⚡️Duolingo Suffers Massive Data Breach; Scrapped Data Lands on Hacking Forum
The hacker was able to verify active Duolingo users by feeding millions of email addresses to the vulnerable API.
The verified email IDs were then used by the hacker to create a dataset containing both public and non-public information.
Alternatively, it is also possible to feed a username to the API to retrieve JSON output, containing sensitive user data.
@Cyber_Security_Channel
BankCard USA Data Breach Exposes Thousands
The state of Maine imposes unusually strict reporting requirements on data breaches affecting its residents — in this case just 32 of the total 10,312 victims, the rest of whom Cybernews understands to be located across the US.
As well as launching an internal investigation into the breach using third-party cybersecurity contractors, BankCard reported the incident to police and says it has since “implemented additional layers of security in our identification and verification processes.”
@Cyber_Security_Channel
This Israeli AI Firm is Revolutionizing Cybersecurity's War on Bots
Bots exist on a spectrum, with beneficial and detrimental implications.
These programs execute tasks efficiently, saving time and providing users with detailed data.
The usage of AI-powered bots has emerged as a vexing challenge for organizations.
A University of Baltimore study estimates that in 2020 alone, ad fraud, primarily driven by bots, inflicted a global economic loss of $35 billion.
An Internet bot, commonly referred to as just a bot, is a software application designed to automate tasks and scripts over the Internet.
@Cyber_Security_Channel
Spoofing an Apple device and tricking users into sharing sensitive data
Even if users tap on the Bluetooth icon, their iPhones will continue to receive proximity actions.
Bochs speculate that these flaws were “certainly by design” to allow smartwatches and headphones to keep working with Bluetooth toggled and Apple won’t address them.
The expert recommends turning Bluetooth off in the device settings to protect the device.
@Cyber_Security_Channel
Phishing Attack Targets Hundreds of Zimbra Customers in 4 Continents
Each attack starts the same — a general phishing email, purporting to come from Zimbra itself, relaying some kind of urgent message about, say, a server update, or account deactivation.
For example, the following note titled "Important information from Zimbra Security Service".
@Cyber_Security_Channel
African Cybercrime Operations Shut Down in Law Enforcement Operation
The investigation used private sector intelligence to identify rogue networks that were responsible for financial losses of more than $40 million.
According to Interpol, the operation underscores the power of cooperation among international law enforcement, national authorities, and private sector partners "to share best practices and pro-actively combat cybercrime" especially in a region that has seen a surge in cybercrime.
@Cyber_Security_Channel
PDF Security: Safeguarding Your Confidential Information
Encryption is the foundation of PDF security, and it’s what keeps your data safe from prying eyes.
When a PDF document is encrypted, its contents are scrambled using complex algorithms, making it practically impossible for unauthorized users to decipher without the correct decryption key.
This ensures that even if the document falls into the wrong hands, its contents remain secure.
@Cyber_Security_Channel
23 Years of Illegal Data Transfers Due to Inactive DPAs and New EU-US Deals
The highest European court sent a strong message for better data privacy, when it invalidated the data transfer deals "Safe Harbor" and "Privacy Shield" in 2015 and 2020 respectively.
The logical consequence of this decision was that almost all transfers between the European Union and United States since the year 2000 were illegal.
In reality, companies didn’t stop the practice though.
This was largely made possible by to the inaction of European data protection authorities (DPAs), which mostly failed to implement the CJEU’s rulings. In combination with new (and void) deals, we are therefore lookig back on 23 years of illegal data transfers.
@Cyber_Security_Channel
Five ways AI Can be Used to Prevent Cyber Attacks
Cyber crime presents a major risk to global prosperity in the Fourth Industrial Revolution.
As these attacks grow in volume, artificial intelligence (AI) not only supports under-resourced analysts but also provides a wide range of protection from malicious attacks.
@Cyber_Security_Channel
Unveiling the Hidden Risks of Routing Protocols
There has been a prevailing attitude within the security industry that "if it ain't broke, then don't fix it."
There is a tendency to overlook security auditing with the mistaken belief that these types of vulnerabilities are less serious than the origin and path validation issues.
Traditional risk assessment often fails to thoroughly examine all the software and devices on a network and their implications, creating blind spots.
These gaps can become even more pronounced when an organization does not even realize these routing protocols are in use.
Routing protocols can show up in more places than one might think, such as data centers, VPNs across organization sites, and embedded in custom appliances.
@Cyber_Security_Channel
Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins
Jenkins also announced fixes for medium-severity vulnerabilities in the Folders, Config File Provider, NodeJS, Blue Ocean, Fortify, and Delphix plugins.
According to the advisory, these flaws could lead to information disclosure, credential leaks, CSRF attacks, HTML injection, and credential ID enumeration.
Fixes were included in Blue Ocean version 1.27.5.1, Config File Provider version 953.v0432a_802e4d2, Delphix version 3.0.3, Flaky Test Handler version 1.2.3, Folders version 6.848.ve3b_fd7839a_81, Fortify version 22.2.39, NodeJS version 1.6.0.1, and Shortcut Job version 0.5.
@Cyber_Security_Channel
Breached for years: How Long-Term Cyber Attacks Are Able To Linger
What many don’t realize is that cyber security practitioners and security operations center (SOC) analysts triage a deluge of data every day, and connecting the dots between the faint signals passing through every second is a task that’s much, much easier said than done.
Experts also say there are plenty of avoidable errors involved.
@Cyber_Security_Channel
QR Code Phishing Campaign Targets Top US Energy Company
The messages used lures aimed at fostering a sense of urgency, spoofing Microsoft security alerts and claiming that recipients were required to update their account's security settings associated with two-factor authentication (2FA) and multi-factor authentication (MFA), among others.
The images and links included within the messages ultimately sent victims to a Microsoft credential phishing page.
@Cyber_Security_Channel
Understanding How Connected Vehicles & Fleets Can Protect Data Privacy
As cars generate significantly more data every day, and with the advent of high-speed 5G communication, in-vehicle edge computing has become critical to ensure that connected vehicles function at scale to provide quicker and improved performance.
As a result, vehicles can harness data from multiple OEMs and sources scattered in the ecosystem, to be utilized by OEMs, Insurers, Fleet Companies and Smart Cities/Municipalities.
However, all this connectivity also means that security and data precautions must be taken into account.
@Cyber_Security_Channel
LinkedIn Accounts Hacked in a Widespread Hijacking Campaign
"Some have even been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts," reports Cyberint's researcher Coral Tayar.
"While LinkedIn has not yet issued an official announcement, it appears that their support response time has lengthened, with reports of a high volume of support requests"
Owners of these accounts are then prompted to verify ownership by providing additional information and also update their passwords before they're allowed to sign in again.
@Cyber_Security_Channel
Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability
While the issue carries a 9.8/10 CVSS severity score, Ivanti notes there is low risk of exploitation for enterprise administrations who do not expose port 8443 to the internet.
“Ivanti recommends that customers restrict access to MICS to internal management networks and not expose this to the internet,” the company said.
@Cyber_Security_Channel
8 AI Risk and Resilience Firms CISOs Should Track
CISOs need to help their organizations account for new attack vectors, such as adversarial AI attacks like model inversion attacks and data poisoning.
But that’s just a slim picture of the risks. Resilience, reliability, and trust issues like model brittleness, AI bias, and explainability are all increasingly important factors to manage.
Additionally, AI further exacerbates software supply chain issues, as open sourced AI models and training data are de rigueur for building these systems.
@Cyber_Security_Channel
Microsoft is Now a Cybersecurity Titan
Microsoft is also grappling with its own cybersecurity demons.
Following a breach of Microsoft’s platforms by suspected Chinese hackers in July, which exposed email accounts operated by various government agencies, it’s under fire in the US Congress for what Senator Ron Wyden has called ‘negligent cybersecurity practices’.
Microsoft’s recent cybersecurity demons, however, risk unsettling its hard-won progress toward establishing itself as a trusted figure in the global security landscape.
@Cyber_Security_Channel
CyCognito Finds Large Volume of Personal Identifiable Information in Vulnerable Cloud and Web Applications
Gurzeev continued, "The size of a company's attack surface fluctuates up and down by as much as 10 percent a month, making it a moving target rife with security gaps ready to be exploited.
Our latest research is not only a wake-up call that no business is immune to risk; it's also clear proof that unknown and undiscovered assets present a major threat to an organization."
@Cyber_Security_Channel
🧑💻 DevOpsDays Ukraine: Disaster Recovery Conference on September 14-15th
Here is a brief message from our partners at DevOpsDays:
"Hey folks! We’re happy to invite you to DevOpsDays Ukraine: Disaster Recovery on September 14-15th
Get ready for a two-day journey with Cultural Talks, Ignites & Tech Talks.
The top speakers you can expect to see are:
- Manuel Pais
- Adriana Villela
- Charity Majors
- Iaroslav Molochko
- And other specail guests
We will talk about Self-Service Tooling, Future of Platforms, CI/CD and IaC for GameDev, and you will get to know about the successful cloud migration journey undertaken by the National Bank of Ukraine & PrivatBank.
Furthermore, on the live fireside chat, you can ask questions to the founder of DevOpsDays, Patrick Debois, and learn more about his personal experience and ideas.
Finally, we will provide online networking on Open-Spaces with like-minded experts from around the world.
Key Information:
• When?
↳ September 14th-15th
• Where?
↳ Online
• Registration:
↳ Here
Can't wait to see y'all!"
@Cyber_Security_Channel
Case from one week ago: Suspected N. Korean Hackers Target S. Korea-US Drills
The hackers — believed to be linked to a North Korean group dubbed Kimsuky — carried out “continuous malicious email attacks” on South Korean contractors working at the allies’ combined exercise war simulation centre, the Gyeonggi Nambu Provincial Police Agency said in a statement on Sunday.
@Cyber_Security_Channel
Transparency is Key to Increasing Driver Data Collection
Europe’s approach to data transparency and safety differs from other markets—a key issue for the wider industry.
On the possibility of a global DMS (driver monitoring systems)data privacy and transparency standard, Meyer is unconvinced: “How much someone considers privacy to be a fundamental value varies worldwide”.
He believes GDPR is the result of a cultural mindset around data.
“Chinese people think it’s absolutely normal to deal with mass surveillance,” he adds.
“It’s a specific European mindset to want to know what data is being used for and if it’s in a person’s interests.”
@Cyber_Security_Channel
As the U.S. Tightens Its Grip On Data Privacy, Can Companies Stay Ahead?
User-data exploitation comes part and parcel with Web 2.0 operations for entirely legal business purposes.
But the U.S. Department of Justice is cracking down on serial privacy violators, with senior officials repeatedly issuing warnings to consumers to avoid certain data-siphoning apps.
In that sense, security and customer-data safeguards must be built from the ground up.
Data privacy and security should be a foundational aspect of any app or tech development moving forward, not an added bonus.
Twitter, for example, made text-based two-factor authentication under Elon Musk available only to paying Twitter Blue Check Mark users. That’s exactly what companies shouldn’t do.
@Cyber_Security_Channel
How Important Is Explainability in Cybersecurity AI?
Explainability is crucial for cybersecurity AI and will only become more so over time.
However, building and deploying XAI carries some unique challenges.
Organizations must recognize these to enable effective XAI rollouts.
Many AI models today are black boxes, meaning you can’t see how they arrive at their decisions.
By contrast, explainable AI (XAI) provides complete transparency into how the model processes and interprets data.
When you use an XAI model, you can see its output and the string of reasoning that led it to those conclusions, establishing more trust in this decision-making.
@Cyber_Security_Channel
Data Resiliency in the Face of Ransomware
“The key point I want to make is, you’ve really got to start thinking about that business risk in a more a planned way.
To really think about, “what am I going to do in each of those phases?”
Because it comes back to the point I am saying: hope is not a method. Hoping the breach won't happen is one approach, right, but it's not a very good approach.”
@Cyber_Security_Channel
Proxyjacking Trend Continues as Attackers Abuse Years-Old GitLab Vulnerability
The campaign makes use of a 2021 vulnerability in GitLab - CVE-2021-22205 - to enable remote command execution on a victim’s server.
CVE-2021-22205 itself was patched by GitLab in 2021, meaning the impact is restricted to customers remaining on vulnerable versions.
@Cyber_Security_Channel
5 Tips for Securing Data When Using a Personal Mac for Work
There are ways you can take to secure your Mac and protect your organization’s information.
Before following these five tips, check with your employer to confirm employees are permitted to use their personal Macs — a practice often referred to as BYOD for Bring Your Own Device — for work.
@Cyber_Security_Channel
Business Email Compromise Attack Costs far Exceeding Ransomware Losses
The spike in these attacks over the last year means that financial losses also far exceed those incurred by organizations that have fallen victim to ransomware attacks.
Across 2022, Cloudflare recorded a total of 2,385 ransomware complaints, with businesses suffering losses of more than $34.3 million due to a flurry of attacks.
Meanwhile, BEC attack complaints topped more than 21,800 and businesses were found to have incurred losses in excess of $2.7 billion across the same period.
@Cyber_Security_Channel
Almost 2,000 Citrix NetScaler Servers Backdoored in Hacking Campaign
Security researchers at cybersecurity company Fox-IT (part of the NCC Group) and the Dutch Institute of Vulnerability Disclosure (DIVD) have discovered a large-scale campaign that planted webshells on Citrix Netscaler servers vulnerable to CVE-2023-3519.
Initially, the scans considered only vulnerable systems but later expanded to Citrix instances that received the update to address CVE-2023-3519.
This revealed 1,952 NetScaler servers backdoored with the same web shells Fox-IT found during the incident response engagements, indicating that the adversary used an automated method to exploit the vulnerability at a large scale.
@Cyber_Security_Channel
ShopBack Fined S$74,400 Over Leak of More Than 1.4 Million Customers’ Personal Data
ShopBack first notified the PDPC and its customers of an incident involving unauthorised access to its customer data servers on Sep 25, 2020.
PDPC then received two complaints from customers.
On Nov 12 that year, ShopBack’s customer database was subsequently offered for sale on Raidforums, an online cybersecurity forum commonly used to trade and sell stolen databases. Its domain name and content have since been seized by US authorities.
@Cyber_Security_Channel