Tag: hack

By Bradley Prior for MyBroadband

HaveIBeenPwned has added a large data breach – involving popular writing website Wattpad – to its database of data breaches.

In June 2020, Wattpad – a website that allows users to publish their own literary content and critique the work of others – suffered a large data breach which exposed almost 270 million user records.

This data was reportedly sold to a private purchaser for $100,000, and has since reportedly been published to a public hacking forum – where it was shared broadly.

The data exposed in this breach includes names, usernames, email addresses, IP addresses, passwords, genders, and birth dates, HaveIBeenPwned said.

According to the post on the hacker website, included in the database are 145 million passwords hashed with bcrypt, and another 44-million hashed with SHA256.

“We are aware of reports that some user data has been accessed without authorisation. We are urgently working to investigate, contain, and remediate the issue with the assistance of external security consultants,” said Wattpad director of PR and communications Kiel Hume.

“From our investigation, to date, we can confirm that no financial information, stories, private messages, or phone numbers were accessed during this incident. Wattpad does not process financial information through our impacted servers, and active Wattpad users’ passwords are salted and cryptographically hashed.”

Hume said Wattpad is committed to maintaining the trust of its users “to ensure the safety and security of the Wattpad community”.

How to check if you are affected

HaveIBeenPwned allows you to check if your data was affected by data breaches including the recent breach of Wattpad.

To do this, users need to navigate to HaveIBeenPwned’s homepage and enter their email address into the search bar.

Check your email address here.

By Petrus Malherbe for Netwerk24

Instead of information about the eight commercial harbours it runs, the National Ports Authority’s (NPA) website now ostensibly contains information about gambling games in Indonesia, Netwerk24 reported. The National Ports Authority is a division of Transnet.

According to information on ICANN Lookup, Transnet registered transnetnationalportsauthority.net in 2007. The registration was managed by American company Network Solutions.

But its security certificate expired in April last year, which made it vulnerable to attacks by hackers thereafter.

The domain name, while still registered, is no longer being reported as being active. Its status is known as “client transfer prohibited”, meaning that the domain cannot be transferred without Transnet’s permission.

Ironically, the status is meant to help prevent an inactive domain name from being hacked by another entity.

Web pages are regularly hacked, with visitors directed to malevolent websites. A website with a security certificate that is in tact is, however, more resistant to these attacks.

The hacking of the NPA site seems limited to that particular website. The website for Transnet Port Terminals and its main page, transnet.net is, for example, still operational.

Even though the NPA’s page expired in April last year, Transnet still uses it on the port authority’s official Twitter page. This page appears to still be active – the last entry was on 23 January.

Transnet was approached for comment about the apparent takeover of one of its websites, but has not yet responded.

By Roger Bambino for Tech JaJa

Dr. Bright Gameli Mawudor heads the Cyber Security Service Team at Internet Solutions. He recently bumped into some MultiChoice credentials on the open Internet as he was giving a live demo at a conference.

Dr Gameli is also the co-founder of AfricaHackOn and was giving a speech at a recent MyBroadband CyberSec Conference, where he revealed that the DStv hack was more less accidental and uncovered a text file full of MultiChoice credentials on a misconfigured web server in the middle of a live demo.

He told MyBroadband that he was demonstrating a technique known as Google Dorking. This involves using Google’s highly technical search operators to find information people didn’t imagine would be found on the open Internet. To put this in context, many people put a lot of information on the internet including ripped media series for download on Internet-connected servers, which Google eventually crawls and indexes.

As he was trying to demonstrate how easy it was to find credentials for streaming services like Netflix and Hulu with a Google search, Mawudor thought he could do the same for DStv.

“Nobody knew what happened, I took it off quickly. I didn’t want anybody to see. Later I went to analyse the details,” Mawudor said.

Being an ethical hacker, Mawudor chose not to misuse the information he found as it would have done tremendous amount of damage to DStv’s business.

“I would have been able to use those credentials to log into the monitoring of live [sports] matches that were going on, [or] into the VPN and into the internal network,” he said.

He would have used this data to shut down systems, or changed live broadcasts if he so wished. While advising companies in regards to security Mawudor said:

“Organisations need to go beyond occasional penetration testing and do vulnerability management — frequently doing an assessment of all your systems, networks, and appliances to make sure they always screened for the latest vulnerabilities.”

WhatsApp is hacked

Source: BBC

WhatsApp has confirmed that a security flaw in the app let attackers install spy software on their targets’ smartphones.

That has left many of its 1.5-billion users wondering how safe the “simple and secure” messaging app really is.

On Wednesday, chip-maker Intel confirmed that new problems discovered with some of its processors could reveal secret information to attacks.

How trustworthy are apps and devices?

Was WhatsApp’s encryption broken? No. Messages on WhatsApp are end-to-end encrypted, meaning they are scrambled when they leave the sender’s device. The messages can be decrypted by the recipient’s device only.

That means law enforcement, service providers and cyber-criminals cannot read any messages they intercept as they travel across the internet.

However, there are some caveats.

Messages can be read before they are encrypted or after they are decrypted. That means any spyware dropped on the phone by an attacker could read the messages.

What is encryption?
On Tuesday, news site Bloomberg published an opinion article calling WhatsApp’s encryption “pointless”, given the security breach.

However, that viewpoint has been widely ridiculed by cyber-security experts.

“I don’t think it’s helpful to say end-to-end encryption is pointless just because a vulnerability is occasionally found,” said Dr Jessica Barker from the cyber-security company Cygenta.

“Encryption is a good thing that does offer us protection in most cases.”

Cyber-security is often a game of cat and mouse.

End-to-end encryption makes it much harder for attackers to read messages, even if they do eventually find a way to access some of them.

What about back-ups?
WhatsApp gives the option to back up chats to Google Drive or iCloud but those back-up copies are not protected by the end-to-end encryption.

An attacker could access old chats if they broke into a cloud storage account.

How to stay safe on WhatsApp
WhatsApp discovers ‘targeted’ surveillance attack
Of course, even if users decide not to back up chats, the people they message may still upload a copy to their cloud storage.

Should people stop using WhatsApp?
Ultimately, any app could contain a security vulnerability that leaves a phone open to attackers.

WhatsApp is owned by Facebook, which typically issues software fixes quickly.

Of course, even large companies can make mistakes and Facebook has had its share of data and privacy breaches over the years.

There is no guarantee a rival chat app would not experience a similar security lapse.

At least, following the disclosure of this flaw, WhatsApp is slightly more secure than it was a week ago.

Signal is an open-source project
Some rival chat apps are open-source projects, which means anybody can look at the code powering the app and suggest improvements.

“Open-source software has its value in that it be can tested more widely but it doesn’t necessarily mean it’s more secure,” said Dr Barker.

“Vulnerabilities can still be found with any tech, so it’s not the answer to our prayers.”

And if someone did decide to switch to a rival chat app, they would still have to convince their contacts to do the same. A chat app without friends is not much use.

Is any device ever safe?
In theory, any device or service could be hacked. In fact, security researchers often joyfully pile in on companies that claim their products are “unhackable”.

They quickly discover vulnerabilities and the embarrassed companies retract their claims.

If people are worried data may be stolen from their computer, one option is to “air gap” the device: disconnect it from the internet entirely.

That stops remote hackers accessing the machine – but even an air gap would not stop an attacker with physical access to the device.

Dr Barker stressed the importance of installing software updates for apps and operating systems.

“WhatsApp pushed out an update and consumers might not have realised that security fixes are often included in updates,” she told BBC News.

WhatsApp did not help the cause, however, by describing the latest update as adding “full-size stickers”, and not mentioning the security breach.

“People need to be made aware that updates are really important. The quicker we can update our apps, the more secure we are,” said Dr Barker.

As always, there are simple security steps to remember:

  • Install app and operating system security updates
  • Use a different password for every app or service
  • Where possible, enable two-step authentication to stop attackers logging in to accounts
  • Be careful about what apps you download
  • Do not click links in emails or messages you are not expecting

By Cheryl Kahla for The South African

The National Cyber Security Centre (NCSC), a UK cyber security watchdog, recently released their list of the most-used passwords on the Internet.

A quick look at the most common passwords is enough to know that a lot of work still needs to be done to educate computer users about cybersecurity.

The most common password was ‘123456’ which was beat out by ‘123456789’, ‘qwerty’, ‘password’ and ‘1111111’.

While these common passwords are incredibly problematic, the most pervasive problem for home internet users was a combination of these easily guessed passwords, and the fact they were being re-used across multiple sites.

Re-using passwords on multiple platforms
Password re-use is problematic as a security breach on one site could compromise a users security on every other site the password is in use.

NCSC technical director Ian Levy explains:

“We understand that cybersecurity can feel daunting to a lot of people, but the National Cyber Security Centre has published lots of easily applicable advice to make you much less vulnerable.

He added that re-using a password is a major risk which can be avoided because “nobody should protect sensitive data with something that can be guessed”.

Favourite celebrities
Sports teams and first names are another common choices for passwords with ‘Ashley’ the most common name used as a password and ‘Liverpool’ the most common premier league football team name used as a password. ‘Blink182’ was the most common band.

“Using hard-to-guess passwords is a strong first step, and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password,” added Levy.

There are several password management tools available that can generate unique passwords and store them in a central place for users who want to take their online security to the next level.

By Jack More for Mashable 

They wouldn’t have numbered it if it was the only one.

On 16 January, security research Troy Hunt uploaded a massive cache of leaked e-mails and passwords to his invaluable website have i been pwned.

The 87GB dataset, dubbed “Collection #1,” was admittedly years old, and had been passed around by hackers for some time now. Still, the sheer scale of it — containing over 772-million email addresses — turned heads. Hold onto your digital butts, because as Krebs on Security reports, you ain’t seen nothing yet.

According to Krebs, the Collection #1 data breach is, unsurprisingly, part of a much larger collection of stolen online credentials being sold online. And, taken as a whole, it dwarfs Collection #1’s size.

Just how big are we talking? According to the hacker allegedly selling access to the data who communicated with Krebs over Telegram, the entire data set of email addresses and passwords comes close to 1TB. Brian Krebs, the infosec journalist behind Krebs on Security, tweeted a screenshot purportedly depicting a page listing the data for sale.

In addition to the 87GB Collection #1, there’s a 526GB Collection #2, a 37GB Collection #3, a 178GB Collection #4, a 42GB Collection #5, and two other folders totaling an additional 126GB worth of credentials.

The seller told Krebs that, in total, they had close to 4TB of so-called password packages. Yeah, that’s a lot. According to the image above, the “Price for access lifetime” is only a cool $45 (R630).

So your email, along with one or more passwords to various throwaway online accounts you’ve used and discarded over the years, is likely being traded on the dark web. What does this mean for you?

Well, if you’re smart about your online security, probably not too much immediately. Assuming you use unique passwords for each account online — and you definitely should — any of your passwords contained in the dataset would only gain a hacker access to one specific online service. Like, say, your old Tumblr account. And, if you use two-factor authentication, you’re likely in the clear.

However, all this goes out the window if a hacker gets access to your main email account and can initiate password resets. And if the email account in question just so happens to share a password with your now-defunct Neopets account or whatever? You might legit be in trouble. Consider getting a password manager, and make sure your email has a unique password and 2FA.

And then go about your normal online business, comfortable in the knowledge that your personal data is being sold to hackers for the low, low price of $45 (R630).

To see whether your email address has been breached, visit have i been pwned.

By Jack Morse for Mashable 

A million hacked Facebook accounts isn’t cool. You know what’s even less cool? Fifty million hacked Facebook accounts.

A Friday morning press release from our connect-people-at-any-cost friends in Menlo Park detailed a potentially horrifying situation for the billions of people who use the social media service: Their accounts might have been hacked. Well, at least 50 million of them were “directly affected,” anyway.

The so-called “security update” is light on specifics, but what it does include is extremely troubling.

“We did see this attack being used at a fairly large scale.”

“On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts,” reads the statement. “[It’s] clear that attackers exploited a vulnerability in Facebook’s code that impacted ‘View As’, a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts.”

That’s right, almost 50 million accounts were vulnerable to this attack. As for how many were actually exploited?

“Fifty million accounts were directly affected,” explained Facebook VP of product management Guy Rosen on a Friday morning press call, “and we know the vulnerability was used against them.”

“We did see this attack being used at a fairly large scale,” added Rosen. “The attackers could use the account as if they are the account holder.”

The statement itself didn’t provide much additional insight.

“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed,” continues the statement. “We also don’t know who’s behind these attacks or where they’re based.”

Facebook says it’s fixed the vulnerability, and that 90 million people may suddenly find themselves logged out of their accounts or various Facebooks apps as a result.

The disclosure is a reminder about the dangers posed when a small number of companies like Facebook or the credit bureau Equifax are able to accumulate so much personal data about individual Americans without adequate security measures.

So, yeah, this is big.

“Security is an arms race,” Facebook CEO Mark Zuckerberg dryly noted on the press call.

Facebook is working with law enforcement, and, at least for now, says you don’t need to change your password. But maybe go ahead and log out of your account, everywhere, just to be safe.

“[If] anyone wants to take the precautionary action of logging out of Facebook, they should visit the ‘Security and Login’ section in settings,” advises the warning. “It lists the places people are logged into Facebook with a one-click option to log out of them all.”

So yeah, click through that link and log out of your account on all webpages and apps at once. After that, maybe think long and hard about whether it’s even worth logging back in.

By C.R. for The Economist 

It is not a message any frequent flyer looks forward to receiving. On 7 September, British Airways (BA) said it had emailed over 380 000 customers who had booked flights with the carrier between 21 August and 5 September admitting that their credit-card details had been stolen by hackers.

BA’s embattled chief executive, Alex Cruz, attributed the breach to a “malicious, fairly sophisticated attack” on its website. The airline thinks the hackers obtained names, street and e-mail addresses, and credit-card numbers, expiry dates and security codes—more than enough information to steal money from bank and credit-card accounts.

Mr Cruz has promised compensation for any customers financially affected by the hack.

The airline has not released the full details of what happened, and is still investigating the breach. But it has admitted that it was only data used in transactions in that 15-day period, not saved credit-card data on customer accounts, that was stolen.

Cyber-security experts say that hack sounds like it breached the system that managed customer payments, unlike previous attacks on other big companies where saved data was stolen.

Whatever the cause of the attack, aviation analysts think BA is likely to be hit hard by fines from regulators. Under the EU’s new General Data Protection Regulation, which came into force in May, BA could face a fine of up to 4% of its revenues if it is determined that it did not do enough to protect customer information.

That would be around £500m ($650m). If regulators decide that the penalty should be levied on the entire revenues of IAG, BA’s parent, that number could swell to as much as €1bn ($1.16bn). After adding the cost of compensating customers affected by the breach, it is no wonder that the group’s shares dropped in value by 2% on the morning the news became public.

But analysts are wary about saying that the hack will affect BA or IAG’s longer term performance.

BA has been hit by a serious of complaints about falling standards of service on its flight and by a computer crash that stranded 75,000 of its passengers last May. Mr Cruz has been crucified in the media for both public-relations meltdowns. Yet neither issue has really affected demand for BA flights.

So why do BA passengers keep coming back to the airline, in spite of it losing their credit-card data, checked-in baggage and taking away free nosh onboard? The answer is that they have little choice.

New airlines simply cannot take market share away from BA at Heathrow. As long as it uses each take-off and landing slot it is allocated 80% of the time, it can keep it for the next season. As a result, the share of slots at Heathrow owned by BA’s parent has risen from 36% in 1999 to 54%. It has also been gobbling up slots at Gatwick from defunct airlines such as Monarch, to make sure Norwegian, a disruptive long-haul low-cost competitor, cannot get their hands on them.

However much the airline’s computer systems go wrong or it cuts back its level of service onboard, new competitors cannot push it off the runway. Another IT disaster will not change that.

Liberty Life hacked, user data exposed

Financial services group Liberty Life sent out an SMS to their clients on Saturday evening informing them of a major security breach.

Liberty launched an investigation after its systems were hacked, and said the hackers alerted the company to potential vulnerabilities in its systems and were now demanding compensation.

The Sunday Times reported that the hackers obtained sensitive information about some top clients and have demanded payment of millions of rand not to release the data.

Liberty has communicated with its customers regularly, advising them to change passwords as applicable.

Liberty Life hack could be ‘an inside job’: expert

A security expert has questioned how hackers gained access to Liberty Life clients’ information, suggesting it could have been an inside job.

The financial services provided confirmed on Saturday that its information technology system was hacked last week, by people who demanded payment. It has since regained control of the system.

“It most likely happened in one of two ways: it was either an inside job or someone with the correct privileges was hacked, which means that they could have used that person’s permissions to get into the system,” said managing director of Ukuvuma Cyber Security, Andrew Chester.

He said the hack could have been avoided by applying general data security practices such as encrypting sensitive data, segregating it from vulnerable systems, and building in rigorous access control and monitoring systems.

“Why did Liberty have unstructured email data and attachments that were left unmonitored and more importantly, why was this sensitive data not encrypted? When doing threat-hunting or a security analysis for any company, the first thing one looks for is how easy it is to extract data without being detected.

“Additionally, how did the hackers know where to find the data? If it was an inside job they might have been tipped off, but if it wasn’t, it means that they spent enough time on the infrastructure to know where to look, which is very alarming,” he said.

Chester said it was also concerning that no-one detected the breach until the hackers themselves informed the company.

“There’s a common saying that you sometimes don’t know you’ve been hacked until law enforcement comes knocking at your door, but in this case, Liberty only found out once the criminals had contacted them,” he said.

The company said its investigation into the breach was at an “advanced stage”.

Source: eNCA 

R552bn wiped off cryptocurrencies after hack

By Eric Lam, Jiyeun Lee and Jordan Robertson for Bloomberg / Fin24 

The 2018 selloff in cryptocurrencies deepened, wiping out about $42bn (about R552bn) of market value over the weekend and extending this year’s slump in Bitcoin to more than 50%.

Some observers pinned the latest retreat on an exchange hack in South Korea, while others pointed to lingering concern over a clampdown on trading platforms in China. Cryptocurrency venues have come under growing scrutiny around the world in recent months amid a range of issues including thefts, market manipulation and money laundering.

Bitcoin has dropped about 12% since 5 pm New York time on Friday and was trading at $6v756, bringing its decline this year to 53%.

Most other major virtual currencies also retreated, sending the market value of digital assets tracked by Coinmarketcap.com to a nearly two-month low of $298bn. At the height of the global crypto-mania in early January, they were worth about $830 billion.

Enthusiasm for virtual currencies has waned partly due to a string of cyber heists, including the nearly $500m theft from Japanese exchange Coincheck Inc. in late January. While the latest hacking target – a South Korean venue called Coinrail – is much smaller, the news triggered knee-jerk selling, according to Stephen Innes, head of Asia Pacific trading at Oanda in Singapore.

“This is ‘If it can happen to A, it can happen to B and it can happen to C,’ then people panic because someone is selling,” Innes said.

A cryptocurrency slump

The slump may have been exacerbated by low market liquidity during the weekend, Innes added.

“The markets are so thinly traded, primarily by retail accounts, that these guys can get really scared out of positions,” he said. “It actually doesn’t take a lot of money to move the market significantly.”

Coinrail said in a statement on its website that some of the exchange’s digital currency appears to have been stolen by hackers, but it didn’t disclose how much. The venue added that 70% of the cryptocurrencies it holds are being kept safely in a cold wallet, which isn’t connected to the Internet and is less vulnerable to theft. Two-thirds of the stolen assets – which the exchange identified as NPXS, NPER and ATX coins – have been frozen or collected, while the remaining one third is being examined by investigators, other exchanges and cryptocurrency development companies, it said.

Coinrail trades more than 50 cryptocurrencies and was among the world’s Top 100 most active venues, with a 24-hour volume of about $2.65 million, according to data compiled by Coinmarketcap.com before news of the hack. Read about Trusted Brokerz and start capitalizing on Bitcoin to make virtual currencies part of your portfolio.

The Korean National Police Agency is investigating the case, an official said by phone.

In China, the Communist Party-run People’s Daily reported on Friday that the country will continue to crack down on illegal fundraising and risks linked to Internet finance, quoting central bank officials. The nation’s cleanup of initial coin offerings and Bitcoin exchanges has almost been completed, the newspaper said, citing Sun Hui, an official at the Shanghai branch of the central bank.

  • 1
  • 2

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top