2015, Authentication, Encryption and Passwords

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. ” The flaw could allow unauthorized third-party access to the router with admin privileges without proper authentication. .” ” continues the post. ” the expert concludes.

Passwords

Passwords Advertising Firmware Authentication

A flaw in India Digilocker could?ve been exploited to bypass authentication

Security Affairs

JUNE 8, 2020

Any Indian DigiLocker Account Could’ve Been Accessed Without Password. The Indian Government fixed a flaw in the secure document wallet service Digilocker that could have potentially allowed anyone’s access without password. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Mobile Accountability Passwords

WPA3 attacks allow hackers to hack Wi-Fi password

Security Affairs

APRIL 10, 2019

Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks. Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks.

Passwords

Passwords Hacking Advertising Network Security

Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images

Security Affairs

MAY 9, 2019

Since December 2015, Alpine Linux Docker images have been shipped with hardcoded credentials, a NULL password for the root user. 3) contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December 2015.” The bug received a CVSS score of 9.8,

Passwords

Passwords Advertising Authentication Accountability

A flaw in Microsoft OAuth authentication could lead Azure account takeover

Security Affairs

DECEMBER 3, 2019

The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. You can see more API calls documented here.”

Authentication

Authentication Accountability Social Engineering Advertising

NGINX zero-day vulnerability: Check if you’re affected

Malwarebytes

APRIL 13, 2022

Specifically, the NGINX LDAP reference implementation which uses LDAP to authenticate users of applications being proxied by NGINX. Companies store usernames, passwords, email addresses, printer connections, and other static data within directories. The reference implementation was announced in June 2015. The vulnerabilities.

Authentication

Authentication IoT Password Management Firmware

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. In response to the incident, the bidding portal has forced a password reset for all users’ accounts, both bidder and auctioneer ones.

Hacking

Hacking Data breaches Identity Theft Advertising

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

The database required no authentication. Before it was taken offline sometime in the past 12 hours, the database contained millions of records, including the username, password and private encryption key of each mSpy customer who logged in to the mSpy site or purchased an mSpy license over the past six months.

Spyware

Spyware Mobile Advertising Software

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

“Once an actor has infiltrated a network with Netwalker, a combination of malicious programs may be executed to harvest administrator credentials, steal valuable data, and encrypt user files. . Use two-factor authentication with strong passwords. ” continues the alert. Consider installing and using a VPN.

Ransomware

Ransomware VPN Advertising Government

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code.” The JavaScript URL is hardcoded in the loader script in encrypted format, experts observed that the attackers can change the URL for each victim. Pierluigi Paganini.

eCommerce

eCommerce Malware Encryption Advertising

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The ransomware encrypts files on compromised Windows host systems, including physical and virtual servers, the advisory noted, and the executable leaves a ransom note in all directories where encryption occurs, including ransom payment instructions for obtaining a decryption key. BlackByte Ransomware Protection Steps. 7 SP1, 8, 8.1)

Ransomware

Ransomware Encryption Backups Accountability

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” Passwords associated with external authentication systems such as AD or LDAP are unaffected. Pierluigi Paganini.

Firewall

Firewall Ransomware Passwords VPN

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

Encryption. Therefore, businesses need encryption along the way. Encryption is merely changing the data to something that seems meaningless, like a code, which the system then decrypts on the other side. Password Protection & Authentication. Passwords are the baseline of cybersecurity.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

Data of 21 million Mixcloud users available for sale on the dark web

Security Affairs

DECEMBER 1, 2019

The hacker access to users’ data, including usernames , email addresses, SHA-2 hashed passwords, account sign-up dates and country, the last-login date, the internet (IP) address, and links to profile photos. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.”

Data breaches

Data breaches Passwords Advertising Hacking

Hacking the ‘Unhackable’ eyeDisk USB stick

Security Affairs

MAY 12, 2019

The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way. eyeDisk features AES 256-bit encryption for your iris pattern.” The first tests he made attempted to bypass the biometric authentication using a photo, but it did work.

Hacking

Hacking Passwords Authentication Advertising

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

Authentication. To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). Encryption. The authorization and/or authentication of your APIs should be delegated. Just be cryptic.

Authentication

Authentication Firewall Encryption Passwords

Zendesk 2016 security breach may impact Uber, Slack, and other organizations

Security Affairs

OCTOBER 2, 2019

Zendesk discloses a data breach that took place in 2016 when a hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers. In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers.

Data breaches

Data breaches Passwords Authentication Accountability

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

When accessed remotely, the virtual media service allows plaintext authentication, sends most traffic unencrypted, uses a weak encryption algorithm for the rest, and is susceptible to an authentication bypass. In the simplest case, an attacker could simply try the well-known default username and password for the BMC.

Hacking

Hacking Firmware Media Authentication

Expert found hundred of vulnerable Jenkins Plugins

Security Affairs

MAY 4, 2019

Jenkins plugins allow to implement additional functionalities like Active Directory authentication, or solve reoccurring tasks such as executing a static code analyser or copying a compiled software to a CIFS share. In the majority of cases these solutions did not involve any encryption.” ” he added. Pierluigi Paganini.

Passwords

Passwords Advertising Encryption Hacking

Android Pie introduces important security and privacy enhancements

Security Affairs

DECEMBER 27, 2018

The latest version of Google OS, Android Pie, implements significant enhancements for cybersecurity, including a stronger encryption and authentication. The tech giant updated the File-Based Encryption implementing the support for external storage media, it also included the metadata encryption with hardware support.

Mobile

Mobile Encryption Authentication Advertising

Moxa Industrial Switches plagued with several flaws

Security Affairs

MARCH 11, 2019

“Successful exploitation of these vulnerabilities could allow the reading of sensitive information, remote code execution, arbitrary configuration changes, authentication bypass, sensitive data capture, reboot of the device, device crash, or full compromise of the device.” Pierluigi Paganini.

Advertising

Advertising Encryption Authentication Passwords

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

MAY 11, 2020

To maximize your network security, always protect your router with a unique password and use an encrypted network. To resolve this issue, organizations must opt for two-factor authentication for their system. Encrypted Tools. Most of the online tools are not secured and do not provide end to end encryption.

Encryption

Encryption Data breaches Advertising Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. Improper encryption. Poor credentials.

IoT

IoT Cybersecurity Manufacturing Internet

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

no authentication and clear-text communication Incorrect HTTP requests cause out of range access in Zope XSS on the web interface Private SSH key Backdoor APIs Backdoor management access and RCE Pre-auth RCE with chrooted access. This allows an attacker to MITM and decrypt the encrypted traffic.” Pierluigi Paganini.

Accountability

Accountability Advertising Software Authentication

Thousands credit card numbers of MoviePass customers were exposed online

Security Affairs

AUGUST 21, 2019

The researcher discovered that the records in the database were not encrypted. According to Techcrunch, which analyzed a sample of 1,000 records, data are authentic. Logging data included email addresses and incorrectly typed passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Encryption Authentication Passwords

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

SEPTEMBER 9, 2020

The gang also claimed on the ‘Stolen data’ page of their Tor leak site that they have stolen unencrypted files from K-Electric before encrypting its systems. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Energy and Utilities VPN Advertising

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). This is a subject of actual disclosure.”

Firmware

Firmware Encryption Advertising Passwords

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” ” reads the analysis published by MWR InfoSecurity.

IoT

IoT Hacking DNS Authentication

Australian social news platform leaks 80,000 user records

Security Affairs

OCTOBER 5, 2020

To increase efforts to secure user data, Snewpit will be reviewing “all server logs and access control settings” to confirm that no unauthorized access took place and to ensure that “user data is secure and encrypted.”. We will be reviewing all access control settings and ensuring our user data is secure and encrypted.

Identity Theft

Identity Theft Passwords Advertising Password Management

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

FBI recommends using passphrases instead of complex passwords. Kr00k Wi-Fi Encryption flaw affects more than a billion devices. New strain of Cerberus Android banking trojan can steal Google Authenticator codes. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Lampion malware v2 February 2020.

Banking

Banking Malware Advertising Ransomware

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

The gang also claimed on the ‘Stolen data’ page of their Tor leak site that they have stolen unencrypted files from K-Electric before encrypting its systems. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Source BleepingComputer.

Ransomware

Ransomware Advertising Engineering VPN

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 In 2015, global cyber crime had a cost of about $3 trillion, and the cost is expected to rise to $10.5 Ransomware. Ransomware is the fastest-growing trend.

Backups

Backups Ransomware Firewall Malware

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

Change the default username and passwords for all network devices, especially IoT devices. If the device’s default username or password cannot be changed, ensure the device(s) providing Internet access to that device has a strong password and a second layer of security, such as multi-factor authentication or end-to-end encryption.

DDOS

DDOS IoT Internet Internet

The strengths and weaknesses of different VPN protocols

Security Affairs

APRIL 26, 2019

Different protocols create different ways that connect your device and the internet through encrypted tunnels. The protocol relies on encryption, authentication and peer-to-peer protocol (PPP) negotiation. In essence, that means it only needs a username, password, and server address to create a connection.

VPN

VPN Encryption Firewall Internet

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

Security Affairs

APRIL 20, 2019

The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to break into Tchap , a new secure messaging app launched by the French government for encrypted communications between officials and politicians. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. or @elysee.fr

Government

Government Encryption Accountability Advertising

350 million decrypted email addresses left exposed on an unsecured server

Security Affairs

AUGUST 27, 2020

Here are some examples of how potential attackers can use the data found in the unsecured Amazon S3 bucket against the owners of the exposed email addresses: Spamming 350 million email IDs Carrying out phishing attacks Brute-forcing the passwords of the email accounts. Change your passwords approximately every 30 days.

Social Engineering

Social Engineering Passwords Marketing Phishing

Companies need CASBs now more than ever — to help secure ‘digital transformation’

The Last Watchdog

JULY 16, 2018

When I first wrote about Cloud Access Security Brokers in 2015, so-called CASBs were attracting venture capital by the truckloads — and winning stunning customer testimonials. A dozen years ago, companies scrambled to tighten down administrator accounts on Windows servers that arrive configured by Microsoft with weak default passwords.

Digital transformation

Digital transformation Encryption Accountability Risk

A flaw in US Postal Service website exposed data on 60 Million Users

Security Affairs

NOVEMBER 21, 2018

The good news is that it seems that API doesn’t expose USPS account passwords. Auditors discovered several authentication and encryption flaws that evidently were underestimated. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. 20 by the USPS is available here as a text file.”

Accountability

Accountability Advertising Encryption Authentication

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The QSnatch malware implements multiple functionalities, such as: CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Malware

Malware Advertising Passwords Manufacturing

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Security Affairs

OCTOBER 3, 2020

Cookies are more valuable than passwords because they contain session tokens, which are post-authentication tokens. This use of compromised credentials runs the risk of encountering accounts that are protected with two-factor authentication, which SilentFade cannot bypass.”. Pierluigi Paganini.

Malware

Malware Advertising Accountability Authentication

New Trickbot module implements Remote App Credential-Grabbing features

Security Affairs

FEBRUARY 18, 2019

Using the settings the module could retrieve an array of useful information, including host name, user name, and the private key files used for authentication. It then parses the string “ target=TERMSRV ” to identify the hostname, username, and password saved per RDP credential.” Trend Micro experts explained. Pierluigi Paganini.

Banking

Banking Malware Advertising Financial Services

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. The QSnatch malware implements multiple functionalities, such as: .

Malware

Malware Firmware Advertising Manufacturing

Crooks offered for sale private messages for 81k Facebook accounts

Security Affairs

NOVEMBER 3, 2018

The BBC Russian Service investigated the alleged data breach along with cybersecurity firm Digital Shadows and determined they are authentic. Experts from Digital Shadows traced the advertisement to an IP address in Saint Petersburg, they also linked the IP address to a campaign spreading LokiBot password-stealing.

Accountability

Accountability Advertising Cybercrime Hacking

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

TP-Link Archer routers allow remote takeover without passwords

Trending Sources

A flaw in India Digilocker could?ve been exploited to bypass authentication

WPA3 attacks allow hackers to hack Wi-Fi password

Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images

A flaw in Microsoft OAuth authentication could lead Azure account takeover

NGINX zero-day vulnerability: Check if you’re affected

3.4 Million user records from LiveAuctioneers hack available for sale

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

FBI issued a flash alert about Netwalker ransomware attacks

Visa warns of new sophisticated credit card skimmer dubbed Baka

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Data of 21 million Mixcloud users available for sale on the dark web

Hacking the ‘Unhackable’ eyeDisk USB stick

API Security and Hackers: What?s the Need?

Zendesk 2016 security breach may impact Uber, Slack, and other organizations

USBAnywhere BMC flaws expose Supermicro servers to hack

Expert found hundred of vulnerable Jenkins Plugins

Android Pie introduces important security and privacy enhancements

Moxa Industrial Switches plagued with several flaws

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Thousands credit card numbers of MoviePass customers were exposed online

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Hacking the Twinkly IoT Christmas lights

Australian social news platform leaks 80,000 user records

Security Affairs newsletter Round 253

Netwalker ransomware operators leaked files stolen from K-Electric

What is a Cyberattack? Types and Defenses

FBI warns cyber actors abusing protocols as new DDoS attack vectors

The strengths and weaknesses of different VPN protocols

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

350 million decrypted email addresses left exposed on an unsecured server

Companies need CASBs now more than ever — to help secure ‘digital transformation’

A flaw in US Postal Service website exposed data on 60 Million Users

QNAP urges users to update Malware Remover after QSnatch joint alert

SILENTFADE a long-running malware campaign targeted Facebook AD platform

New Trickbot module implements Remote App Credential-Grabbing features

QSnatch malware infected over 62,000 QNAP NAS Devices

Crooks offered for sale private messages for 81k Facebook accounts

Stay Connected