Tag: takeover | Page 2

Disneyland hack reveals dangers of social media account takeover

July 8, 2022/in Internet Security

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Yesterday, Disneyland Anaheim’s Instagram and Facebook accounts were hacked by a self-proclaimed “super hacker,” using the alias David Do, who proceeded to post racist and homophobic posts across the accounts.

The attack appears to have been motivated by a negative experience with the brand, with the attacker stating he was “here to bring revenge upon Disney land [sic],” and tired of Disney employees “mocking” him.

While Disneyland was quick to regain control of the account and removed the posts, the event has been a PR nightmare that’s left millions of visitors and families exposed to hateful and offensive content, particularly on Disneyland Anaheim’s Instagram, which has 8.4 million followers.

For other organizations, the Disneyland breach highlights that while platforms like Facebook and Instagram can help reach a wider audience, they also open the door to social media account takeover, which an attacker can use to seriously damage your reputation.

While it’s unclear how the hacker gained access to Disneyland’s social accounts, Aaron Turner, CTO of SaaS Protect at California-based AI cybersecurity provider, Vectra, believes that social media companies are to blame for offering organizations poor authentication mechanisms.

“From an identity and access perspective, it has always disappointed me that the major social media and internet publishing will not allow for their biggest sponsors to utilize strong authentication and federated identities to protect their brands,” Turner said.

One of the key problems with social media accounts, and the reason why accounts are vulnerable to account takeover attempts, is they rely on password-based authentication, which is susceptible to credential theft.

According to the Verizon 2022 Data Breach Investigations Report, last year, 50% of breaches were caused by stolen credentials.

“Because Instagram forced Disney to use a low-security authentication mechanism, essentially…

Source…

Account Takeover Prevention: Bad Habits That Make You More Vulnerable to ATO Fraud

June 15, 2022/in Internet Security

No matter the strength and sophistication of your security posture, the “human element” will continue to be the weak point. Whether it is a failure to adhere to password best practices or being tricked into handing over your credentials to a phishing scam, even the most robust security platform cannot remedy human error. When it comes to passwords, the security industry has tried to mitigate the human risk element by introducing tools like Multi-Factor Authentication, which is considered one of the most effective means of combating cyberthreats; yet a staggering 89% of enterprise cloud users do not have MFA enabled! The need for your organization to have an effective account takeover prevention strategy is ever-present, evidenced by the fact this is the leading form of attack used by hackers. According to the 2022 Verizon Data Breach Investigation Report, over 80% of web application attacks are attributed to stolen credentials. Therefore, protecting your organization against exposed credentials and ensuing account takeover (ATO) attacks is critical.

According to a study conducted by Constella Intelligence and Pulse, most employees have had their credentials exposed by threat actors, yet very few are monitoring for breached credentials. This problem is made worse by the fact that the increase in remote work has led to increased attack surfaces and most organizations put too little focus on monitoring the dark web to mitigate risk to their organization.

Password best practices are the most touted tidbits of cybersecurity advice out there–– the password strength meter that boldly judges our choice, security policies that periodically compel us to change our passwords, and even Google Chrome and Apple’s iCloud service that warn us when we’re re-using passwords across different sites. Yet, exploiting compromised and weak passwords continues to grow as the number one attack vector. Taking preventative measures against account takeover attacks is widely understood to be a critical step in daily digital life, but we continue to ignore this advice. Why does this happen?

According to an online security survey conducted by Google, 65% of respondents reuse the same…

Source…

Critical OAS Bugs Open Industrial Systems to Takeover

May 28, 2022/in Internet Security

A pair of critical flaws in industrial Internet of Things data platform vendor Open Automation Software (OAS) are threatening industrial control systems (ICS), according to Cisco Talos.

They’re part of a group of eight vulnerabilities in OAS software that the vendor patched this week.

Among the flaws is one (CVE-2022-26082) that gives attackers the ability to remotely execute malicious code on a targeted machine to disrupt or alter its functioning; another (CVE-2022-26833) enables unauthenticated use of a REST application programming interface (API) for configuration and viewing data on systems.

In its advisory, Cisco Talos described the remote code execution (RCE) vulnerability as having a severity score of 9.1 on a 10-point scale and the API-related flaw as having a score of 9.4.

The remaining flaws exist in different components of OAS Platform V16.00.0112. They were assessed as being less severe (with vulnerability-severity ratings that range from 4.9 to 7.5), and included information disclosure issues, a denial-of-service flaw, and vulnerabilities that allow attackers to make unauthorized configuration changes and other modifications on vulnerable systems.

“Cisco Talos worked with Open Automation Software to ensure that these issues are resolved, and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy,” its advisory
noted. The company recommended that organizations using the vulnerable software ensure that proper network segmentation is in place to minimize the access that an attacker, who exploited the vulnerabilities, would have on the compromised network.

OAS’s Open Automation Software Platform is primarily designed to let organizations in industrial IoT environments move data between different platforms — for instance, from an Allen Bradley programmable logic controller (PLC) to a Siemens PLC. Central to the platform is a technology the company calls Universal Data Connect that enables data to flow from and between IoT devices, PLCs, applications, and databases. OAS describes its technology as also being useful for logging data in ICS environments and putting then in open formats, and for aggregating…

Source…

Sudanese take to the streets to protest takeover

December 26, 2021/in Mobile Security

MILITARY RESPONSE:
Security forces reportedly fired tear gas into hospitals, and attacked doctors and the wounded, while mobile Internet services were cut

Tens of thousands of Sudanese protesters on Saturday rallied two months after a military coup, demanding that soldiers “go back to the barracks” and calling for a transition to civilian rule.

Waving flags, beating drums, dancing and chanting, crowds marched on the streets of Khartoum, despite severed communications and a heavy presence of security forces who later fired tear gas to disperse them.

An Agence France-Presse journalist saw injured people being evacuated by demonstrators.

Photo: EPA-EFE

The Doctors’ Committee, part of the pro-democracy movement, reported that security forces fired tear gas into hospitals, attacking doctors, as well as the wounded.

Ahead of the planned protests, officers had barricaded bridges connecting the capital to suburbs, cut telephone lines and restricted access to the Internet.

At least 48 people have died in crackdowns during weeks of demonstrations, the Doctors’ Committee said.

Khartoum’s state governor has said that security forces “will deal with those who break the law and create chaos.”

Demonstrators converged on the presidential palace in Khartoum, the headquarters of the military government in control since General Abdel Fattah al-Burhan seized power on Oct. 25.

Al-Burhan held civilian leader Sudansese Prime Minister Abdalla Hamdok effectively under house arrest for weeks.

After international pressure including a cut-off of vital aid, al-Burhan reinstated him on Nov. 21 under a deal promising elections in July 2023.

The move alienated many of Hamdok’s pro-democracy supporters, who dismissed it as providing a cloak of legitimacy for al-Burhan’s coup.

“What happened on Oct. 25 was a coup … and we will not stop demonstrating until we have a civilian government,” a masked…

Source…

Tag Archive for: takeover

MILITARY RESPONSE: Security forces reportedly fired tear gas into hospitals, and attacked doctors and the wounded, while mobile Internet services were cut

MILITARY RESPONSE:
Security forces reportedly fired tear gas into hospitals, and attacked doctors and the wounded, while mobile Internet services were cut