systems, though, and this, rather, is a DNS redirect attack

Type of Attack

THANK YOU