SAN MATEO, CA, July 25, 2022 — Cybersecurity news weekly roundup. Stories, news, politics and events impacting the network security industry during the last week. Brought to you by NetworkTigers.
- Major risks discovered in Okta
- Hacker selling user data from Twitter breach
- Hacker gang outsourcing crime to “cyber mercenaries”
- Russian TV channels hacked to show war coverage
- Virtual pet website breach exposes 69 million members
- FBI: beware of fake crypto apps
- NFT influencer’s Twitter hacked
- Albania’s public online services blocked due to cyberattack
- Experiment reveals smart homes to be cyberattack magnets
Major risks discovered in Okta
Four security risks have been discovered by Authomize researchers in popular identity and access management platform Okta. Risks found allow malicious actors to gain super admin privileges, extract passwords and more. Okta maintains that the findings are “risks” as opposed to “vulnerabilities,” because they aren’t bugs in the platform but rather ways that those with bad intentions can use the platform’s features to cause damage. Read more.
Hacker selling user data from Twitter breach
A hacker has exploited a vulnerability in Twitter and is now selling stolen information. The contact details for 5.4 million Twitter users has been posted to Breached Forums. The seller, using the screen name “devil,” says that the information included belongs to random Twitter users as well as celebrities and companies. The data is listed for $30,000. Read more.
Hacker gang outsourcing crime to “cyber mercenaries”
Hacker-for-hire organization Atlantis Cyber-Army is apparently not immune to the lack of workers in tech, as it has not turned to recruiting “cyber mercenaries” to commit its crimes. Only the leaders of the group know the full scope of their plans, breaking campaigns into separate pieces that hired guns complete. Read more.
Russian TV channels hacked to show war coverage
A handful of Russian TV channels have been hacked, their programming replaced with banned coverage of the war in Ukraine. Hacking collective Anonymous has claimed credit for the hacks via Twitter. Anonymous has previously taken credit for similar hacks over the past months that have attempted to inform the Russian people of the country’s military actions. Read more.
Virtual pet website breach exposes 69 million members
Neopets, a website where people can raise and play games with virtual pets, has suffered a data breach that leaked its source code as well as data belonging to 69 million users. The information stolen contains birth dates, zip codes, usernames, email addresses, names and more. It is not currently known how the hacker selling the data, going by the name TarTaX, was able to gain access to it. Read more.
FBI: beware of fake crypto apps
The FBI is urging crypto enthusiasts to be wary of apps that are designed to extort them. The apps feature logos, language and names of financial institutions to appear as though they are legitimate. The FBI has reported that 244 US investors have lost around $42 million to scammers via fraudulent crypto schemes. Read more.
NFT influencer’s Twitter hacked
Zeneca, a popular NFT influencer, has had their Twitter and Discord accounts hacked. Both accounts posted a link that alleged to lead to an airdrop that their followers would have interest in. However, the link led users to connect their wallets to a fraudulent site. The financial damage from the hack has not yet been reported. NFT communities have been targeted by hackers repeatedly in recent months. Read more.
Albania’s public online services blocked due to cyberattack
A ransomware attack targeting Albania’s government websites led to the country shutting down all public sites as a precautionary measure in order to isolate the attack. While government sites are unreachable, public services can still be performed at offices around the country. Early detection, back ups and collaboration with Microsoft to return to operational status suggest that Albania’s websites will be back online soon. Read more.
Experiment reveals smart homes to be cyberattack magnets
A study performed by Which? has revealed that homes packed with connected smart devices are under consistent attack by criminals looking for vulnerabilities. After setting up a home with a range of smart devices, included TVs, cameras, thermostats and security features, the property was observed having been attacked up to 14 times in an hour. Read more.