Last week cyber news
1. A popular hacker forum leaked the largest collection of passwords with nearly ten billion unique passwords. The leak poses a serious threat mainly to users who tend to reuse passwords. The database is primarily used by hackers to perform brute force attacks and likely cross-reference information with other databases to identify
repeated usernames and passwords.
Recommendations:
- Do not use the same password for multiple accounts
- Ensure multi-factor authentication is enabled on every account that allows it
- Use a password manager to create different and complex passwords for each account
2. Twilio reports that an attacker exploited a vulnerability in the Authy service API and stole 33 million phone numbers of users. Twilio’s announcement comes after the attacker ShinyHunters published the phone number file for download on a forum.
3. A new report by the Kaspersky Digital Footprint Intelligence team revealed several organizations around the world that are unprepared to deal with information leaks to the Darknet. The initiative carried out in 2022 tracked posts on the dark web offering access (usernames and passwords) to compromised user accounts and other critical access means. The results of the initiative showed that 42% of organizations do not have a dedicated contact point to handle cyber events, 28% showed indifference, and 2% denied the events altogether. Kaspersky emphasizes that such negligence can lead to fines, financial losses, and loss of trust, especially in Europe due to strict GDPR regulations. However, 22% of organizations responded appropriately, acknowledging the information conveyed to them and addressing the risks, while 6% showed proactive monitoring and detection indicating early awareness of cyber events.
4. Passengers on a domestic Australian flight en route to Perth made an interesting discovery: 2 Wi-Fi networks of the airline with very similar names (SSIDs), one of which was open and offered free browsing. Passengers who hurried to take advantage of the offer and connect to the open network were directed to a landing page where they were required to log in with their email account or social network to get free browsing. However, despite entering their details, they did not receive free browsing. Instead, they were met with an ‘Evil Twin’ attack, a hotspot masquerading as a legitimate Wi-Fi point. It turns out that once the passengers entered their access details, they were harvested by the attacker and automatically saved on his computer.
Cybersecurity Updates
Since the beginning of the month, the National Cyber Directorate has published no less than 7 urgent security updates. The products for which updates were issued include, among others:
- APACHE servers
- JUNIPER routers
- GitLab servers
- and more.
It is recommended to go through the alerts and ensure that you update if you use one or more of these products.
