Tag Archives: data breach

All Yahoo Accounts Compromised in the 2013 Yahoo Data Breach

Recently Oath, owner of Yahoo, and a subsidiary of Verizon revealed that the biggest known cyber data breach ever recorded in the history of humankind was larger than Yahoo initially announced. As you may remember back in 2013 Yahoo suffered a cyber-attack – approximately one billion accounts were affected. Even though that it took Yahoo more than two full years to release the information about the data breach to the public, further investigation by the current owners confirmed that the incident was on a much larger scale. A few days ago, the current owners of Yahoo distributed a notice stating that every single Yahoo account might have been compromised during this very same attack. The total amount of user accounts that Yahoo had at the time was around the three billion mark.

The news is a significant blowback for Verizon as they might have been able to negotiate a better deal when acquiring Yahoo should they knew that the cyber-attack had affected every customer, instead of the initially announced one-third of the accounts. In the notice released earlier today, Chandra McMahon, Chief Information Security Officer at Verizon said;

Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats. Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”

The good news is that this is not a new security issue, Yahoo and Verizon claim that they have done everything possible to secure the accounts of its current users.

Yahoo is currently sending email notifications to the additional affected user accounts. The forensic experts hired by Verizon highlighted the fact that the compromised data is not known to contain passwords in clear texts, nor any banking information such as credit card numbers and bank account details. However, the investigation is still considered as an ongoing matter.

If you are worried that you may be amongst the affected ones, and you hadn’t taken any precautions when the breach was initially reported, check out our top 5 things you should do immediately.

The post All Yahoo Accounts Compromised in the 2013 Yahoo Data Breach appeared first on Panda Security Mediacenter.

Read More

A dating site and corporate cyber-security lessons to be learned

panda-security-protection-data

It’s been two years since one of the most notorious cyber-attacks in history; however, the controversy surrounding Ashley Madison, the online dating service for extramarital affairs, is far from forgotten. Just to refresh your memory, Ashley Madison suffered a massive security breach in 2015 that exposed over 300 GB of user data, including users’ real names, banking data, credit card transactions, secret sexual fantasies… A user’s worst nightmare, imagine having your most private information available over the Internet. However, the consequences of the attack were much worse than anyone thought. Ashley Madison went from being a sleazy site of questionable taste to becoming the perfect example of security management malpractice.

Hacktivism as an excuse

Following the Ashley Madison attack, hacking group ‘The Impact Team’ sent a message to the site’s owners threatening them and criticizing the company’s bad faith. However, the site didn’t give in to the hackers’ demands and these responded by releasing the personal details of thousands of users. They justified their actions on the grounds that Ashley Madison lied to users and didn’t protect their data properly. For example, Ashley Madison claimed that users could have their personal accounts completely deleted for $19. However, this was not the case, according to The Impact Team. Another promise Ashley Madison never kept, according to the hackers, was that of deleting sensitive credit card information. Purchase details were not removed, and included users’ real names and addresses.

These were some of the reasons why the hacking group decided to ‘punish’ the company. A punishment that has cost Ashley Madison nearly $30 million in fines, improved security measures and damages.

Ongoing and costly consequences

Despite the time passed since the attack and the implementation of the necessary security measures by Ashley Madison, many users complain that they continue to be extorted and threatened to this day. Groups unrelated to The Impact Team have continued to run blackmail campaigns demanding payment of $500 to $2,000 for not sending the information stolen from Ashley Madison to family members. And the company’s investigation and security strengthening efforts continue to this day. Not only have they cost Ashley Madison tens of millions of dollars, but also resulted in an investigation by the U.S. Federal Trade Commission, an institution that enforces strict and costly security measures to keep user data private.

What can be done in your company?

Even though there are many unknowns about the hack, analysts were able to draw some important conclusions that should be taken into account by any company that stores sensitive information.

·  Strong passwords are extremely important

As was revealed after the attack, and despite most of the Ashley Madison passwords were protected with the Bcrypt hashing algorithm, a subset of at least 15 million passwords were hashed with the MD5 algorithm, which is very vulnerable to bruteforce attacks. This probably is a reminiscence of the way the Ashley Madison network evolved over time. This teaches us an important lesson: No matter how hard it is, organizations must use all means necessary to make sure they don’t make such blatant security mistakes. The analysts’ investigation also revealed that several million Ashley Madison passwords were very weak, which reminds us of the need to educate users regarding good security practices.

·  To delete means to delete

Probably, one of the most controversial aspects of the whole Ashley Madison affair is that of the deletion of information. Hackers exposed a huge amount of data which supposedly had been deleted. Despite Ruby Life Inc, the company behind Ashley Madison, claimed that the hacking group had been stealing information for a long period of time, the truth is that much of the information leaked did not match the dates described. Every company must take into account one of the most important factors in personal information management: the permanent and irretrievable deletion of data.

·  Ensuring proper security is an ongoing obligation

Regarding user credentials, the need for organizations to maintain impeccable security protocols and practices is evident. Ashley Madison’s use of the MD5 hash protocol to protect users’ passwords was clearly an error, however, this is not the only mistake they made. As revealed by the subsequent audit, the entire platform suffered from serious security problems that had not been resolved as they were the result of the work done by a previous development team. Another aspect to consider is that of insider threats. Internal users can cause irreparable harm, and the only way to prevent that is to implement strict protocols to log, monitor and audit employee actions.

It is an ongoing effort to ensure the security of an organization, and no company should ever lose sight of the importance of keeping their entire system secure. Because doing so can have unexpected and very, very expensive consequences.

The post A dating site and corporate cyber-security lessons to be learned appeared first on Panda Security Mediacenter.

Read More

You shouldn’t use these 320 million passwords

Looking for a new password you probably should avoid these 306 million - password search, Passwortsuche

You’re looking for the one, the unbeatable password? Well, security expert Troy Hunt does have a few hundred million available – that you should try and stay away from. Troy Hunt is best known for the service he offers on haveibeenpwned.com: a search that allows you to see if your email address was compromised by a data […]

The post You shouldn’t use these 320 million passwords appeared first on Avira Blog.

Read More

The Most Common Tactics Among Cybercriminals

What do cybersecurity breaches have in common? In general, they are perpetrated by intruders who use stolen or insecure passwords to attack companies and private users for their own financial gain.

This is the common pattern for cyberattacks, according to Verizon’s 2017 Data Breach Investigations Report. The tenth edition of this report confirms that cybercrime is driven by economic reasons. 73% of attacks were for economic reasons and it is no coincidence that financial institutions are the main victim of these attacks (24%).

Although cybercriminals are more prepared, better organized, and using more sophisticated methods, the use of unsafe passwords remains a scourge in the area of ​​security. 81% of attacks are based on insecure or stolen passwords, being the main tactic used. While it is true that there is no such thing as an impregnable system, implementing basic security measures can prevent major catastrophes. At the corporate level, for example, using double-factor authentication and encrypting the most sensitive information will put considerable obstacles in attackers’ paths.

Malware is still a big business

Malware was present in 51% of the cases in which a security breach occurred. This result is due in large measure to the surge of ransomware, whose use is up 50% since 2015, mainly for organized crime. Although it first emerged in 1989, the use of this type of malware has grown exponentially in recent years: ransomware has gone from being the 22nd most common malware variety in 2013 to the 5th in its current position. Most troubling in the report is that, despite the fact that ransomware has a growing presence in the media, companies still rely on outdated security solutions to combat it. In short, they are paying out rewards to regain control of their data rather than investing in security solutions that anticipate and prevent these attacks.

Beyond ransomware, phishing is still one of cybercriminals’ favorite techniques. They used this method in 43% of security breaches, both in cases of cyberespionage and in attacks with economic motives.

The B-side of cybercrime

If 51% of security breaches were malware-related, it means that we have 49% of cases in which there were other causes, including advanced hacking techniques. In the face of such threats, traditional anti-virus protection has no answers: they are advanced attacks that evolve in real time to bypass security measures used by companies or home users.

The Verizon study points out that companies must rethink their protection strategies to defend themselves against such attacks. The best way to combat these advanced threats is with dynamic security solutions that constantly evolve to protect your business. For example, our Adaptive Defense solution uses contextual logic to reveal patterns of malicious behavior and generate cyber-defense actions against known and unknown threats. The Panda platform has blocked more than 2.3 million security breaches in 2016, and remains always a step ahead of cybercriminals.

The post The Most Common Tactics Among Cybercriminals appeared first on Panda Security Mediacenter.

Read More