Cyber breaches abound in 2019

Cyber breaches abound in 2019
https://techcrunch.com/2018/12/26/cyber-breaches-abound-in-2019/

News of high-profile cyber breaches has been uncharacteristically subdued in recent quarters.

Is this a harbinger of a worse hacking landscape in 2019?

The answer is unequivocally yes. No question, cyber breaches have been a gigantic thorn in the global economy for years. But expect them to be even more rampant in this new year 2019 as chronically improving malware will be deployed more aggressively on more fronts. Also  data-driven businesses simultaneously move into the “target zone” of cyber attacks.

On the cybersecurity side, a growing number of experts believe that multi-factor authentication will become the standard for all online businesses.

Here are links to some articles that can hopefully help you to handle your cyber security better:

Cybersecurity 101: Why you need to use a password manager
https://techcrunch.com/2018/12/25/cybersecurity-101-guide-password-manager/

Cybersecurity 101: Five simple security guides for protecting your privacy
https://techcrunch.com/2018/12/26/cybersecurity-101-security-guides-protect-privacy/

229 Comments

  1. Tomi Engdahl says:

    Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’
    https://www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-has-been-hacked-with-social-media-and-tor-projects-exposed/?utm_source=FACEBOOK&utm_medium=social&utm_term=Valerie/#76616c657269

    Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing.

    Reply
  2. Tomi Engdahl says:

    Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed
    https://www.bleepingcomputer.com/news/security/russian-fsb-intel-agency-contractor-hacked-secret-projects-exposed/

    A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media.

    In addition, BBC Russia reports that the hackers stole 7.5TB of data from the contractor’s network. This data includes information about numerous non-public projects that were being developed by Sytech on behalf of the Russian government and its intelligence agency.

    Reply
  3. Tomi Engdahl says:

    The latest example of exposed corporate passwords found in public GitHub repositories seems to be security company and SSL certificate issuer Comodo.

    “Seeing as they’re a security company and give out SSL certificates, you’d think that the security of their own environment would come first above all else,”

    https://techcrunch.com/2019/07/27/comodo-password-access-data/

    Reply
  4. Tomi Engdahl says:

    Capital One Data Breach Hits 100 Million; Ex-Amazon Worker Is Charged as Hacker

    The breach at Capital One, which led to charges against a software engineer in Seattle, was one of the largest-ever thefts of bank data.
    The breach at Capital One, which led to charges against a software engineer in Seattle, was one of the largest-ever thefts of bank data.

    A software engineer in Seattle hacked into a server holding customer information for Capital One and obtained the personal data of over 100 million people, federal prosecutors said on Monday, in one of the largest thefts of data from a bank.

    The suspect, Paige Thompson, 33, left a trail online for investigators to follow as she boasted about the hacking, according to court documents in Seattle, where she was arrested and charged with one count of computer fraud and abuse.

    Ms. Thompson, who formerly worked for Amazon Web Services, which hosted the Capital One database that was breached,

    The F.B.I. noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and the Slack messaging service.

    https://www.nytimes.com/2019/07/29/business/capital-one-data-breach-hacked.html

    Reply
  5. Tomi Engdahl says:

    Capital One data breach: 1 arrested, tens of millions of customers affected
    https://6abc.com/finance/capital-one-data-breach-1-arrested-tens-of-millions-of-customers-affected-/5428546/

    hacker gained access to personal information from more than 100 million Capitol One credit applications, the bank said Monday as federal authorities arrested a suspect

    The hacker got information, including credit scores and balances, plus the Social Security numbers of about 140,000 customers, the bank said. It will offer free credit monitoring services to those affected.

    Capital One, based in McLean, Virginia, said Monday it found out about the vulnerability in its system July 19 and immediately sought help from law enforcement to catch the perpetrator.

    According to the FBI complaint, someone emailed the bank two days before that notifying it that leaked data had appeared on the code-hosting site GitHub

    Capital One said it believes it is unlikely that the information was used for fraud, but it will continue to investigate. The data breach affected about 100 million people in the U.S. and 6 million in Canada.

    Reply
  6. Tomi Engdahl says:

    LAPD Police Officers’ Personal Information Stolen in Data Breach
    https://www.nbclosangeles.com/investigations/LAPD-Police-Officers-Personal-Information-Stolen-Data-Breach-513340401.html

    A suspected hacker claimed he or she had stolen the personal information of about 2,500 LAPD officers, trainees, and recruits, along with approximately 17,500 police officer applicants, in what may be a large breach of data held by the city of Los Angeles’ Personnel Department.

    The city’s Information Technology Agency said it was contacted last week by someone who claimed to have accessed and downloaded the data, and the person offered some example files

    The LAPD told officers in the message they should monitor their personal financial accounts, get copies of their credit reports, and file a complaint with the Federal Trade Commission.

    Reply
  7. Tomi Engdahl says:

    Cyberattack On LAPD Confirmed: Data Breach Impacts Thousands Of Officers
    https://www.forbes.com/sites/zakdoffman/2019/07/30/lapd-cyberattack-police-department-confirms-it-has-been-hacked/#155677aa14be

    The Los Angeles Police Department has confirmed that it has been hacked, with the personal information of at least 20,000 people exposed.

    Reply
  8. Tomi Engdahl says:

    Education software maker Pearson says data breach affected thousands of accounts in the U.S.
    https://tcrn.ch/2K8sF49

    Pearson, the London-based educational software maker,said todaythat thousands of school and university accounts, mostly in the United States, were affected by a data breach.

    The Wall Street Journal reports that the data breach happened in November 2018 and Pearson was notified by the Federal Bureau of Investigation in March.

    According to Pearson, unauthorized access was gained to 13,000 school and university accounts on AIMSweb, the company’s student monitoring and assessment platform.

    Reply
  9. Tomi Engdahl says:

    CIS Countries Data Theft
    https://pentestmag.com/cis-countries-data-theft/

    Currently, there is no Personal Data protection system in CIS countries at all. The volume of illegal trade of Personally Identifiable Information is enormous.

    Nowadays, it is true that there are forums in the Russian-language segment of the Internet that are exclusively aimed at selling personal data — hacked social network accounts, passport data, mobile phone operator databases etc. I’m not talking about the so-called “Darknet” at all, it is just a fact that you can simply find it on Google not even trying to.

    Reply
  10. Tomi Engdahl says:

    A Technical Analysis of the Capital One Cloud Misconfiguration Breach
    https://www.fugue.co/blog/a-technical-analysis-of-the-capital-one-cloud-misconfiguration-breach

    This is a technical exploration of how the Capital One breach might have occurred, based on the evidence we have from the criminal complaint

    this post is to explore a combination firewall/IAM/S3 attack to illustrate some of the dangers of cloud misconfigurations that every organization on cloud should heed.

    In order to write this, I analyzed the technical details of the FBI complaint, and then formed a hypothesis of how the attack might have taken place. I then simulated the attack in my development account, so that I could provide specific details in this post.

    There were four different elements to the attack that we know about:

    Misconfigured firewall
    Gaining access to an EC2 instance
    Getting IAM role access to S3
    S3 bucket discovery and duplication.

    Reply
  11. Tomi Engdahl says:

    ILLINOIS ACCIDENTALLY PUBLISHED SOCIAL SECURITY NUMBERS OF ALL BOAT OWNERS
    https://1440wrok.com/illinois-accidentally-published-social-security-numbers-of-all-boat-owners/

    If you own a boat or a jetski in Illinois, you might want to do a quick credit check.

    The Department of Natural Resources collects Social Security information for all watercraft owners

    What is a horrible idea is accidentally publishing everyone’s personal information on a public website. Which is what they did.

    Well, at least they said that it won’t happen again.

    Reply
  12. Tomi Engdahl says:

    “No matter what transfer mechanism you use, you end up with a conflict. The U.S. laws allow espionage against EU citizens” – Max Schrems, lawyer and privacy activist

    https://www.politico.eu/article/max-schrems-facebook-europe-data-protection-privacy/

    Reply
  13. Tomi Engdahl says:

    Sites using Facebook ‘Like’ button liable for data, EU court rules
    https://www.euractiv.com/section/digital/news/sites-using-facebook-like-button-liable-for-data-eu-court-rules/

    Europe’s top court ruled Monday (30 July) that companies that embed Facebook’s “Like” button on their websites must seek users’ consent to transfer their personal data to the US social network, in line with the bloc’s data privacy laws

    According to the European Court of Justice ruling, a site that embeds the Facebook “like” icon and link on its pages also sends user data to the US web giant.

    Reply
  14. Tomi Engdahl says:

    Spanish brothel chain leaves internal database exposed online
    https://www.zdnet.com/article/spanish-brothel-chain-leaves-internal-database-exposed-online/

    “Men’s club” exposes data about escort girls, customer reviews, and club finances.

    The leaky server, found by Bob Diachenko of Security Discovery, is your typical case of a MongoDB database left connected to the internet without a password for the admin account.

    Reply
  15. Tomi Engdahl says:

    StockX confirms it was hacked (updated)
    https://www.engadget.com/2019/08/03/stockx-hacked/

    Attackers reportedly stole records from 6.8 million customers.

    Reply
  16. Tomi Engdahl says:

    Hundreds of exposed Amazon cloud backups found leaking sensitive data
    https://techcrunch.com/2019/08/09/aws-ebs-cloud-backups-leak/

    How safe are your secrets? If you used Amazon’s Elastic Block Storage, you might want to check your settings.

    You may have heard of exposed S3 buckets — those Amazon-hosted storage servers packed with customer data but often misconfigured and inadvertently set to “public” for anyone to access. But you may not have heard about exposed EBS volumes, which poses as much, if not a greater, risk.

    These elastic block storage (EBS) volumes are the “keys to the kingdom,”

    EBS volumes store all the data for cloud applications. “They have the secret keys to your applications and they have database access to your customers’ information,”

    all too often cloud admins don’t choose the correct configuration settings, leaving EBS volumes inadvertently public and unencrypted. “That means anyone on the internet can download your hard disk and boot it up, attach it to a machine they control, and then start rifling through the disk to look for any kind of secrets,”

    Morris found dozens of volumes exposed publicly in one region alone, he said, including application keys, critical user or administrative credentials, source code and more. He found several major companies, including healthcare providers and tech companies.

    He also found VPN configurations

    Reply
  17. Tomi Engdahl says:

    [https://arstechnica.com/gadgets/2019/08/microsoft-contractors-hear-phone-sex-and-more-while-reviewing-cortana-skype-audio/](https://arstechnica.com/gadgets/2019/08/microsoft-contractors-hear-phone-sex-and-more-while-reviewing-cortana-skype-audio/)

    Apparently the policies are so relaxed, that the contractor actually shared a cache of files to Motherboard.

    Reply
  18. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researcher finds hundreds of exposed AWS EBS snapshots leaking sensitive customer data, like VPN configurations, passwords, and in some cases government data

    Hundreds of exposed Amazon cloud backups found leaking sensitive data
    https://techcrunch.com/2019/08/09/aws-ebs-cloud-backups-leak/

    Reply
  19. Tomi Engdahl says:

    3fun: Security glitch in threesome hook-up app reveals details of users in Downing Street and White House
    https://www.independent.co.uk/news/uk/home-news/3fun-threesome-app-downing-street-white-house-cyber-security-a9051201.html

    ‘Worst security of any dating app we’ve ever seen,’ say experts

    The app, 3fun, revealed users with locations appearing to be in No 10 in London, and the White House and the US Supreme Court in Washington DC, according to a report on cyber security firm Pen Test Partners’ website.

    Furthermore, private photographs were accessible too.

    Users of the app could restrict the app from showing their locations, but according to Pen Test Partners, the data was only filtered on the mobile app itself, not on the servers containing the data, which their experts were able to query to reveal location information.

    Reply
  20. Tomi Engdahl says:

    Report: Data Breach in Biometric Security Platform Affecting Millions of Users
    https://www.vpnmentor.com/blog/report-biostar2-leak/

    Led by internet privacy researchers Noam Rotem and Ran Locar, vpnMentor’s team recently discovered a huge data breach in security platform Biostar 2.

    Biostar 2 is a web-based biometric security smart lock platform. A centralized application, it allows admins to control access to secure areas of facilities, manage user permissions, integrate with 3rd party security apps, and record activity logs.

    The app is built by Suprema, one of the world’s top 50 security manufacturers, with the highest market share in biometric access control in the EMEA region.

    Suprema recently partnered with Nedap to integrate Biostar 2 into their AEOS access control system.

    AEOS is used by over 5,700 organizations in 83 countries,

    This is a huge leak that endangers both the businesses and organizations involved, as well as their employees. Our team was able to access over 1 million fingerprint records, as well as facial recognition information. Combined with the personal details, usernames, and passwords, the potential for criminal activity and fraud is massive.

    Reply
  21. Tomi Engdahl says:

    Report: Data Breach in Biometric Security Platform Affecting Millions of Users
    https://www.vpnmentor.com/blog/report-biostar2-leak/

    a huge data breach in security platform BioStar 2.

    The data leaked in the breach is of a highly sensitive nature. It includes detailed personal information of employees and unencrypted usernames and passwords, giving hackers access to user accounts and permissions at facilities using BioStar 2.

    Our team was able to access over 1 million fingerprint records, as well as facial recognition information.

    steps were taken by the company to close the breach.

    Date discovered: 5th August 2019
    Date vendors contacted: 7th August 2019
    Date of Action: 13th August, the breach was closed

    Our team was able to access over 27.8 million records, a total of 23 gigabytes of data, which included the following information:

    Access to client admin panels, dashboards, back end controls, and permissions
    Fingerprint data
    Facial recognition information and images of users
    Unencrypted usernames, passwords, and user IDs
    Records of entry and exit to secure areas
    Employee records including start dates
    Employee security levels and clearances
    Personal details, including employee home address and emails
    Businesses’ employee structures and hierarchies
    Mobile device and OS information
    One of the more surprising aspects of this leak was how unsecured the account passwords we accessed were.

    Reply
  22. Tomi Engdahl says:

    Biostar security software ‘leaked a million fingerprints’
    https://www.bbc.co.uk/news/technology-49343774

    Researchers working with cyber-security firm VPNMentor managed to access data from a security tool called Biostar 2.

    Reply
  23. Tomi Engdahl says:

    New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records: Report
    http://on.forbes.com/6184E2KNr

    It has been coming for some time, but now the major breach of a biometric database has actually been reported—facial recognition records, fingerprints, log data and personal information has all been found on “a publicly accessible database.” The damage is not yet clear, but the report claims that actual fingerprints and facial recognition records for millions of people have been exposed.

    Reply
  24. Tomi Engdahl says:

    This data leak strikes at the heart of one of the big fears and criticism about biometrics: You can change your username and password with a couple of clicks. Your face and fingerprints are forever.

    https://www.technologyreview.com/f/614163/data-leak-exposes-unchangeable-biometric-data-of-over-1-million-people/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid

    Reply
  25. Tomi Engdahl says:

    European Central Bank Breach: ECB Confirms Hack And Shuts Down Website
    https://www.google.com/amp/s/www.forbes.com/sites/daveywinder/2019/08/16/european-central-bank-breach-ecb-confirms-hack-and-shuts-down-website/amp/

    The European Central Bank (ECB) has confirmed that it has suffered a breach that involved attackers injecting malware and led to a potential loss of data.

    In a statement published August 15, the ECB confirmed that “unauthorized parties” had succeeded in breaching the security of its Banks’ Integrated Reporting Dictionary (BIRD) website. The site, hosted by an external provider, appears to have been attacked in December 2018, according to a Reuters report. The breach was discovered months later as routine maintenance work was being undertaken.

    “Similar to the Capital One breach earlier this summer,” Draper continued, “this further demonstrates the exposures associated with third parties outside of a company’s security team.”

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*