fbpx
Open post

Morrisons supermarket data breach

Just hours ago, it was made public that Morrisons, a super market, is being held liable for the breach of information involving their workers.

Workers of Morrisons recently made a claim against the company after another employee named Andrew Skelton, stole data from the company that includes working salary, bank details, names and addresses of nearly 100,000 employees.

Morrisons believes it should not be held accountable for the actions of Skelton and is appealing against the decision.

This security breach occurred in 2014, that was when Skelton, a senior internal auditor leaked the information of employees to the internet and newspapers.

Supposedly this was a grudge retaliation over an incident that had recently occurred. Skelton was jailed for eight years in 2015, guilty for fraud,  securing unauthorized access to computer material and disclosing personal data.

Lawyers claim the company is at fault for lacking security means and the vulnerability of 5,518 former and current employees. The Judge has ruled in favor of holding Morrisons accountable for the incident. 

Open post

Reddit user discloses some major issues with Mac OS root login

Recently, a user on Reddit gave information on a huge Mac OS High Sierra vulnerability. Access to “root” permissions is as easy as an empty password, potentially leaving users extremely vulnerable. If someone has physical access to a Mac OS High Sierra system, they can access personal files and change anything without any admin credentials.

This is a huge vulnerability for Mac users. Developer Lemi Orhan Ergin contacted apple to inform them of the vulnerability. Apple at the time had no update ready for such an issue, however informed of users a way to mitigate the possibility of someone gaining root access.

Disable guest users 

Opening up the system preferences and finding the “Users & Groups” section you can select guest users and uncheck “Allow guests to log into this computer.”

By doing this, no one can log into a guest user account and give them direct access to the root permissions option.

Change root password on Mac OS High Sierra

Another means of mitigating this issue, is by actually assigning a password to the root permissions, so if someone did attempt to enter with an empty password, they would be outright blocked.

  1. Launch systems and preferences
  2. Select users and groups
  3. Login options
  4. Join which is next to the “Network Account Server”
  5. Open Directory Utility
  6. Click the lock icon, and enter your password to gain access
  7. Once inside, in the menu bar of directory utility, select “Change Root Password”

That’s it! Make your own password for the Root access and ensure it is strong to keep it worth this effort!

Apple has informed that they are working on a quick patch, so the problem shouldn’t be relevant for too long, however it is always good to become familiar with this side of your system and learn of it’s layout, in case something in the future pops-up involving the same issue.

Stay safe and hacker free! Give us a call at re2tech and we can beef up your security and help explain your system and it’s workings to you in the process! 

Open post

Imgur suffers a data breach, millions of accounts compromised

Recently reported, Imgur,  the image-sharing website has been victim to a data breach. Millions of accounts are suspected to have been compromised.

A security researcher recently discovered back in 2014 Imgur had suffered a massive data breach, putting millions of accounts in a state of vulnerability. The affected information consisted of emails and passwords for the accounts, however there are no reasons to believe any real names or other personal data was breached.

This is a lucky break for imgur, seeing as how many a businesses have been coming out informing their customers of a breach that occurred and customers very private information was stolen, like real names/addresses and credit card numbers.

Imgur has been praised for their swift action and transparency on the matter. Imgur’s chief operator put out a statement saying “We apologize that this breach occurred and the inconvenience it has caused you.”

The data researcher who discovered the breach thinks the encryption method Imgur used in 2014, A hashing algorithm, was broken through with brute force, and that because Imgur updated their encryption method in 2016, there shouldn’t be worries of it occurring again anytime soon.

Great job Imgur for addressing the issue in a time sensitive manner and with consideration for your customers. This is a great contrast in comparison to the Uber mishap that was recently made public.

Keep your information up to date and your usernames and passwords strong and changing between applications/websites. Don’t let data breaches like this affect your daily life! 

Open post

Data breach at the Department of Social Services

This just in, the department of Social Services credit card system has been breached, as of yesterday. This isn’t something to be thankful for that’s for sure.

8,500 people have received warnings that their personal data held by a contractor has been breached. Past and current employees alike are vulnerable. The breach included employee names, user names, work phone numbers, work email, credit card information, Australian government  service number, public service classification, organisation unit and system passwords. In early November, the department alerted it’s employees to the system breach prior to 2016.

There was not a communication of how long the data was exposed for, however a DSS spokesman said the contractor, business information services, said the data was open from June 2016 until October 2017. The data related to the period 2004-2015.

So far the DSS is putting blame on the third-party providers actions, stating that the breach is in no way a fault of the DSS. Recently stated, the DSS said the data has now been secured, and that there was no evidence of improper use of the departments credit cards. It was stated that the type of information that was stolen can be a strong factor to identity theft, fraud and masquerading, where the attacker is pretending to be an authorized user.

 

Open post

One Plus, potential for additional disasters

Recently, OnePlus, the phone brand, has been under scrutiny due to a newly discovered security flaw with one of their apps. Their app, also known as OnePlus, leaves the consumer open to attacks because the application was revealed to carry root access for the device.

So what does this mean? It means that your device may be accessed even when locked, using this vulnerability. This access to the root for the device is called “Engineer mode” and was originally made for the purpose of checking the phones functionality before leaving the factory. The issue is, that the application OnePlus also has a backdoor that leads to the root and this functionality. Which means if someone so desired, they could gain access to your phone, despite their being a password lock on it.

A developer who discovered the vulnerability, plans to release an app which exploits this vulnerability and gives OnePlus users an easy root access method.

This exploit still requires ADB, but nonetheless still poses a threat to users. Thus far there has been no action taken, but the CEO of OnePlus said they are “looking into it.” 

 

Open post

Phishing or data breaches? Which should you be worried about?

As of late, there has been a lot of talk about data breaches and online security failures. Naturally these instances can be concerning due to their involvement with their customers, like you! It is important to secure your network and be aware of any gaps that may be taken advantage of, however it is also important to watch out for phishing attempts, some believe even more so.

Recently, Google and UC Berkeley researchers have stated that the real fear should lie with the phishing hook waiting for unsuspecting persons. While data breaches can be devastating, it is thought that phishing can lead to more devastating results in the end, for example losing access to accounts and having your life’s work or personal documents/information out of reach. A strong example would be the loss of your Google account, that most persons now use regularly and hold superfluous  amounts of life activities and records on. Phishing generally has a much higher encounter rate than data breaches.

Last year Google did a study, with their services as the focal point, to study the commonalities of phishing, key logging, and data breaches. Through the study, it was noticeable that phishing was much more relevant than key logging or data breaches. Through the process of this study, the gained knowledge was put to use almost immediately, helping to secure around 67 million Google accounts from possible abuse.

Google used large amounts of sources to help discern accounts that have already been compromised by key logging, phishing and data breaches, and it became known that most of those using phishing kits reside in the following order.

  • Nigeria
  • United States
  • Morocco
  • South Africa
  • United Kingdom
  • Malaysia

The basis of the phishing attacks, involve a false sense of insecurity. They are emails or something of the like, that state there is a problem and that the message can take you to the solution. These messages are often portrayed very convincingly which tends to be the reason they are believed more often than naught. Another part of the ponies tricks is using Google against itself. Often the messages attempt to gain excess forms of information under the premise of being Google asking for these other forms of information. The other forms of information include IP addresses, device make and model, phone numbers, and location, all of these things are something Google may ask for at times, meaning you need to be that much more vigilant. Through gaining access to these other forms of information, those doing the phishing can extend their area of activity and possibly cause even more of a stir-up on your life.

 

Google found that, while data breaches can be a serious problem, there has only been about 7% of accounts that experienced data breaches, and those accounts have long since been inactive before being breached. In saying that, key logging and phishing accounted for around 12 or 25% of account passwords being used by persons other than the account owners. Most of the phishing victims were in the United States, while Brazil and India being the majority of key logging victims.

No matter the form of security breach, it’s important to continually be conscious of your activity online, and ensure your keeping yourself, life, and information safe. 

Open post

Android security update! KRACK be gone and band-aid adhesion!

Android deployed its recent patch for their phones. This patch holds significant updates, that involve KRACK (Key Reinstallation Attack) and also some fixes for the newly released Pixel 2 phones!

Surprisingly, Google actually released three updates for November. There is the main update that involves the normal bug fixes and performance updates. The second patch is in relation to the Qualcomm bug that left users vulnerable to Wi-Fi breaches.

The Qualcomm bug comes second to the Krack update. Earlier this year a weakness was found in the WPA2 Protocol that put thousands of people in a vulnerable position, allowing them to be hacked through most all Wi-Fi points. Krack is all about that new vulnerability in the WPA2, those most vulnerable however would be the Linux and Android 6.0+ devices, this is because their system can be tricked into installing an all-zero encryption key.

The 2017-11-06 patch that addresses KRACK issues affects versions ranging from Android 8.0 Oreo and all the way back to 5.0.2 Lollipop. As for Google’s Pixel and Nexus, the patches thus far released are only up to 2017-11-05, so the KRACK update has not hit those customers yet, but it is presumed they will receive the 2017-11-06 update sometime closer to December.

Along with bug fixes and security reinforcement, Google is now adding functional updates in the mix. When the Google Pixel was released, the XL variation received a lot of criticism due to the screen brightness and burn of the battery that occurred passively. To help diminish these concerns, Google updated the phone with new functionalities. The first would be a new dimming navigation bar, that dims the navigation bar when it is not in use, while also changing to white while in some applications. The patch also lowers the max brightness.

Another complaint was the colors of the display were dull. It seems Google anticipated this possibility and had installed a “Vivid color” check box in the settings menu. However this saturation wasn’t enough for some customers so Google released a new “colors” option that gives three options for saturation, ranging from natural, to saturated, to boosted. Supposedly there have been reports of clicking noises while on the phone with the Pixel, but Google states the November patch fixes that as well.

Open post

USB with breach measurements found in Heathrow

Recently, a USB was found discarded on the streets of London. Well that’s fine right? Nothing is abnormal about some misplaced USB’s…until this one.

The USB that was found contained very high detailed information involving the Queen’s route when using the airport and the security measures taken, as well as timetables of patrols used to guard a site from terror attacks. There were also loads of maps and documents labelled restricted or confidential. ID access information was also included which allowed for access to restricted areas.

One of the even more concerning bits of information (yes there is more) found among the documents were maps showing the location of CCTV cameras, routes and safeguards for cabinet ministers and foreign dignitaries, as well as details of the ultrasound radar system used to scan runways and the perimeter fence.

Thus far there is no suspect to who owned this USB. However There has been statements made that security is still tight and Heathrow remains secure. 

Open post

Update on the wild Bad Rabbit

Ukraine speaks out on the Bad Rabbit running rampant in Russia, stating that the hackers behind the NotPetya virus were the probable group responsible for the release of Bad Rabbit.

A Ukrainian official stated that the attacks from Bad Rabbit could have been mitigated greatly had organisations followed the recommended methods of malware handling, as well as basics on not clicking on suspicious messages. A prominent characteristic of the Bad Rabbit virus is the coding  and method of approach, which leads to further believing that the same group who released the NotPetya, also released Bad Rabbit.

Thus far, it is believed that the hacker group known as Black Energy are responsible for the NotPetya and Bad Rabbit virus’. This hacker group is a Ukrainian hacker group know to work in favor of Russia.

As of late, Ukraine has been the victim of multiple cyber attacks, having power knocked out in thousands of homes, frozen super market tills, and government computers that were left paralyzed. Ukrainian officials have stated that they think Russia sees the Ukraine as a testing ground for cyber attacks.

The US and Ukraine have been working together to teach comprehensive hacking combat techniques and skills.

Ukrainian officials believe there are many more cyber attacks on the way.

Open post

Equifax update. They knew months ahead that a breach was possible

Unfortunately there are some in this world who choose to close their eyes to the issues. Equifax seems to be the type to commit such ignorant acts.

Reportedly, six months ago Equifax was warned about the possibility of a security breach in their network. An anonymous security researcher had informed Equifax that they were susceptible to a forced browsing technique that could potentially expose thousands of customers SSN, birthdays and full names. The anonymous researcher also said they found other bugs that would have allowed a hacker to take control of Equifax servers, including SQL injection vulnerability. SQL vulnerability would allow maliciously crafted data to be forced into a web entry field to run commands in the background without the user being wiser for it.

This is a disappointing realization of information, knowing that a company that is supposed to keep the information of customers at it’s highest priority on lock down, to be so negligent to the weaknesses in their security system. Especially when being told specifically the issues that are there and could be accessed through such an easy manner such as forced browsing. Its reported that Equifax didn’t address those issues for six months. It is uncertain if those weaknesses were the cause of the security breach, which would honestly be more unsettling if there was a different means of access, because that means they were even more lax in another area with the information of the people who trusted them.

There is speculation that more than one hacker group could have been inside of the company’s network at the breach, further enhancing the possible issues that may arise for the Equifax customers. 

Posts navigation

1 2 3 4 5 6
Scroll to top