2014, Authentication and Encryption - Cyber Security Informer

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. Retail giant Home Depot has agreed to a $17.5 ” . .

Retail

Retail Data breaches Penetration Testing Password Management

BLURtooth flaw allows attacking Bluetooth encryption process

Security Affairs

SEPTEMBER 10, 2020

versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. The vulnerability could be exploited by attackers to overwrite or lower the strength of the pairing key, defeating the protocol encryption. Bluetooth 4.0 affects “dual-mode” Bluetooth devices, like modern smartphones.

Encryption

Encryption Authentication Wireless Advertising

A flaw in India Digilocker could?ve been exploited to bypass authentication

Security Affairs

JUNE 8, 2020

DigiLocker provides an account in cloud to every Aadhaar holder to access authentic documents/certificates such as driving license, vehicle registration, academic mark sheet in digital format from the original issuers of these certificates. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Mobile Accountability Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.” ” Experts pointed out that the vulnerability does not reside in the Wi-Fi encryption protocol, instead, the issue is related to the way some chips implemented the encryption.

Encryption

Encryption Wireless Manufacturing Advertising

OpenSSL Patches New Bug Targeting Encryption [Lessons from Heartbleed]

Security Boulevard

MAY 5, 2022

OpenSSL Patches New Bug Targeting Encryption [Lessons from Heartbleed]. A flaw in the encryption algorithm used to underpin OpenSSL was exploited, triggering an infinite number of requests when certain input value(s) are used. “The Encryption must be encrypted. Then Don’t Ban End-to-End Encryption. Related Posts.

Encryption

Encryption Software Media Authentication

A flaw in Microsoft OAuth authentication could lead Azure account takeover

Security Affairs

DECEMBER 3, 2019

The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Disable non-used applications.”

Authentication

Authentication Accountability Social Engineering Advertising

Bluetooth BIAS attack threatens billions of devices

Security Affairs

MAY 19, 2020

“To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to impersonate a previously paired/bonded device and successfully authenticate without knowing the link key. The issue potentially impact over a billion of devices.

Authentication

Authentication Encryption Wireless Advertising

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Security Affairs

JULY 31, 2020

One of the most security issues is a critical authentication bypass vulnerability, tracked as CVE-2020-3382. The vulnerability can allow a remote, unauthenticated attacker to bypass authentication and perform actions with admin privileges on the vulnerable device. ” reads the advisory published by Cisco.

Authentication

Authentication Advertising Software Encryption

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

It also provides an authenticated inter-process communication mechanism. Since 2016, Microsoft is urging admins to stop using SMBv1, later versions of the protocol implemented security enhancements, such as encryption, pre- authentication integrity checks to prevent man-in-the-middle (MiTM) attacks, and insecure guest authentication blocking.

Authentication

Authentication Malware Advertising Hacking

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

EventBot is a mobile banking trojan and infostealer that abuses Android’s accessibility features to steal user data from financial applications, read user SMS messages, and steal SMS messages to allow the malware to bypass two-factor authentication.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Mobile

Mobile Financial Services Banking Malware

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code.” The JavaScript URL is hardcoded in the loader script in encrypted format, experts observed that the attackers can change the URL for each victim. Pierluigi Paganini.

eCommerce

eCommerce Malware Encryption Advertising

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

. “Once an actor has infiltrated a network with Netwalker, a combination of malicious programs may be executed to harvest administrator credentials, steal valuable data, and encrypt user files. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Advertising Government

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

Norton got ‘ demergered ’ from Symantec in 2014 and then acquired LifeLock for $2.3 There are simple steps consumers can take today, for free, to lower their overall risk of a cyber attack, including using multi-factor authentication for their accounts and using strong passwords. A lot of water has flowed under the bridge since then.

Antivirus

Antivirus Marketing Identity Theft Social Engineering

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication. Encrypting sensitive data wherever possible.

Healthcare

Healthcare Backups Ransomware Insurance

Android Pie introduces important security and privacy enhancements

Security Affairs

DECEMBER 27, 2018

The latest version of Google OS, Android Pie, implements significant enhancements for cybersecurity, including a stronger encryption and authentication. The tech giant updated the File-Based Encryption implementing the support for external storage media, it also included the metadata encryption with hardware support.

Mobile

Mobile Encryption Authentication Advertising

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. The Enterprise mode implements 192-bit encryption for networks that require extra security. Pierluigi Paganini.

Passwords

Passwords Hacking Wireless Authentication

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” “For instance, Intel CSME interacts with CPU microcode to authenticate UEFI BIOS firmware using BootGuard. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Technology Advertising Authentication

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. ” The seller claims to have usernames, encrypted passwords, email addresses, complete names, physical addresses, and IP addresses for the platform users.

Hacking

Hacking Data breaches Identity Theft Advertising

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication.” Many vendors are affected.

Encryption

Encryption Authentication Internet Internet

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

Authentication. To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). Encryption. The authorization and/or authentication of your APIs should be delegated. Just be cryptic. with ID tokens.

Authentication

Authentication Firewall Encryption Passwords

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Hacking DNS Authentication

Experts disclose security flaws in Oracle’s iPlanet Web Server

Security Affairs

MAY 11, 2020

The first issue, tracked as CVE-2020-9315 , could allow unauthenticated remote attackers to gain read-only access to any page within the administration console, without authentication, by simply replacing an admin GUI URL for the target page. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Social Engineering

Social Engineering Phishing Advertising Encryption

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

In May, Malwarebytes researchers observed the Mac version of Dacls being distributed via a Trojanized two-factor authentication application for macOS called MinaOTP, mostly used by Chinese speakers. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Ransomware Advertising Encryption

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

MAY 11, 2020

To maximize your network security, always protect your router with a unique password and use an encrypted network. To resolve this issue, organizations must opt for two-factor authentication for their system. Encrypted Tools. Most of the online tools are not secured and do not provide end to end encryption.

Encryption

Encryption Data breaches Advertising Passwords

Marriott Breach: More than 500 Million Guest Affected

Adam Levin

NOVEMBER 30, 2018

. “The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it,” Marriott disclosed in a statement. The vulnerability that the hackers took advantage of had been in place and used for “unauthorized access,” according to the company statement, since 2014.

Identity Theft

Identity Theft Financial Services Password Management Media

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

When accessed remotely, the virtual media service allows plaintext authentication, sends most traffic unencrypted, uses a weak encryption algorithm for the rest, and is susceptible to an authentication bypass. “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Firmware Media Authentication

The strengths and weaknesses of different VPN protocols

Security Affairs

APRIL 26, 2019

Different protocols create different ways that connect your device and the internet through encrypted tunnels. The protocol relies on encryption, authentication and peer-to-peer protocol (PPP) negotiation. However, the speed comes at the cost of encryption. Of all the protocols, PPTP has the lowest level of encryption.

VPN

VPN Encryption Firewall Internet

Moxa Industrial Switches plagued with several flaws

Security Affairs

MARCH 11, 2019

“Successful exploitation of these vulnerabilities could allow the reading of sensitive information, remote code execution, arbitrary configuration changes, authentication bypass, sensitive data capture, reboot of the device, device crash, or full compromise of the device.” Pierluigi Paganini.

Advertising

Advertising Encryption Authentication Passwords

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

The second stage installs itself and loads the third stage using an encrypted, hardcoded path. ESET researchers pointed out that the authors have put significant effort into encryption in order to prevent the analysis of the DePriMon malware. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Telecommunications Advertising Encryption

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Malwarebytes researchers observed the Mac version of Dacls being distributed via a Trojanized two-factor authentication application for macOS called MinaOTP, mostly used by Chinese speakers.

Malware

Malware Advertising Encryption Hacking

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link addressed a critical zero-day vulnerability ( CVE-2017-7405 ) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Archer MR200v4: [link].

Passwords

Passwords Advertising Firmware Authentication

Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images

Security Affairs

MAY 9, 2019

. “Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container that utilize Linux PAM, or some other mechanism that uses the system shadow file as an authentication database, may accept a NULL password for the root user.” “In builds of the Alpine Docker Image (>=3.3)

Passwords

Passwords Advertising Authentication Accountability

Thousands credit card numbers of MoviePass customers were exposed online

Security Affairs

AUGUST 21, 2019

The researcher discovered that the records in the database were not encrypted. According to Techcrunch, which analyzed a sample of 1,000 records, data are authentic. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Encryption Authentication Passwords

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

The gang also claimed on the ‘Stolen data’ page of their Tor leak site that they have stolen unencrypted files from K-Electric before encrypting its systems. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Source BleepingComputer. GB archive.

Ransomware

Ransomware Advertising Engineering VPN

Data of 21 million Mixcloud users available for sale on the dark web

Security Affairs

DECEMBER 1, 2019

. “Our understanding at this time is that the incident involves email addresses, IP addresses and securely encrypted passwords for a minority of Mixcloud users. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.” Pierluigi Paganini.

Data breaches

Data breaches Passwords Advertising Hacking

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

Encryption. Therefore, businesses need encryption along the way. Encryption is merely changing the data to something that seems meaningless, like a code, which the system then decrypts on the other side. Password Protection & Authentication. Multi-Factor Authentication. Pierluigi Paganini.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs

DECEMBER 5, 2019

“Additionally, we are able to determine the exact seq and ack num bers by counting encrypted packets and/or examining their size. Using the encrypted replies to unsolicited packets to determine the sequence and acknowledgment numbers of the active connection to hijack the TCP session. Pierluigi Paganini.

VPN

VPN Encryption Advertising Authentication

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Kr00k Wi-Fi Encryption flaw affects more than a billion devices. New strain of Cerberus Android banking trojan can steal Google Authenticator codes. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Malware Advertising Ransomware

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

NOVEMBER 18, 2019

The total number of certificates used for look-alike domains is more than 400% greater than the number of authentic retail domains. Over half (60%) of the look-alike domains studied use free certificates from Let’s Encrypt. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Retail

Retail Encryption Advertising Phishing

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Firmware Advertising Manufacturing

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

Security Affairs

APRIL 20, 2019

The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to break into Tchap , a new secure messaging app launched by the French government for encrypted communications between officials and politicians. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. or @elysee.fr

Government

Government Encryption Accountability Advertising

Steganography in targeted attacks on industrial enterprises in Japan and Europe

Security Affairs

MAY 29, 2020

Hackers used the Mimikatz tool to steal the authentication data of Windows accounts stored on a compromised system. “The data extracted from the image is consecutively encoded using the Base64 algorithm, encrypted with the RSA algorithm and encoded using Base64 again. ” continues the analysis. Pierluigi Paganini.

Phishing

Phishing Malware Advertising Encryption

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

“Most recent firmware versions have open port 9530/ tcp listening for special commands, but require cryptographic challenge-response authentication for them to be committed. Client uses it’s pre-shared key and constructs encryption key as concatenation of received random number and PSK. Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

no authentication and clear-text communication Incorrect HTTP requests cause out of range access in Zope XSS on the web interface Private SSH key Backdoor APIs Backdoor management access and RCE Pre-auth RCE with chrooted access. This allows an attacker to MITM and decrypt the encrypted traffic.” Pierluigi Paganini.

Accountability

Accountability Advertising Software Authentication

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

BLURtooth flaw allows attacking Bluetooth encryption process

Webinars

Trending Sources

A flaw in India Digilocker could?ve been exploited to bypass authentication

Webinars

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

OpenSSL Patches New Bug Targeting Encryption [Lessons from Heartbleed]

A flaw in Microsoft OAuth authentication could lead Azure account takeover

Bluetooth BIAS attack threatens billions of devices

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Microsoft recommends Exchange admins to disable the SMBv1 protocol

EventBot, a new Android mobile targets financial institutions across Europe

Visa warns of new sophisticated credit card skimmer dubbed Baka

FBI issued a flash alert about Netwalker ransomware attacks

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

New Ransom Payment Schemes Target Executives, Telemedicine

Android Pie introduces important security and privacy enhancements

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

3.4 Million user records from LiveAuctioneers hack available for sale

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

API Security and Hackers: What?s the Need?

Hacking the Twinkly IoT Christmas lights

Experts disclose security flaws in Oracle’s iPlanet Web Server

New MATA Multi-platform malware framework linked to NK Lazarus APT

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Marriott Breach: More than 500 Million Guest Affected

USBAnywhere BMC flaws expose Supermicro servers to hack

The strengths and weaknesses of different VPN protocols

Moxa Industrial Switches plagued with several flaws

DePriMon downloader uses a never seen installation technique

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

TP-Link Archer routers allow remote takeover without passwords

Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images

Thousands credit card numbers of MoviePass customers were exposed online

Netwalker ransomware operators leaked files stolen from K-Electric

Data of 21 million Mixcloud users available for sale on the dark web

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Security Affairs newsletter Round 253

Experts report a rampant growth in the number of malicious, lookalike domains

QSnatch malware infected over 62,000 QNAP NAS Devices

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

Steganography in targeted attacks on industrial enterprises in Japan and Europe

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Stay Connected