Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Passwords. Show all posts
Privacy
CyberCrime Cyberhackers Cybersecurity CyberThreat Default Passwords Multi-Factor Authentication (MFA) Passwords Privacy

Password Reuse Threatens Security of 50 Percent of Online Users

 


The Overlooked Danger of Password Reuse

While digital access is becoming increasingly prevalent in our everyday lives, from managing finances to enjoying online entertainment, there remains a critical security lapse: password reuse. Even though it is convenient, this practice remains one of the most common yet preventable cybersecurity risks. Almost everyone uses the same login credentials across multiple platforms repeatedly, which exposes them to an unavoidable domino effect of cyber threats, unknowingly. 

It has been proven that when a single set of credentials is compromised, an attacker can use that credential to infiltrate several accounts, resulting in unauthorized access, identity theft, and financial fraud. While cybersecurity awareness has grown, password reuse continues to pose a threat to personal and professional data security even though cyber threats are becoming increasingly prevalent. 

 This vulnerability can be mitigated by adopting stronger security practices, such as password managers and multi-factor authentication, which can help counteract this issue. Establishing strong, unique credentials for each service is a fundamental part of minimizing exposure to cyber threats and protecting sensitive information. 

The Persistent Threat of Password Reuse

It is widely acknowledged that passwords are one of the fundamental weaknesses of cybersecurity, serving as a primary vector for breaches. Organizations fail to implement effective measures for detecting and preventing compromised credentials, resulting in the risk of the breach being further exacerbated by users repeatedly using the same password over multiple accounts, further escalating the threat. 

It is apparent that even though the public is becoming more aware of the dangers of password reuse, it remains a widespread issue, which leaves individuals and businesses vulnerable to cyberattacks. 

Recent studies reveal just how alarming this problem is. According to a Google survey conducted in the past year, 65% of users recycle their passwords across different platforms. 

However, another survey found that although 91% of individuals are aware of the risks associated with this practice, 59% still practice it. It has been reported that 44 million accounts are at risk of compromise because of compromised credentials, and according to research, the average user reuses passwords up to 14 times on average. 

72% of people admit that they reuse passwords for their accounts, while nearly half of them change existing passwords slightly rather than creating new, stronger ones during required updates, which renders periodic password resets ineffective because they result in weak passwords. 

It is important to note that this issue is not limited to personal accounts, as 73% of users have duplicate passwords across their professional and personal profiles. Studies also indicate that 76% of millennials reuse their passwords, demonstrating the persistence of this risky behaviour. 

The Verizon Data Breach Investigations Report further highlights the severity of the issue by averaging 81% of hacking-related breaches being connected to compromised credentials, demonstrating its severity.

There is no doubt that the danger of reusing passwords is well-known to many users. However, managing unique credentials for multiple accounts can lead to common security lapses. Cybercriminals exploit this widespread negligence to gain unauthorized access by exploiting weak authentication practices.

The assumption that users will change their habits is unrealistic, and businesses cannot afford to ignore the risks posed by inadequate password management, and they cannot ignore the risks that arise from this approach. For organizations to effectively combat these threats, automated security solutions must be implemented, which continuously monitor, detect and prevent the use of exposed credentials, ensuring a stronger defence against cyberattacks. 

The Risks of Password Sharing in the Digital Age 

A common occurrence these days is sharing login credentials with family, friends, and coworkers in an era when digital services dominate users' daily lives. The rise of streaming platforms, the sharing of social media accounts, and many other online services have made it possible for this trend to persist. 

According to research, 59% of all individuals share their login information or passwords with at least one type of account, which puts them at risk for security issues. In terms of the most frequently shared credentials, video streaming services lead the list, with 41% of users admitting that they have shared login information with others. The average individual shares access to personal devices, including smartphones, tablets, and computers, with approximately 23% of them doing so. 

In addition to email and music streaming accounts, more than 15% of users have shared their credentials with others, and over 15% have been known to do so. Although password sharing seems convenient, it increases the chance of unauthorized access, credential leaks, and information compromise, so it is imperative to keep passwords safe and secure at all times. Managing multiple passwords across multiple online accounts can be challenging, resulting in insecure practices such as reusing passwords or sharing them informally, but it is imperative for the protection of all personal information to maintain a strong password hygiene system. 

As a result of using secure password management tools such as those offered by The Password Factory, enabling multi-factor authentication, and avoiding the temptation to share credentials with others, cyber threats can be dramatically reduced, while account integrity and data security can be preserved. 

Strengthening Security Through Proactive Measures

When it comes to improving cybersecurity, the first step is removing weak and reusing passwords from the system. For each account, users need to establish unique, complex passwords that are a considerable reduction of vulnerability to credential-based attacks. 

Multi-factor authentication (MFA) is another step in increasing the security of all supported accounts while adopting passkeys is another step towards making their passwords more secure and phishing-resistant. As a website administrator, it is essential to integrate leak detection mechanisms to identify and mitigate threats in real-time by identifying and resolving threats as soon as they arise. Automating the process of resetting compromised passwords further enhances security. 

Additionally, the implementation of protective measures, such as rate limiting and bot management tools, can help limit the impact of automated attacks on the website. To ensure that users' security posture is strengthened, they must conduct regular audits to identify trends in password reuse, detect exposed credentials, and enforce stringent password policies. 

Using these best practices will help both individuals and organizations strengthen their defences against cyber threats, thus minimizing the risk that their data will be compromised or unauthorized. In addition to safeguarding sensitive information, proactive security measures also contribute to ensuring that the digital environment is more resilient and less prone to cyber-attacks.
Read more »
Security Cameras
Encryption Hackers Passwords Privacy Security Cameras

Protect Your Security Cameras from Hackers with These Simple Steps

 



Security cameras are meant to keep us safe, but they can also become targets for hackers. If cybercriminals gain access, they can spy on you or tamper with your footage. To prevent this, follow these straightforward tips to ensure your security cameras remain under your control.

1. Avoid Cheap or Second-Hand Cameras

While it might be tempting to buy an inexpensive or used security camera, doing so can put your privacy at risk. Unknown brands or knockoffs may have weak security features, making them easier to hack. Used cameras, even if reset, could still contain old software vulnerabilities or even hidden malware. Always choose reputable brands with good security records.

2. Choose Cameras with Strong Encryption

Encryption ensures that your video data is protected from unauthorized access. Look for brands that offer end-to-end encryption, which keeps your footage secure even if intercepted. Some brands, like Ring and Arlo, provide full encryption options, while others offer partial protection. The more encryption a company provides, the better your data is protected.

3. Research Security Reputation Before Buying

Before purchasing a camera, check if the company has a history of data breaches or security flaws. Some brands have had incidents where hackers accessed user data, so it’s essential to choose a manufacturer with a strong commitment to cybersecurity. Look for companies that use offline storage or advanced security features to minimize risks.

4. Strengthen Your Wi-Fi and App Passwords

A weak Wi-Fi password can allow hackers to access all connected devices in your home, including security cameras. Always use a strong, unique password for both your Wi-Fi network and camera app. Enable encryption on your router, activate built-in firewalls, and consider using a virtual private network (VPN) for extra protection. If you experience life changes like moving or breaking up with a partner, update your passwords to prevent unauthorized access.

5. Keep Your Camera Software Updated

Security camera companies regularly release updates to fix vulnerabilities and improve protection. If your camera has an option for automatic updates, turn it on. If not, make sure to check for updates manually through your camera app to ensure your system has the latest security patches.

6. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security by requiring a second verification step, such as a text message or email code, before logging in. This prevents unauthorized users from accessing your camera, even if they have your password.


Modern security cameras are much safer than before, thanks to improved encryption and security features. Most hacking attempts happen when users fail to secure their accounts or choose unreliable brands. However, there is still a risk if the camera company itself experiences a data breach. To minimize exposure, consider cameras with local storage or privacy covers for indoor models.

Who Tries to Hack Security Cameras?

In most cases, security cameras are not hacked by strangers. Instead, unauthorized access usually comes from people you know, such as an ex-partner or family member who already has login details. Occasionally, unethical employees at security companies have been caught misusing access. Ensuring strong passwords, encryption, and additional security measures can help prevent these issues.

By following these simple steps, you can keep your security cameras safe from hackers and ensure your home remains private and secure.


Read more »
Passwords
2FA Data Breach Grubhub Passwords

Grubhub Data Breach Exposes Customer and Driver Information

 



Food delivery service Grubhub has suffered a security breach that exposed sensitive information belonging to customers, drivers, and merchants. The breach, caused by unauthorized access through a third-party service provider, compromised personal details, hashed passwords, and partial credit card information.  

Grubhub detected suspicious activity within its system, which was later traced to an account used by a third-party customer support provider. The company quickly revoked access to this account and removed the provider from its platform to prevent further unauthorized entry.  

What Information Was Compromised?

Hackers gained access to various user data, including:  

1. Full names, email addresses, and phone numbers  

2. Hashed passwords (which are encrypted for security)  

3. Partial credit card details (only the card type and last four digits)  

The breach affected individuals who had previously interacted with Grubhub’s customer support or used its campus dining services. However, full payment card details and bank account information were not accessed.  

Steps Taken by Grubhub  

In response to the breach, Grubhub has implemented several security measures:  

  • Resetting passwords for affected accounts  
  • Blocking access to the compromised third-party account  
  • Enhancing security protocols to prevent similar incidents in the future  

Although the exact number of affected users and the timeline of the breach have not been disclosed, Grubhub is working to strengthen its security systems. 

This breach comes as Grubhub prepares for a major business transition. Its parent company, Just Eat, is finalizing a $650 million sale of Grubhub to food hall startup Wonder. The deal, announced in November 2024, is expected to be completed by early 2025.  

How Users Can Stay Safe

If you have a Grubhub account, consider taking the following precautions:  

1. Update your password immediately, especially if you use the same password on other platforms.  

2. Turn on two-factor authentication (2FA) for extra security.  

3. Be cautious of phishing emails pretending to be from Grubhub.  

4. Monitor your credit card and bank statements for unusual activity.  

This incident underscores the risks associated with third-party service providers in handling user data. As cyber threats continue to rise, companies must implement stronger security measures to protect customer information and prevent future breaches.

Read more »
PayPal
2FA Data Breach financial services Passwords PayPal

PayPal Fined $2 Million for Data Breach: A Wake-Up Call for Cybersecurity

 


PayPal has been fined $2 million by the New York State Department of Financial Services (DFS) for failing to protect customer data, resulting in a significant security breach. The incident, which occurred in December 2022, exposed sensitive information, including social security numbers, names, and email addresses of thousands of users. This breach has raised serious concerns about PayPal’s cybersecurity practices and its ability to safeguard customer data.

How Did the Breach Happen?

The breach occurred during an update to PayPal’s system to grant access to IRS Form 1099-Ks, which is used to report income. The employees responsible for implementing these changes lacked proper cybersecurity training, leaving the system vulnerable to exploitation. Cybercriminals used a technique called credential stuffing, where stolen login credentials from previous breaches are tested on other platforms. Since many users reuse passwords across multiple sites, this method often succeeds.

Due to these security flaws, hackers gained access to sensitive customer data, putting affected users at risk of identity theft, financial fraud, and phishing scams. The breach highlights the critical importance of robust cybersecurity measures and well-trained personnel.

Following an investigation, DFS concluded that PayPal lacked qualified cybersecurity personnel and failed to provide adequate training to its workforce. These shortcomings directly contributed to the breach. Adrienne A. Harris, Superintendent of DFS, emphasized the need for companies handling financial data to prioritize cybersecurity.

"Qualified cybersecurity personnel are the first line of defense against potential data breaches. Companies must invest in proper training and effective security policies to protect sensitive data and mitigate risks," Harris stated.

Data breaches like this one can have severe consequences for users. When personal information such as social security numbers and email addresses is leaked, cybercriminals can exploit it for identity theft, financial fraud, or phishing attacks.

Expert Recommendations for Users

To protect themselves from similar breaches, cybersecurity experts recommend the following steps:

  1. Enable Two-Factor Authentication (2FA): Adding an extra layer of security can significantly reduce the risk of unauthorized access.
  2. Use Unique Passwords: Avoid reusing passwords across multiple accounts to prevent credential stuffing attacks.
  3. Monitor Financial Activity: Regularly check bank statements and credit reports for any suspicious transactions.

The Bigger Picture: Cybersecurity in Financial Institutions

This incident underscores a growing problem in the financial sector: inadequate cybersecurity measures. Despite being a global payment giant, PayPal’s failure to implement reasonable security measures left its users vulnerable to cyberattacks. Financial institutions must prioritize cybersecurity by investing in advanced technologies, hiring skilled professionals, and providing comprehensive employee training.

DFS has been taking strict action against companies that fail to meet cybersecurity standards. This case serves as a reminder that regulatory bodies are increasingly holding organizations accountable for lapses in data protection.

While PayPal has yet to issue an official response to the fine, the company is expected to strengthen its security policies and enhance its cyber defenses to avoid future penalties. This incident should serve as a wake-up call for all companies handling sensitive customer information. In an era of escalating cyber threats, cybersecurity cannot be an afterthought—it must be a top priority.

The PayPal data breach highlights the critical need for robust cybersecurity measures in the financial sector. Companies must invest in skilled personnel, advanced technologies, and employee training to protect customer data effectively. For users, adopting best practices like enabling 2FA and using unique passwords can help mitigate risks. As cyber threats continue to evolve, both organizations and individuals must remain vigilant to safeguard sensitive information.

Read more »
Security Keys
Cyber Defenses Cyber Security FCC Login Security MFA Passwords Public Key Cryptography Security Keys

T-Mobile Enhances Cybersecurity with Yubikey Security Keys

 

T-Mobile has taken a significant step in enhancing its cybersecurity by adopting Yubikey security keys for its employees. The company purchased over 200,000 security keys from Yubico, deploying them across all staff, vendors, and authorized retail partners. The rollout, which began in late 2023, was completed in under three months, with T-Mobile reporting positive results within the first year of implementation.

Jeff Simon, T-Mobile’s chief security officer, highlighted the rapid deployment and the impact of the security keys. He emphasized their effectiveness in strengthening the company’s defenses against cyber threats. These hardware-based keys address vulnerabilities associated with digital passwords, such as phishing, malware, and brute-force attacks.

Security keys leverage public-key cryptography to securely authenticate users without exposing login credentials to potential attackers. The keys generate and store a private authentication key for online services directly on the physical device. This method ensures that even if hackers attempt to phish for login details, they cannot gain unauthorized access without the physical key.

Starting at around $20, these keys are an affordable and viable option for both individuals and businesses looking to bolster their cybersecurity. Tech giants such as Google, Apple, Facebook, and Coinbase have already adopted similar solutions to protect employees and customers.

T-Mobile’s decision to adopt security keys comes after a history of data breaches, including phishing attacks that compromised login credentials and internal systems. In response to an FCC investigation into these breaches, T-Mobile initially considered implementing multi-factor authentication (MFA) for all employee accounts. However, concerns about sophisticated hackers intercepting MFA codes via compromised smartphones led the company to choose a more secure hardware-based solution.

Enhanced Authentication with Yubico FIDO2 Keys

According to T-Mobile’s senior cybersecurity manager, Henry Valentine, the implementation of Yubico’s FIDO2 security keys has eliminated the need for employees to remember passwords or input one-time passcodes (OTP). Instead, employees authenticate their identity passwordlessly using their YubiKeys, enhancing both security and convenience.

While these security keys provide robust protection against phishing and credential theft, T-Mobile remains vigilant against other cybersecurity threats.

Despite the strengthened security measures, T-Mobile continues to face threats from advanced cyber adversaries. Notably, the Chinese hacking group “Salt Typhoon” has targeted US carriers, including T-Mobile, through software vulnerabilities. However, T-Mobile’s adoption of Yubikeys has helped prevent unauthorized access attempts.

The adoption of Yubikey security keys marks a proactive step in T-Mobile’s ongoing commitment to safeguarding its systems and data. By investing in hardware-based authentication, the company aims to stay ahead of evolving cyber threats and ensure a secure digital environment for its employees and customers.


Read more »
Software
Artificial Intelligence Cyber Threats Hong Kong Passwords Software

Cyber Threats in Hong Kong Hit Five-Year Peak with AI’s Growing Influence

 




Hong Kong experienced a record surge in cyberattacks last year, marking the highest number of incidents in five years. Hackers are increasingly using artificial intelligence (AI) to strengthen their methods, according to the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT).

The agency reported a spike of 12,536 cybersecurity incidents in 2024, a dramatic increase of 62% from 7,752 cases in 2023. Phishing attacks dominated these incidents, with cases more than doubling from 3,752 in 2023 to 7,811 last year.

AI is aiding in improving phishing campaign effectiveness. Attackers can now use AI tools to create extremely realistic fake emails and websites that even the most skeptical eye cannot easily distinguish from their legitimate counterparts.

Alex Chan Chung-man, a digital transformation leader at HKCERT, commented that phishing attacks targeted the majority of cases for banking, financial, and payment systems, almost 25% of the total cases. Social media, including WhatsApp and messaging apps, was another main target, 22% of the total cases.

AI allows scammers to create flawless phishing messages and generate fake website links that mimic trusted services," Chan explained. This efficiency has led to a sharp rise in phishing links, with over 48,000 malicious URLs identified last year—an increase of 1.5 times compared to 2023.

Hackers are also targeting other essential services such as healthcare and utilities. A notable case involved Union Hospital in Tai Wai, which suffered a ransomware attack. In this case, cybercriminals used a malware called "LockBit" to demand a $10 million ransom. The hospital did not comply with the ransom demand but the incident illustrates the risks critical infrastructure providers face.

Third-party vendors involved with critical sectors are emerging vulnerabilities for hackers to exploit. Leaks through such third-party partners have the potential to cause heavy damages, ranging from legal to reputation-related.


New Risk: Electronic Sign Boards

Digital signboards, once left unattended, are now being targeted by hackers. According to HKCERT, 40% of companies have not risk-assessed these systems. These displays can easily be hijacked through USB devices or wireless connections and display malicious or inappropriate content.  

Though Hong Kong has not been attacked this way, such attacks in other countries indicate a new threat.


Prevention for Businesses

HKCERT advises organizations to take the following measures against these threats:  

  1. Change passwords regularly and use multi-factor authentication.  
  2. Regularly backup important data to avoid loss.  
  3. Update software regularly to patch security vulnerabilities.

Chan emphasized that AI-driven threats will develop their methods, and thus robust cybersecurity practices are needed to protect sensitive data and infrastructure.




Read more »
Wi-fi
Cyber Hacking Cyberattacks CyberCrime Cybersecurity Cyberthrears Passwords Privacy Routers Wi-fi

The Hidden Dangers of Compromised Wi-Fi Routers

 


Cybercriminals who attack routers are swift and precise, spending countless hours studying network vulnerabilities to compromise sensitive data and then taking advantage of those vulnerabilities to compromise the router. The term "router hacking" refers to taking control of a user's router without their consent by a cybercriminals.

The Wi-Fi hacker, like other types of hackers, relies on security measures that a user may have implemented to protect themselves against the hack - often the administrator password for their router or an unpatched vulnerability in their system. The hacker has a variety of tricks that he can use if he wants to hack into a router successfully. 

There is a risk that a hacker will be able to gain access to a router in minutes if the user has not set a strong password for their router. The hacker can take control of users' router after they have gained access, and even change the settings or install malicious software on users' router after they have gained control. These are all signature signs that users have been hit by a black-hat hacker, as opposed to their more altruistic white-hat cousins. 

Approximately one in 16 internet-connected home Wi-Fi routers can be remotely accessed by attackers using the manufacturer's default admin password. Getting continually kicked off users' home networks can be super annoying, but that's what some hackers will do. A hacker may use a de-authentication attack to target network devices. To do so, a hacker does not even need administrative access to the user router; they only need to find the router and device users' using. They can do this by using a tool such as Aircrack-ng. After doing so, they craft a command that uses the users' router's authentication protocol to deauthenticate users, thus kicking them off the network. 

A Forbes study found that 86% of users never change their default credentials. As default credentials are easily found online, all hackers must do a perfunctory Google search to find the information they need to log into users' routers. If they do, they can change things like the password and SSID. Changing the password will kick users off their network, and changing the SSID will change their network name. They could also hide users' networks entirely after kicking them off and changing the name, making it difficult to get back online. Scammers employ various methods to hack into Wi-Fi networks, exploiting vulnerabilities and poor security practices.

One common technique is brute-forcing Wi-Fi passwords, where hackers systematically attempt numerous password combinations to gain access. Once successful, they can lock users out by changing the password and taking control of the router. Another method involves using the router’s default credentials, often left unchanged by users. Cybercriminals can exploit these factory-set admin passwords to alter router settings, emphasizing the importance of creating a unique password and SSID (wireless network name) for enhanced security. 

Unpatched firmware vulnerabilities also present significant risks. Attackers can exploit outdated software to infiltrate a router's internal systems. For instance, in June 2023, Asus issued critical firmware updates to protect against remote code execution attacks. One of the most severe vulnerabilities, CVE-2018-1160, dating back to 2018, carried a high severity rating of 9.8 on the Common Vulnerability Scoring System (CVSS). 

Furthermore, cybercriminals can execute Domain Name Server (DNS) hijacking by altering a router’s DNS settings and redirecting users to malicious phishing websites. These examples underscore the importance of updating router firmware regularly, using strong passwords, and proactively securing Wi-Fi networks. Understanding the signs of a hacked router is essential for safeguarding users' networks. Altered DNS settings are a major indicator of a breach, as hackers may manipulate these settings to redirect users' internet traffic without their knowledge, potentially launching devastating pharming attacks. 

Users can check their router’s DNS settings in the admin menu to ensure they have not been tampered with. Another red flag is an inability to access the router using the user's admin password. If the credentials no longer work, it could mean a hacker has changed them. In such cases, perform a factory reset immediately and create a new, strong password. Unexpectedly slow internet can also hint at a router hack, especially when accompanied by other suspicious activities. Hackers may exploit users' bandwidth, causing noticeable performance drops. Additionally, strange software or malware on users' devices can result from a router breach, as hackers often use this method to infiltrate connected devices. While malware can spread through various means, its presence alongside other signs of hacking is a cause for concern. 

Monitoring users' networks for unrecognized devices is another critical security measure. Tools like AVG AntiVirus FREE can detect when unfamiliar devices join users' Wi-Fi, issuing alerts that prompt further investigation. While unauthorized devices don’t always indicate a router hack, their presence could lead to one, emphasizing the need for continuous network monitoring. Using reliable security software is vital to protecting users' devices and networks. AVG AntiVirus FREE offers comprehensive cybersecurity features, including real-time malware detection, phishing defence, ransomware protection, and tools to secure users' Wi-Fi networks from potential router hackers. Staying vigilant and equipped with robust security measures ensures a safe online experience.

Hackers can easily carry out this kind of attack even if they do not have administrative access to the user's router; they only need to identify the router and the device that users use to do so. An aircraft-ng tool, which is available online, can be used to accomplish this task. As a result, they craft a command that uses the authentication protocol of the users' router to deauthenticate them, which means they are kicked off of the network once more. The study by Forbes found that 86% of users do not change their default credentials despite being notified about it. 

The default credentials for routers can readily be found online, so it is only a matter of a quick Google search before hackers can discover the credentials they need to access the routers of their targeted victims. In that case, they can change things such as the password and the SSID of the network. By changing a user's password, they will be kicked off their network, and by changing their SSID, their network name will be changed. It's possible that they could also hide the users' networks entirely after they have been kicked off and changed their names, which would make it difficult for them to return to the network. Using a variety of methods, scammers can hack into Wi-Fi networks by exploiting the vulnerabilities and unfavourable security practices that exist. 

There is no doubt that the most common method of hacking Wi-Fi passwords in today's world is through brute-force attacks, which involve scanning many different combinations of passwords too to discover someone's password by scanning all of the combinations simultaneously. When they are successful in taking control of the router, they can lock users out of their accounts by changing their passwords. A second method involves the use of the router's default credentials, often left unchanged by users when they set up the router. These factory-provided admin passwords can be vulnerable to abuse by cybercriminals, highlighting the importance of using a unique password and SSID (wireless network name) for enhanced security when setting up users' routers. 

As a result of firmware vulnerabilities that remain unpatched, there are significant risks involved. There are several ways in which attackers can compromise the internal operating systems of a router by exploiting outdated software. Asus's most recent firmware upgrade for its laptops was released in June 2023, preventing remote code execution attacks against the device. On the Common Vulnerability Scoring System (CVSS), which calculates the severity of vulnerabilities based on their association with security incidents and their impact, CVE-2018-1160, dated back to 2018, had a severity rating of 9.8. A further method of executing Domain Name Server (DNS) hijacking is to alter a router's DNS settings, redirecting the user to malicious phishing sites by altering the DNS settings of a router. 

As a result of these examples, router firmware must be updated regularly, strong passwords are used, and wi-fi networks are carefully secured proactively. Recognizing the signs of a hacked router is crucial for protecting users' networks. Altered DNS settings often indicate a breach, as hackers can manipulate these to redirect users' internet traffic and launch phishing or pharming attacks. Regularly reviewing users' routers' DNS settings in the admin menu can help prevent such risks. Similarly, being unable to access the router with their admin password may mean hackers have taken control. In such cases, a factory reset followed by setting a strong new password is essential. 

A sudden drop in internet speed, especially when combined with other suspicious activity, could point to unauthorized bandwidth usage by hackers. Additionally, unexpected malware or unfamiliar software on users' devices might result from a router breach. Monitoring for unrecognized devices on users' networks is equally important, as these can indicate unauthorized access and potential hacking attempts. 

Investing in robust security tools is a key step in safeguarding users' digital environments. Comprehensive solutions like AVG AntiVirus FREE provide 24/7 protection against malware, phishing, ransomware, and other threats while keeping users' network secure from unauthorized access. Staying proactive with these measures is the best defense for ensuing their online safety.
Read more »
Social Security Number
Data Breach Digital Security Passwords Sensitive data Social Security Number

Why Ignoring Data Breaches Can Be Costly




Data breaches are now more rampant than ever, exposing passwords and payment details to hackers. You could be getting breach alerts that pop up every so often, warning you that your data has been exposed. It's a wake-up call on how rampant the breaches are.

A Persistent Problem 

Data breaches have become part of our online lives. From credit card numbers to social security information, hackers never cease their attempts to access sensitive data. In fact, many breaches are financially driven, and about 95% of cyberattacks aim for money or valuable information. Still, despite all the news every day, companies often do not realise they have been breached until almost six months pass. The average time to discovery is 194 days according to Varonis. Therefore, the attackers have sufficient time to use the information before the companies can even initiate their response.

Rise of Breach Blindness

Over time, exposure to breach after breach has created "breach blindness," as if these alerts do not matter anymore. Since most of the time, nothing immediate happens, it is easy to scroll past breach notifications without thinking twice. This apathy is dangerous. Such a lack of care could mean stolen identities, financial fraud, and no one holding the companies accountable for their inability to protect the data.

When companies lose money as a result of these breaches, the consumer pays for it in the form of higher fees or costs. IBM reports that the worldwide average cost of a data breach is nearly $5 million, a 10% increase from last year. Such a high cost is a burden shared between the consumer and the economy at large.

How to Protect Your Data

Although companies are liable for securing data, there are various measures that can be undertaken personally. The first and most obvious measure is that your account should have a very strong and unique password. Hackers rely on frequently used, weakly protected passwords to bypass most accounts. Changing them with complexity makes it even more challenging for attackers to bypass and get to compromising your data.

It is much important to stay vigilant nowadays with data breaches being as common as a part and parcel of the internet. This breach, little by little, erodes privacy online and security. Stop pretending not to know those prompts; take them as warnings to check on your web security and work on strengthening it if needed. The one thing to do with all this is to keep apprised so as to not be taken in on the hook.




Read more »
Privacy
Cyber Security DPC Encryption Fine GDPR Meta Passwords Plaintext Privacy

Meta Fined €91 Million by EU Privacy Regulator for Improper Password Storage

 

On Friday, Meta was fined €91 million ($101.5 million) by the European Union's primary privacy regulator for accidentally storing some user passwords without proper encryption or protection.

The investigation began five years ago when Meta informed Ireland's Data Protection Commission (DPC) that it had mistakenly saved certain passwords in plaintext format. At the time, Meta publicly admitted to the issue, and the DPC confirmed that no external parties had access to the passwords.

"It is a widely accepted practice that passwords should not be stored in plaintext due to the potential risk of misuse by unauthorized individuals," stated Graham Doyle, Deputy Commissioner of the Irish DPC.

A Meta spokesperson mentioned that the company took swift action to resolve the error after it was detected during a 2019 security audit. Additionally, there is no evidence suggesting the passwords were misused or accessed inappropriately.

Throughout the investigation, Meta cooperated fully with the DPC, the spokesperson added in a statement on Friday.

Given that many major U.S. tech firms base their European operations in Ireland, the DPC serves as the leading privacy regulator in the EU. To date, Meta has been fined a total of €2.5 billion for violations under the General Data Protection Regulation (GDPR), which was introduced in 2018. This includes a record €1.2 billion penalty issued in 2023, which Meta is currently appealing.
Read more »
Privacy
Apple iCloud iOS18 Login Security Online Security Passwords Privacy

Say Goodbye to Login Struggles with Apple’s New ‘Passwords App’

 


With its much-awaited iOS 18, Apple is now launching an app called Passwords, created to help improve one of the oldest but least-tampered-with needs when it comes to digital security: password management. Now, the 'Passwords' app is downloadable on iPhones, iPads, and Macs. In an effort to make the habits of how users store and protect their digital credentials seem less mysterious, Apple is hoping to bring about better password security to millions of people with this long-standing feature being moved into a dedicated application.


All New Standalone Password Manager

Years ago, Apple's Keychain system stealthily protected its users' passwords, so they never had to remember complex login information for every app and website. But with iOS 18, Keychain is revamped and placed into an app that is not only visible but friendly to users: the new passwords app gathers all login credentials and passkeys in one place, thus making them easier to control. And this finally speaks to the increasing focus of Apple on usability as well as security- the app promises to be easier to use than ever before for consumers who are hardly familiar with password managers.

Apple's new app was warmly welcomed by Talal Haj Bakry and Tommy Mysk from the security firm Mysk because it represented a far easier approach toward password management. According to them, it will also make users realise that password management is quite essential by giving users a secure default tool preinstalled on every Apple device. Interestingly, Passwords makes use of end-to-end encryption, meaning no one, including Apple, knows what is saved in your credentials.


Password Manager Features and Design

In terms of design, the Passwords app presents a minimal interface with six main sections: All, Passkeys, Codes, Wi-Fi, Security, and Deleted. All these can be used to securely store several types of information. It's particularly noteworthy in the Security section, as this would identify weak or compromised passwords so that one can work out improved login credentials.

Apple saves all the login details synchronised through iCloud, hence a user can always access his or her account in whichever device he may be using. However, users who want to maintain their privacy are given the option of turning off the syncing feature for certain devices. With Face ID protection, the app is secured from unauthorised access by others.

All the information previously saved will automatically migrate from Keychain to Passwords, including sign-in details from the Sign In feature from Apple.


Why Improve Your Password Habits?

Part of that effort is Apple's Passwords, introducing passwords with the goal of streamlining and encouraging better password practices among users. According to cybersecurity expert Siamak Shahandashti, making the Passwords app more notable is encouraging users to start embracing stronger passwords and be more meticulous in the digital sphere in general. To Shahandashti, existing authentication systems are too complex for everyday folks, and that's what he sees the Apple app doing- filing in the gap.

The other feature is that the app supports passkeys, which are considered to be the next-generation replacement for passwords. Passkeys provide better security without having you remember such long, convoluted passwords. To promote the passwordless security feature, Apple automatically activated an option available in the security setting that enables existing accounts to be updated to utilise passkeys when possible.


Impact on the Password Management Industry

With its entry into the password management space, Apple holds high potential to seriously disrupt long-standing players in this area, namely third-party apps. As the new Passwords app on Apple is integrated throughout its ecosystem and synced through iCloud, it can easily attract many users searching for an easy included solution instead of seeking third-party apps. Critics instead point out that Apple locks users into the system when it constrains ease of exporting data to other platforms.

Ultimately, with so many options in the market for password management, this new application from Apple can turn out to be the "one stop shop" for millions of users. It simplifies password management and strengthens security, and hence forms a great option for those who haven't adopted a password manager yet or are looking for an integrated solution.

All in all, Apple's Passwords app is a meaningful step forward in digital security, letting people manage their passwords and passkeys in a streamlined and secure way. For many, it may be the perfect solution toward solving log-in issues while also amplifying online security.


Read more »
Security
cyber attack Cyber Attacks FBI IT Industry Passwords Ransomware Security

IT Manager Faces Charges for Locking Computers to Demand Money


 

A recent case has highlighted that ransomware threats can sometimes come from within an organisation. Daniel Rhyne, a 57-year-old IT administrator from Kansas City, Missouri, has been accused of holding his own company hostage by locking down their systems and demanding a ransom to restore access.

The incident occurred in November last year when Rhyne was employed at an industrial company based in Somerset County, New Jersey. According to the Federal Bureau of Investigation (FBI), Rhyne allegedly took control of the company’s network by resetting the passwords of network administrator accounts as well as those of hundreds of employees. He then proceeded to delete critical backups and locked out both servers and workstations, crippling the organisation’s operations.

An hour after initiating the attack, Rhyne allegedly sent an email to the company's employees informing them of the situation and demanding a ransom in exchange for unlocking the systems. The FBI claims this was an attempt at extortion, with Rhyne threatening further damage if his demands were not met.

Rhyne’s actions were investigated by the FBI, and he has been charged with multiple counts, including extortion, intentional damage to a protected computer, and wire fraud. Should he be convicted of all charges, he faces up to 35 years in prison and a $500,000 fine, as reported by The Register.

Several pieces of evidence were gathered by the FBI to support their case against Rhyne. For instance, he allegedly used a tool known as PsPasswd, a Windows Sysinternals utility, to reset user passwords. The new password set for the accounts was "TheFr0zenCrew!", a telling detail that investigators believe connects him directly to the attack. Rhyne also reportedly kept a hidden virtual machine (VM) on his company-issued laptop, allowing him to maintain remote access to the network's administrative controls.

Adding to the case, the FBI noted that Rhyne's digital activities prior to the attack were suspicious. He allegedly used his work laptop to search for ways to alter administrator passwords via command-line tools, which are often used by IT professionals to manage networks remotely. Investigators claim that on the day of the attack, Rhyne was seen logging into his work laptop, conducting these searches, and reviewing company password spreadsheets while also accessing the hidden VM.

The fact that he used his company-issued laptop to perform these actions leaves a strong digital trail linking him to the crime. The FBI’s detailed investigation paints a clear picture of how the attack was executed, utilising common IT tools to gain unauthorised control over the company’s systems.

If Rhyne is found guilty, his actions could serve as a warning to organisations about the potential for internal threats. It highlights the need for companies to have strong security protocols in place, not just to defend against external hackers but also to safeguard against malicious insiders who have privileged access to sensitive systems.

This case illustrates how cyberattacks are evolving and how attackers, even those within the organisation, can exploit their knowledge and access to launch devastating attacks. Organisations must remain vigilant and continually monitor for suspicious behaviour, no matter the source, to protect their critical digital infrastructure.


Read more »
Privacy
Amazon Android Vulnerability Cyberattacks Cyberdrime Cybersecurity CyberThreat Facebook Kaspersky Passwords Privacy

Security Alert for Gmail, Facebook, and Amazon Users

 


The number of hacks that occur on Google, Gmail, and Amazon accounts keeps on rising, causing users to become anxious. By using phishing tactics, hackers are targeting users' passwords for Gmail, Facebook, and Amazon through phishing campaigns that pose significant risks to their personal information. 

A new notice has appeared warning users of Google Mail, Facebook, and Amazon that there has been a new attack on password hacking that puts their personal information at risk because society has gone digital and protecting your credentials is "the name of the game." There is no denying the fact that these platforms are among the most popular in the world, so it is vital to have a good understanding of what threats are coming and what possibilities there are to prevent these threats. 

Overall, cybersecurity experts predict a steady increase for the year, but they also note that the complexity of password hacks for Gmail and Facebook, as well as attempts to access Amazon accounts, has grown dramatically as well. It has been found that the complexity of password hacks for Gmail and Facebook has increased dramatically as a result of increased complexity in the attacks. 

Typically, these hacking attempts benefit from phishing attacks, brute force attacks, and social engineering attacks, all of which are designed to take advantage of overly trustful users or weaknesses within the platforms that make them vulnerable. Several new threat analyses, including those conducted by Kaspersky Labs, reveal that password theft attacks have become increasingly common against Amazon users, Facebook users, and, most of all, Google users. There have been several attacks targeting these platforms, including those aimed at stealing passwords. 

Kaspersky reported an increase of 40% in attempts of hackers to entice users to access malicious sites impersonating these brands in comparison to last year based on a study it conducted. It is no surprise that malicious hackers are seeking credentials for Gmail, Facebook, and Amazon accounts to spread their malicious programming. As a matter of fact, these accounts may be exploited to reach the full heights of cybercrime by committing data theft, malware distribution, and credit card fraud all at the same time. 

A Google account is a skeleton key that can be used to unlock an entire treasure trove of other account credentials, as well as personal information, enabling fraudsters to access a treasure trove of private information. The information contained in a user's Gmail inbox is immeasurable when compared to that contained in their inbox on the web, and the chances are that they will have one given how popular this web-based free email service is with most people these days. As per Kaspersky reports, hackers are mainly targeting Google, Amazon, and Facebook passwords in their effort to steal personal information. 

During the first half of 2024, Kaspersky Security reported a 243% increase in the number of attack attempts, with the company itself preventing approximately 4 million attempts. It is estimated that Facebook users were exposed to 3.7 million phishing attempts during the same period, and Amazon users were exposed to 3 million.  In an interview with Kaspersky Internet Security, Olga Svistunova, who is an expert in data security at the company, warned that a criminal with access to a Gmail account may be able to access "multiple services". 

Thus, it is important to note that not only may business information be leaked as a result, but also the personal information of customers can also be leaked as a result. To target these platforms, hackers are looking for account passwords, as getting access to these platforms allows them to commit fraud, distribute malware, and steal sensitive information. It is proposed that Google accounts are especially valuable since they can be used to hack into other accounts and to collect personal information that can be used in fraud attempts. 

According to researchers at GuidePoint Research and Intelligence Team, Rui Ataide and Hermes Bojaxhi of the GuidePoint Research and Intelligence Team, there is an ongoing phishing campaign targeting more than 130 U.S. organizations, which has been detected as a new and worrying one. There have been so many misuses of the term "highly sophisticated threat actor" in recent years that it almost has lost all meaning, but the tactics and intrusion capabilities that were employed by this as-yet-unnamed attacker have led the GRIT researchers to conclude that this attacker deserves to be called such a label. 

A spear-phishing attack, as with other spear-phishing campaigns, revolves around the targeting of specific employees within an organization rather than attempting to hit every single email account in an organization with a scattergun approach, as is so often the case with so-called spear-phishing campaigns. The attack has also targeted other tech giants, including Microsoft and Apple, as well as numerous smaller companies. Additionally, DHL, Mastercard, Netflix, eBay, and HSBC are also among the companies involved.  

Cloud security provider Netskope, in a recent report, found a 2,000-fold increase in traffic to phishing pages sent through Microsoft Sway, a cloud-based application that provides users with the ability to create visual instructions, newsletters, and presentations through the use of visual illustrations. Hackers are increasingly exploiting a technique known as “quishing,” a form of phishing that utilizes QR codes to deceive users into logging into malicious websites, thereby stealing their passwords. This method is particularly effective as QR codes can bypass email scanners designed to detect text-based threats. 

Additionally, since QR codes are frequently scanned with mobile devices—which often lack the robust security measures found on desktops and laptops—users become more vulnerable to these types of attacks. A new variant of QR code phishing has been recently detailed by J. Stephen Kowski, the Field Chief Technology Officer at SlashNext, in a LinkedIn article. Unlike traditional QR code phishing, which typically involves an image-based QR code redirecting users to a malicious site, this new method leverages Unicode text characters to create QR codes. 

According to Kowski, this approach presents three significant challenges for defenders: it evades image-based analysis, ensures accurate screen rendering, and creates a duality in appearance between the screen rendering and plain text, making detection more difficult. Given these emerging threats, individuals who frequently use platforms such as Google’s Gmail, Facebook, and Amazon, as well as other major online services, should exercise caution to avoid becoming victims of identity theft. The risk of falling prey to password-hacking attempts can be significantly reduced by adhering to best practices in security hygiene across different accounts and maintaining a high level of vigilance. 

In today’s technology-driven world, personal awareness and proactive measures serve as the first line of defence against such cyber threats. Protecting Business Accounts from Phishing Attacks 

1. Recognize Phishing Indicators

- Generic Domain Extensions: Be cautious of emails from generic domains like "@gmail.com" instead of corporate domains, as attackers use these to impersonate businesses.

- Misspelt Domains: Watch for near-identical domains that slightly alter legitimate ones, such as "Faceb0ok.com." These deceptive domains are used to trick users into providing sensitive information. 

- Content Quality: Legitimate communications are typically polished and professional. Spelling errors, poor grammar, and unprofessional formatting are red flags of phishing attempts. 

- Urgency and Fear Tactics: Phishing messages often create a sense of urgency, pressuring recipients to act quickly to avoid negative consequences, such as account suspensions or security breaches. 

- Unusual Requests: Be wary of unexpected requests for money, personal information, or prompts to click links or download attachments. Hackers often impersonate trusted entities to deceive recipients. 

2. Implement Security Software 

- Install robust security tools, including firewalls, spam filters, and antivirus software, to guard against phishing attacks. 

- Utilize web filters to restrict access to malicious websites. - Regularly update software to patch vulnerabilities and protect against new threats. 

3. Use Multi-Factor Authentication (MFA) 

- Enhance account security by implementing MFA, which requires a second verification factor (e.g., a code, fingerprint, or secret question) in addition to a password. 

- MFA significantly reduces the risk of unauthorized access and helps safeguard business credentials. By staying vigilant, maintaining updated security software, and utilizing MFA, businesses can better protect their accounts and sensitive information from phishing attacks.
Read more »
Passwords
Data Breach Department of Homeland Security Elections Illinois Passwords

Massive Exposure of Illinois Voter Data Raises Security Concerns


 

Cybersecurity expert Jeremiah Fowler recently uncovered a concerning data breach involving over 4.6 million voter records and election-related documents. These sensitive files were discovered in 13 unprotected databases managed by a technology contractor based in Illinois.

Company Behind the Exposure

The databases were traced back to Platinum Technology Resource, a firm providing election technology and services to various counties across Illinois. Fowler revealed that by altering county names in the database URLs, he could access additional exposed databases, some of which had minimal security protections.

The exposed records included critical personal information such as voter names, addresses, dates of birth, Social Security numbers, and driver’s licence numbers. Additionally, the databases contained documents with candidate information, including contact details and voter petitions with signatures.

Although Fowler did not find any immediate misuse of the data, the potential risks are substantial. Malicious individuals could exploit this information for identity theft, voter intimidation, or spreading disinformation. Fowler noted that having access to such personal information could allow bad actors to send misleading information about voting procedures or use past voting history to harass voters.

Long-term Service of the Company

Platinum Technology Resource has been providing election services in Illinois for over three decades. Their services include voter registration, election-day support, ballot management, tabulation, and election management software. This long-standing service highlights the importance of ensuring robust security measures to protect sensitive election data.

We need strong cybersecurity protocols to protect the integrity of the electoral process. Since 2017, the Department of Homeland Security has recognised election infrastructure as critical, acknowledging the severe impact that potential attacks could have.

Fowler recommends that organisations managing sensitive election data implement a combination of access controls and encryption to secure their databases. This includes using unique, time-limited access tokens for authorised users instead of relying solely on passwords, which can be easily compromised.

Preserving Public Trust in Elections

With the 2024 election season approaching, safeguarding the electoral process in the United States is more urgent than ever. Fowler emphasised the importance of maintaining public trust in the electoral system, especially in light of the controversies surrounding the 2020 election.

By implementing robust cybersecurity measures, election officials can ensure that voter data remains secure, thereby preserving the integrity of democratic processes. This incident serves as a stark reminder of the importance of vigilant data protection practices in the digital age.

The exposure of millions of voter records highlights pressing vulnerabilities in our election systems. As technology continues to play a crucial role in elections, ensuring the security of sensitive data must be a top priority for all involved parties. Robust cybersecurity measures are essential to protect the integrity of our democratic institutions and maintain public trust in the electoral process.



Read more »
Privacy
Banks Cyberattacks CyberCrime Cyberhackers CyberThreat Digital Token OTP Passwords Privacy

Singapore Banks Phasing Out OTPs in Favor of Digital Tokens

 


It has been around two decades since Singapore started issuing one-time passwords (OTPs) to users to aid them in logging into bank accounts. However, the city-state is planning to ditch this method of authentication shortly. Over the next three months, major retail banks in Singapore are expected to phase out the use of one-time passwords (OTP) for account log-in by digital token users as part of their transition away from one-time passwords. 

With an activated digital token on their mobile device, customers will need to either use the token to sign in to their bank account through a browser or the mobile banking app on their mobile device. In a joint statement on Tuesday (Jul 9), the Monetary Authority of Singapore (MAS) and The Association of Banks (ABS) said that, while the digital token is designed to authenticate customers' logins, there will not be an OTP needed to prove identity, which scammers can steal or trick victims into disclosing. 

There is also a strong recommendation to activate digital tokens by those who haven't already done so, as this will greatly reduce the chance of having one's credentials stolen by unauthorized personnel. According to The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS), within the next three months, major retail banks in Singapore will gradually phase out the use of One-Time Passwords (OTPs) to log into bank accounts by customers who are using digital tokens. 

By doing this, the banks hope to better protect their customers against phishing attacks - at the very least against scams in which scammers get their customers to divulge their OTPs. To secure bank accounts, MAS and ABS encourage the use of digital tokens - apps that run on smartphones and provide OTPs - as a source of second-factor authentication, as opposed to software programs that are installed on computers. 

There will be better protection for them against phishing scams since they have been among the top five scam types over the past year, with at least SGD 14.2 million being lost to these scams, as outlined in the Singapore Police Force Annual Scams and Cybercrime Brief 2023, which was released in January of this year. When customers activate their digital tokens on their mobile devices, they will have to use these tokens when logging in to their bank accounts through the browser or by using the mobile banking app on their mobile devices. 

With the help of the token, scammers will be unable to steal your OTP, which customers may be tricked into revealing, or steal non-public information about themselves that they will be asked to provide. To lower the chances of having identity credentials phished, MAS and ABS have urged customers who haven't activated their digital token to do so, so that they don't become a victim of identity theft. The use of One Time Passwords (OTPs) has been used since early 2000 as a multi-factor authentication option to strengthen the security of online transactions. 

Nevertheless, technological advancements and more sophisticated social engineering tactics have since made it possible for scammers to manipulate phishing requests for customers' OTPs with more ease, such as setting up fake bank websites that closely resemble real banks' websites and asking for the OTP from them. As a result of this latest step, the authentication process will be strengthened, and it will be harder for scammers to trick customers out of money and funds by fraudulently accessing their accounts using their mobile devices without explicit authorization. 

During the 2000s, one-time passwords were implemented as a means to enhance the security of online transactions to strengthen multi-factor authentication. MAS and ABS have both warned consumers to be cautious about phishing for their OTP as a result of technological improvements and increasingly sophisticated social engineering techniques. There have been several phishing scams in Singapore over the past year, with at least $14.2 million lost to these scams, according to records released by the Singapore Police Force earlier this month. 

It is expected that this latest measure will enhance authentication and will ensure that scammers will not be able to fraudulently access a customer's accounts and funds without the explicit permission of the customer using their mobile devices," they commented. According to ABS Director Ong-Ang Ai Boon, this measure may cause some inconveniences for some consumers, but it is essential to help prevent unscrupulous suppliers and protect customers in the long run. 

The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced a collaborative effort to strengthen protections against digital banking scams. This initiative involves the gradual phasing out of One-Time Passwords (OTPs) for bank logins by customers utilizing digital tokens on their mobile devices. This rollout is anticipated to occur over the next three months. MAS, represented by Loo Siew Yee, Assistant Managing Director (Policy, Payments & Financial Crime), emphasized their ongoing commitment to safeguarding consumers through decisive action against fraudulent digital banking activities. 

The elimination of OTPs aims to bolster customer security by mitigating the risks associated with phishing attacks. Phishing scams have evolved alongside advancements in technology, enabling fraudsters to more effectively target customer OTPs. They often achieve this by creating deceptive websites that closely mimic legitimate banking platforms. ABS, represented by Director Ong-Ang Ai Boon, acknowledged that this measure might cause minor inconveniences. 

However, they firmly believe such steps are essential to prevent scams and ensure customer protection. MAS, through Ms. Loo, reaffirmed the significance of maintaining good cyber hygiene practices in conjunction with this latest initiative. Customers are urged to remain vigilant and safeguard their banking credentials at all times. MAS and ABS jointly urge customers who haven't activated their digital tokens to do so promptly. 

This action minimizes the vulnerability of their credentials to phishing attempts. By implementing this multifaceted approach, MAS and ABS aim to create a more secure digital banking environment for customers in Singapore.
Read more »
Privacy
Algorithm Data Kaspersky Online Security Passwords Privacy

Many Passwords Can Be Cracked in Under an Hour, Study Finds


 

If you're not using strong, random passwords, your accounts might be more vulnerable than you think. A recent study by cybersecurity firm Kaspersky shows that a lot of passwords can be cracked in less than an hour due to advancements in computer processing power.

Kaspersky's research team used a massive database of 193 million passwords from the dark web. These passwords were hashed and salted, meaning they were somewhat protected, but still needed to be guessed. Using a powerful Nvidia RTX 4090 GPU, the researchers tested how quickly different algorithms could crack these passwords.

The results are alarming: simple eight-character passwords, made up of same-case letters and digits, could be cracked in as little as 17 seconds. Overall, they managed to crack 59% of the passwords in the database within an hour.

The team tried several methods, including the popular brute force attack, which attempts every possible combination of characters. While brute force is less effective for longer and more complex passwords, it still easily cracked many short, simple ones. They improved on brute force by incorporating common character patterns, words, names, dates, and sequences.

With the best algorithm, they guessed 45% of passwords in under a minute, 59% within an hour, and 73% within a month. Only 23% of passwords would take longer than a year to crack.

To protect your accounts, Kaspersky recommends using random, computer-generated passwords and avoiding obvious choices like words, names, or dates. They also suggest checking if your passwords have been compromised on sites like HaveIBeenPwned? and using unique passwords for different websites.

This research serves as a reminder of the importance of strong passwords in today's digital world. By taking these steps, you can significantly improve your online security and keep your accounts safe from hackers.


How to Protect Your Passwords

The importance of strong, secure passwords cannot be overstated. As the Kaspersky study shows, many common passwords are easily cracked with modern technology. Here are some tips to better protect your online accounts:

1. Use Random, Computer-Generated Passwords: These are much harder for hackers to guess because they don't follow predictable patterns.

2. Avoid Using Common Words and Names: Hackers often use dictionaries of common words and names to guess passwords.

3. Check for Compromised Passwords: Websites like HaveIBeenPwned? can tell you if your passwords have been leaked in a data breach.

4. Use Unique Passwords for Each Account: If one account gets hacked, unique passwords ensure that your other accounts remain secure.

Following these tips can help you stay ahead of hackers and protect your personal information. With the increasing power of modern computers, taking password security seriously is more important than ever.


Read more »
Passwords
Data Breach Dropbox Dropbox sign MFA Passwords

DropBox E-Signature Breach Exposes Customer Data

 


DropBox has announced a breach in its DropBox Sign eSignature platform, formerly known as HelloSign. The breach, uncovered on April 24, has left customer data vulnerable, including authentication tokens, MFA keys, hashed passwords, and personal information.

The breach was first detected on April 24, prompting DropBox to launch a thorough investigation into the matter. Through this investigation, it was revealed that threat actors had gained unauthorised access to a crucial configuration tool within the backend services of the DropBox Sign platform. This access granted them added privileges, allowing them to penetrate the customer database.

The compromised data encompasses a bulk of sensitive information, ranging from customer emails, usernames, and phone numbers to hashed passwords and account settings. Even individuals who had not registered accounts with DropBox Sign had their email addresses and names exposed, magnifying the scope of the breach.

Some Measures To Consider 

DropBox readily took action to restore the collateral damage. All user passwords were reset, and all sessions to DropBox Sign were logged out as a precautionary measure. Furthermore, the company imposed restrictions on the usage of API keys until they could be rotated by the respective customers. Additionally, users who employ Multi-Factor Authentication (MFA) are advised to delete and reconfigure their settings with new keys obtained from the official website.

No Access to Documents

DropBox has reassured its users that the threat actors did not manage to access any customer documents or agreements. Moreover, the breach did not extend to other DropBox services, offering a semblance of relief amidst the security concerns.

Precautions for Users

Users are urged to remain cautious against potential phishing attempts indulging the compromised data. Should users receive an email prompting a password reset, it is imperative to refrain from clicking any links within the email. Instead, users should reset their passwords directly through the DropBox Sign website to ensure their security.

This breach isn't DropBox's first encounter with security challenges. In 2022, the company disclosed a breach wherein threat actors stole 130 code repositories by infiltrating the company's GitHub accounts using stolen employee credentials.

DropBox is actively addressing the breach and has provided comprehensive guidance to affected users. While the breach surfaces the critical importance of robust cybersecurity measures, users can play their part by staying informed and adhering to the precautionary measures outlined by DropBox. By doing so, users can help mitigate the impact of the breach and safeguard their sensitive information in the face of emerging cyber threats.


Read more »
Threat Researchers
Cheat cryptocurrency Cyberattacks CyberCrime Cyberthreats GitHub Info-stealing JIT malware McAfee Passwords Threat Researchers

Information Stealer Malware Preys on Gamers via Deceptive Cheat Code Baits

 


There is a new info-stealing malware that appears as a cheat on a game called Cheat Lab, and it promises downloaders that if they convince their friends to download it too, they will receive a free copy. It is possible to harvest sensitive information from infected computers by using Redline malware, including passwords, cookies, autofill information, and cryptocurrency wallet information, which is one of the most powerful information-stealing malware programs. 

As a result of the malware's popularity among cybercriminals and its widespread distribution channels, it has become widespread. According to McAfee threat researchers, the new malware leverages Lua bytecode to evade detection. This makes it possible to inject malicious code into legitimate processes for stealth, while also benefiting from Just-In-Time compilations (JIT). 

Using a command and control server associated with the malware, the researchers link this variant to Redline, which has been linked to the malware for a long time. The tests BleepingComputer conducted revealed that the malware does not exhibit the typical behaviour associated with Redline, such as stealing browser information, saving passwords, and stealing cookies. 

Through a URL linked to Microsoft's 'vcpkg' GitHub repository, the malicious Redline payloads resemble demonstrations of cheating tools named "Cheat Lab" and "Cheater Pro". When the malware is executed, it unpacks two files, compiler.exe and lua51.dll, once the MSI installer is installed.  The malicious Lua bytecode is also dropped in a file called 'readme.txt'. 

The campaign uses an interesting lure to spread the malware even further by telling victims that if they convince their friends to install the cheating program, they will receive a free, fully licensed copy of the cheating program. As an added layer of legitimacy, the malware payload is distributed in the form of an uncompiled bytecode rather than an executable to avoid detection. 

To make sure that the malware is not detected, it comes in the form of an activation key included. Upon installation of the compiler.exe program, Lua bytecode is compiled and executed by it, and it also creates scheduled tasks that execute during system startup when the program is installed. The same executable also sets up persistence by creating scheduled tasks. 

McAfee reports that a fallback mechanism is used by the malware to persist the three files, copying them to a long random path under the program directory that the malware is active on the infected system, it will communicate with a C2 server and send screenshots and system information to the server, then wait for commands to be executed by the server on the host system. 

Even though it is unknown exactly how information thieves first infect computers, they are typically spread through malvertising, YouTube video descriptions, P2P downloads, and deceptive software download sites that can lead to infection. The Redline virus is a highly dangerous one, which is why users are urged not to use unsigned executables or download files from unreliable websites. 

As a result of this atta seemingly trustworthy programs, such as those found on Microsoft's GitHub, are at risk of infection by the Even though BleepingComputer contacted Microsoft about the executables that were distributed via its GitHub URLs, the company had not respond to the publication date.
Read more »
Subscribe to: Posts (Atom)