SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Security spotlight: 15 billion user names and passwords for sale
Thu, 23rd Jul 2020
FYI, this story is more than a year old

Top data security stories in recent weeks make for alarming reading. The following breaches are among many that made headlines:​​​​​

From bank details to streaming services – it's all available on the Dark Web

The dark web is packed with over 15 billion user names and passwords to countless services, including banking details, network administrator accounts, antivirus software, streaming services and more, with many being offered free.

Many breaches lead to the illegal distribution of duplicate files, meaning that accounts are shared multiple times amongst cybercriminals. This makes it increasingly difficult to track stolen data.

North Korea linked to a recent cyber-attack on US enterprises

In recent years, payment card information has become a high ticket item for malicious actors scouring the web for innocent customers.

A hacker group based in North Korea has been effective in skimming sensitive information from the checkout page of large retailers in the US and Europe. These are known as MageCart attacks and threat actors rely on malicious scripts (web skimmers).

The hackers, which have been identified as the Lazarus (Hidden Cobra) group of nation-state hackers, use legitimate websites to exfiltrate credit card information and camouflage the attack.

TikTok ban concerns

TikTok and other Chinese apps are currently under scrutiny by the US government, as they are on the verge of being banned in the country over security and surveillance concerns.

US government officials have pressing concerns about the potential mismanagement of user data, as the mobile application may have ties to a foreign government. The mobile platform has been under investigation due to allegations claiming that it had been secretly accessing user data from iPhone and iPad clipboards.

However, a spokesperson for the social platform stated that it was an inadvertent consequence of a spam filter.

Serious security concerns over smartwatch tracker API vulnerability

New API vulnerabilities have come to light over a smartwatch tracker used in applications, including services designed for the support of the elderly and vulnerable.

The major security flaw was an unrestricted server-to-server API that could be used to hijack the SETracker service in ways that include changing device passwords, making calls, sending text messages, conducting surveillance, and accessing cameras embedded in devices.

The findings were disclosed with the service provider, 3G Electronics, which promptly fixed the issue.

Nearly 100,000 customers exposed in a leaky database belonging to a fitness platform

A Las Vegas-based fitness company, V Shred, that offers workout plans for women and men, has exposed over 99k customers in an unsecured AWS S3 bucket.

The firm claims to have clients in 119 countries, 12 million unique visitors to its website per month, and over 40,000 subscribers to its university program.

CSV files appearing to contain the information relating to both trainers and clients remain exposed. They include IDs, first and last names, email addresses, genders, and client email addresses. A V Shred team member has denied there was an issue with the exposure of PII.

To avoid being exposed to similar headlines, enterprises should consider leveraging a cloud access security broker (CASB) platform to protect their sensitive data.

The first step is to know where sensitive business data is, and how it is being accessed, especially with mobile and cloud applications outside the traditional firewall perimeter.

As more and more data is stored in the cloud and accessed by mobile and remote workers, secure access service edge (SASE) is a more cost-effective, scalable and secure architecture to protect the modern enterprise from such internal and external threats, while ensuring an agile workforce that can leverage the latest devices, applications and cloud services to fast-track business.