Click to listen highlighted text!

Security Assistant

Common cyber threats explained   Click to listen highlighted text! Common cyber threats explained

acsc

A distributed denial-of-service (DDos) attack is one of the most powerful weapons on the Internet. When you hear about a website being “brought down by hackers” it means that it’s become a victim of a DDoS attack. In short, this means that hackers have attempted to make a website or computer unavailable by flooding or crashing the website with too much traffic.

Hundreds of malicious apps are showing up on the Google Play Store, disguised as legitimate applications. These malicious apps are carrying malware known as Dresscode. Dresscode is designed to infiltrate networks and steal data. It can also add infected devices to a Botnet, which is capable of carrying out denial-of-service (DDoS) attacks as well as taking part in spam email campaigns.

Yahoo announces data breach affecting 500 million users

If you have a Yahoo account, you need to change your password now. If you reuse that password on any other online accounts, you should change that too.

Dropbox has announced via their blog that 68 million user email addresses with hashed and salted passwords have been exposed. Dropbox has verified that the information is indeed legitimate. As a result, they have proactively completed a password reset for anyone who hadn’t updated their password since mid-2012. They’re contacting account owners via email and the next time they login, they will be prompted to update their passwords.

The personal information of nearly 30 million Facebook users was exposed as part of a recent data breach, the social media giant’s investigation has found.

Facebook revealed in late September that up to 50 million users had been caught up in a data breach involving vulnerabilities in the platform’s ‘view as’ function, which allows a user to see their profile as someone else would.

As a result, 90 million accounts were logged out and the vulnerability was resolved.

Now Facebook vice president of product management Guy Rosen has said that 29 million users were actually impacted by the breach, which was discovered by the company in mid-September following an “unusual spike in activity”.

On 25 September, the company determined that this was an attack on its platform, and two days later the vulnerability was closed and the users were logged out of their accounts for safety reasons.

According to Rosen, the hackers exploited three flaws in the ‘view as’ system, and used an “automated technique” to move from account to account, obtaining the access tokens that keep the users logged in.

This technique led to the hackers gaining access to the personal info of 400,000 people, and were then able to use these friends lists to steal the access tokens of nearly 30 million users.

Rosen said that 14 million of these users had personal data including name, contact details, relationship status, birthday, pages they follow and the last 10 places they have checked in to exposed.

The other 15 million users had only their name and contact details accessed.

“People’s privacy and security is incredibly important and we are sorry this happened,” Rosen said. “We know that we will always face threats from those who want to take over accounts or steal information. And that is why we are continuing to invest so heavily in security and focusing on more proactive ways to protect people.

“We are fully committed to this work and we are going to do all we can to earn people’s trust.”

The attack is not believed to be related to the upcoming mid-term elections in the US, but Rosen said he was unable to provide any further detail on who was behind the attack and which countries were most impacted due to an ongoing FBI investigation.

There are also concerns that the type of data stolen could lead to further attacks, including phishing or identity theft. Users that were impacted by the breach will soon receive a message from Facebook telling them to be aware of “suspicious emails or text messages or things of that sort”.

Rosen said Facebook is now looking into ways to improve its processes to prevent similar beaches in the future.

“We are continuing to learn and understand what additional tools and what additional measures we take in order to ensure that we can not just address this class of problem - problems will always happen - but ensuring that we can move very fast to detect and very fast to address any problems that may occur,” he said.

First targeted iPhone spyware discovered: Update your iOS software immediately

Cyber espionage, also known as cyber spying, is grabbing a lot of headlines lately. The most recent incident affects Apple’s iOS. Researchers at Citizen Lab have discovered that a highly sophisticated cyber espionage group has deployed a very rare, advanced form of spyware, which can break an iPhone wide open.

The good news- Apple has already pushed out the update to fix three vulnerabilities, that when combined, lead to compromise of an iOS device. If you haven’t already, you should update your software immediately.

Additionally, this particular spyware was aimed solely at a UAE human rights defender and is not confirmed to be affecting regular users. This is one of the most complicated pieces of iOS spyware seen in the wild. The company that released the spyware specializes in creating mobile cyber espionage tools, and then sells them to other agencies as well as governments in order to perform spying and surveillance.

One of the largest hotel brands disclosed that part of its guest reservation database suffered a large data breach. An internal investigation showed that unauthorized access had been ongoing since 2014.

The company has confirmed that the personal information of up to 500 million guests who made a reservation on or before September 10, 2018 are potentially exposed. Did you stay at a hotel property during that time?

For 327 million of the impacted hotel guests,

      beyond name, address, and phone number, the exposed information includes some combination of:
      • Email address
      • Passport number
      • Gender and birth date
      • Loyalty program account information
      • Reservation date with arrival and departure information
      Additionally, for some of these 327 million hotel guests,

encrypted payment card numbers and expiration dates were potentially compromised

      . The ability to decrypt that information was accessed cannot be ruled out as well. The hotel brand is continuing its investigation and we will continue to provide relevant updates as they are made available.

 

How Does it Work?

The spyware, known as Pegasus, is distributed by sending a link to a malicious website via text message. Clicking on the link leads to the exploit chain, which is what leads to the malware being installed. In turn, it completely opens up the phone to the attackers, giving them access to everything on the device-microphone, voice calls, emails- you name it. In addition to giving the attackers access to the phone’s data, it can also access the GPS in order to track the target’s movements.

AUSTRALIAN CYBER THREATS LISTINGS FOR 2018-19:

-visit Australian Cyber Security Centre for Australias latest threats-

Allsafe Library

X

copyrite protected

AllSafe CyberSecurity

Click to listen highlighted text!