fbpx
Open post

Companies who have been breached are still confident in their defenses

There has been a lot of articles and news covering companies and businesses who have security breaches and had people’s vulnerable information out in the hands of some hackers. Despite this news, APAC organisations are still confident in their online security measures, and feel like they don’t need to change or enhance those measures.

Fortinet recently took a poll with an enterprise security survey and the results were, unique. If we look at the companies who took the poll we see that 86% of those organizations had actually been the victim of a breach, and yet 48% of the IT decision makers at APAC are still confident in their security defenses.

There were a total of 1,801 respondents across 16 countries globally. 82% percent of the APAC IT decision makers see themselves in a higher standard  when it comes to cybersecurity compared to other organisations. However there was an honest 6% that said they felt they were lagging behind. This curious insight tells a bigger picture of the false sense of security an organization can have, which can lead to a self detrimental outcome down the road.

The reasons for this confidence are found in the method that caused their data breach in the past. There is a lack of fear in their cybersecurity because most organizations chalk up their data breaches to things like social engineering, ransomware and email phishing, things that are less to do with cybersecurity and more to do with human error.

When questioned what these organisations would do differently in their security career, 46% said they would invest more into employee training when it comes to cybersecurity awareness, which would in turn prevent their security breached past to begin with.

As a follow up from the Fortinet poll, organisations have planned to employ an IT education program for 2018 to enhance user security in the organisations. This is a great start. but it was also made aware that only 26% of the APAC businesses plan to employ network segmentation to reduce the spread of malware.

It is important to not only be aware of threats online like email phishing, but also to enhance your understanding of cybersecurity methods that would prevent things like the spread of malware, or open back doors to the network!

If you have any networks that could use some beefing up, or your looking for some insight into online security, give us a call today and let Re2tech be your source of cybersecurity!

Open post

Follow up information on the Uber data breach

Earlier today, it was made public the specifics that were stolen during the Uber data breach. Uber gives a more in-depth idea of the information accessed by the hackers, giving customers and drivers a stronger understanding of their vulnerability.

Some U.S. senators have been hounding Uber for more information on their security breach and what it meant for the customers who’s information was involved. Uber had hired an outside cybersecurity firm after the massive data breach, to get some more detailed information on the event. The cybersecurity firm has stated that they found no evidence of any riders’ credit card information, bank account information or social security numbers being downloaded by the two hackers. Uber has however disclosed that in some cases, the hackers had retrieved the location information from the place where people signed up for Uber, as well has some heavily encoded versions of the user passwords.

The company has stated that they have not seen any evidence of account fraud or misuse of data from the breach. As a response to the data breach concealment, there has been two employees who were fired for not “informing the appropriate parties”. The two employees were anonymously contacted by the hackers, being told they had just been breached and demanded payment. Through the tracking of the breach using private cloud data stored on Amazon’s web services, Uber was able to shut down access from the hackers.

The two employee’s agreed to pay the hackers $100,000 so that they would delete the data. Later on, the hackers real identities were identified, and they signed documents saying that all breached data was deleted, ensuring that the information could not be abused. It was disocvered that the hackers first gained access to Uber’s network on Oct. 13th, 2016 and the last use point of contact was on Nov. 15th. 2016.

It is still unclear if a criminal investigation has been started. Uber has since installed a stronger online defense to prevent the same issue from arising again. 

Open post

HP laptops pre-installed with keyloggers

Recently made public by a security researcher by the name of ZwClose, is the unfortunate mishap affecting some of the HP laptops.

Supposedly in the past there have been complaints about HP leaving key loggers installed on laptops, posing a potential danger to those whose laptops are involved. Key loggers that could allow hackers to record every keystroke on the laptop and steal sensitive data from the users which can include everything from usernames and passwords to credit card information.

Unfortunately the mistake has once again risen is head. The key loggers have been found to be in an estimated 460 HP laptops, supposedly “accidentally left behind” from the manufacturing and testing stages of the laptops. The key loggers are turned off, which may seem like its not be deal then, however, there is the potential for hackers to alter the registry value associated with the key logger that would turn it on, and give the hackers access to the device.

HP claimed it was also a “debug trace” and has since been removed when made aware of the problem. A list of the affected models for HP laptops can be found at this link here. If your model is listed, it is important to update your drivers as soon as possible to prevent any possible key logging travesties.

It’s important to keep up to date on your devices and their security, so keep checking back for more insight on what may prove a threat to your home, life and online presence!

Open post

Breaking news! Everything keeps breaking! Here we go again…

Another day another security breach! But where at this time you may ask? A cryptocurrency company known as NiceHash.

Early Wednesday, it was discovered that hackers had breached the bank of NiceHash and stolen potentially millions of dollars in bitcoins. It was made known that most of the funds stolen belonged to the customers of NiceHash. The customers of NiceHash use their computer processing power to earn cryptocurrency.

The hack affected the payment system of NiceHash and got away with the entirety of NiceHash’s wallet, an estimated 63 million in bitcoins. NiceHash has stated that they are working on resolving the urgent matter as fast as possible, and have contacted the necessary law enforcement authorities, while also conducting their own investigation.

NiceHash is a mining service for cryptocurrencies. NiceHash lets people offer their extra computer processing power for high-energy calculations and in the process are rewarded with altcoins, a differrent form of cryptocurrency, that can be exchanged for bitcoins. Generally people move their earnings to their personal cyber wallets and exchange the bitcoins for currency in some manner, however some people chose to leave their earnings in NiceHash’s cyber wallet…the one that was hacked.

Cryptocurrency companies often boast about the safe and trustworthy technology that secures the currency from hackers and the like, but NiceHash isn’t the first company that’s in the cryptocurrency business to be hacked. Just last month, a company called Parity had their digital wallet frozen by a novice hacker, making around $162 million in cryptocurrency unusable.

Word of advice: Don’t leave your money in someone else’s pockets, it may not be there later.

Be careful on the web folks and as always, if you need some reinforcement of your networks and want to learn about your security options, as well as the technology your using, give us a call at Re2tech! 

Open post

PayPal acquires TIO networks but with a cost

Just hours ago, it was made public that PayPal has had a security breach due to their newly acquired networks company TIO.

Back in February, Paypal had acquired TIO Networks in hopes of introducing the TIO customers to PayPal’s services. This attempt at bolstering their user numbers has actually backfired.

Thus far it is estimated that 1.6 million customers’ personal information has been breached. PayPal has suspended TIO networks last month after discovering the evidence of a security breach. PayPal stated that TIO’s network had discovered the vulnerability in security and that the forms of information that was taken could be customer names, addresses, SSN, and login credentials.

It is important to note that the PayPal systems and TIO systems are separate networks and PayPal customers were unaffected. Thus far, TIO will remain in suspension until TIO’s platform issues with data security and information security standards are up to PayPal’s standards.

It’s quit lucky that PayPal had chosen not to fully merge the systems otherwise this could have become an even bigger issue and also involving customers with PayPal accounts.

Be careful where you put your sensitive information on the web, and ensure the businesses your using has strong network defenses. 

Open post

Reddit user discloses some major issues with Mac OS root login

Recently, a user on Reddit gave information on a huge Mac OS High Sierra vulnerability. Access to “root” permissions is as easy as an empty password, potentially leaving users extremely vulnerable. If someone has physical access to a Mac OS High Sierra system, they can access personal files and change anything without any admin credentials.

This is a huge vulnerability for Mac users. Developer Lemi Orhan Ergin contacted apple to inform them of the vulnerability. Apple at the time had no update ready for such an issue, however informed of users a way to mitigate the possibility of someone gaining root access.

Disable guest users 

Opening up the system preferences and finding the “Users & Groups” section you can select guest users and uncheck “Allow guests to log into this computer.”

By doing this, no one can log into a guest user account and give them direct access to the root permissions option.

Change root password on Mac OS High Sierra

Another means of mitigating this issue, is by actually assigning a password to the root permissions, so if someone did attempt to enter with an empty password, they would be outright blocked.

  1. Launch systems and preferences
  2. Select users and groups
  3. Login options
  4. Join which is next to the “Network Account Server”
  5. Open Directory Utility
  6. Click the lock icon, and enter your password to gain access
  7. Once inside, in the menu bar of directory utility, select “Change Root Password”

That’s it! Make your own password for the Root access and ensure it is strong to keep it worth this effort!

Apple has informed that they are working on a quick patch, so the problem shouldn’t be relevant for too long, however it is always good to become familiar with this side of your system and learn of it’s layout, in case something in the future pops-up involving the same issue.

Stay safe and hacker free! Give us a call at re2tech and we can beef up your security and help explain your system and it’s workings to you in the process! 

Open post

Data breach at the Department of Social Services

This just in, the department of Social Services credit card system has been breached, as of yesterday. This isn’t something to be thankful for that’s for sure.

8,500 people have received warnings that their personal data held by a contractor has been breached. Past and current employees alike are vulnerable. The breach included employee names, user names, work phone numbers, work email, credit card information, Australian government  service number, public service classification, organisation unit and system passwords. In early November, the department alerted it’s employees to the system breach prior to 2016.

There was not a communication of how long the data was exposed for, however a DSS spokesman said the contractor, business information services, said the data was open from June 2016 until October 2017. The data related to the period 2004-2015.

So far the DSS is putting blame on the third-party providers actions, stating that the breach is in no way a fault of the DSS. Recently stated, the DSS said the data has now been secured, and that there was no evidence of improper use of the departments credit cards. It was stated that the type of information that was stolen can be a strong factor to identity theft, fraud and masquerading, where the attacker is pretending to be an authorized user.

 

Open post

Uber made a Uber mistake

Recently disclosed by Uber was a mishap that affects millions of customers and drivers, but it was swept under the rug, potentially putting millions at a higher risk.

Apparently late 2016, Uber had been hacked, and millions of customers and drivers’ sensitive information had become known to the malicious online hackers. Instead of disclosing this information to the proper channels, Uber instead chose to pay hackers 100,000$ to destroy data on millions of customers and drivers, to hide the incident from victims and authorities.

Attorney generals in at least four U.S. states have launched investigations into the incident. Due to Ubers decision to go against regulations and report the incident, they are now in hot water with their customers and drivers, as well as local governments.

The FTC, which looks into companies who handle sensitive personal information, is now looking into Uber to assess the damage and serious issues that are prevalent in response to the breach.

This issue does not only affect the US, but the UK as well. The UK criticized Uber for it’s lack of communication, preventing UK government to look into the problem and asses the damage for those affected. The UK has a 500,000 pound penalty delivering to Uber for their inability to follow regulations.

The information that was stolen includes email, phone numbers, names, as well as license numbers. An estimated 600,000 drivers license numbers were stolen.

Uber has been tight-lipped with reporters looking for more inquiry about the problem that arose and how it was handled.  Uber executives have been fleeing one by one for one reason or another, involving sexual harassment, data privacy, and business practice. London has pulled Uber’s operating license because of their failure to deal with public safety and security isssues. 

Open post

One Plus, potential for additional disasters

Recently, OnePlus, the phone brand, has been under scrutiny due to a newly discovered security flaw with one of their apps. Their app, also known as OnePlus, leaves the consumer open to attacks because the application was revealed to carry root access for the device.

So what does this mean? It means that your device may be accessed even when locked, using this vulnerability. This access to the root for the device is called “Engineer mode” and was originally made for the purpose of checking the phones functionality before leaving the factory. The issue is, that the application OnePlus also has a backdoor that leads to the root and this functionality. Which means if someone so desired, they could gain access to your phone, despite their being a password lock on it.

A developer who discovered the vulnerability, plans to release an app which exploits this vulnerability and gives OnePlus users an easy root access method.

This exploit still requires ADB, but nonetheless still poses a threat to users. Thus far there has been no action taken, but the CEO of OnePlus said they are “looking into it.” 

 

Open post

Phishing or data breaches? Which should you be worried about?

As of late, there has been a lot of talk about data breaches and online security failures. Naturally these instances can be concerning due to their involvement with their customers, like you! It is important to secure your network and be aware of any gaps that may be taken advantage of, however it is also important to watch out for phishing attempts, some believe even more so.

Recently, Google and UC Berkeley researchers have stated that the real fear should lie with the phishing hook waiting for unsuspecting persons. While data breaches can be devastating, it is thought that phishing can lead to more devastating results in the end, for example losing access to accounts and having your life’s work or personal documents/information out of reach. A strong example would be the loss of your Google account, that most persons now use regularly and hold superfluous  amounts of life activities and records on. Phishing generally has a much higher encounter rate than data breaches.

Last year Google did a study, with their services as the focal point, to study the commonalities of phishing, key logging, and data breaches. Through the study, it was noticeable that phishing was much more relevant than key logging or data breaches. Through the process of this study, the gained knowledge was put to use almost immediately, helping to secure around 67 million Google accounts from possible abuse.

Google used large amounts of sources to help discern accounts that have already been compromised by key logging, phishing and data breaches, and it became known that most of those using phishing kits reside in the following order.

  • Nigeria
  • United States
  • Morocco
  • South Africa
  • United Kingdom
  • Malaysia

The basis of the phishing attacks, involve a false sense of insecurity. They are emails or something of the like, that state there is a problem and that the message can take you to the solution. These messages are often portrayed very convincingly which tends to be the reason they are believed more often than naught. Another part of the ponies tricks is using Google against itself. Often the messages attempt to gain excess forms of information under the premise of being Google asking for these other forms of information. The other forms of information include IP addresses, device make and model, phone numbers, and location, all of these things are something Google may ask for at times, meaning you need to be that much more vigilant. Through gaining access to these other forms of information, those doing the phishing can extend their area of activity and possibly cause even more of a stir-up on your life.

 

Google found that, while data breaches can be a serious problem, there has only been about 7% of accounts that experienced data breaches, and those accounts have long since been inactive before being breached. In saying that, key logging and phishing accounted for around 12 or 25% of account passwords being used by persons other than the account owners. Most of the phishing victims were in the United States, while Brazil and India being the majority of key logging victims.

No matter the form of security breach, it’s important to continually be conscious of your activity online, and ensure your keeping yourself, life, and information safe. 

Posts navigation

1 2 3 4 5 6 7
Scroll to top