Cyber Bites

Microsoft has recently begun to urge users to stop using mobile-based multi-factor authentication (MFA), such as one-time SMS codes or voice calls, and instead are encouraging users to use newer MFA solutions such as security keys or app-based authentication. Alex Weinert, Directory of Identity Security at Microsoft has issued these warnings, with Weinert being Microsofts main advocate over the past year for encouraging users to enable MFA for their Microsoft accounts.

Multiple sources have reported that Iranian threat actors have been identified as being responsible for the two recent ransomware waves targeting Israeli companies. These ransomware attacks targeting Israeli targets have been happening since mid-October, and have intensified this month. There have been Israeli companies of all sizes targetted by the attacks, with the actors using Pay2Key and WannaScream ransomware strains in these attacks. In these attacks, hackers have breached corporate networks, encrypted files, stolen company...

Outpost 24's 2020 Web Application Security for Retail & E-commerce Report has found that US retailers are far more vulnerable to web application attacks than EU based retailers. The cybersecurity firm Outpost 24 discovered that web apps used by US retailers had a higher aggregated average risk score of 35 compared to EU retailers who have a lower aggregated average risk score of 31. Outpost 24 report also shows that the US retailers have a...

Over 6,000 people's personal data has been published online by Bungling officials following a 'serious' data breach. The Department for the Work and Pensions (DWP) has apologised after it was discovered that an extensive list of National Insurance numbers was left exposed online for over two years. The data that has been left exposed is thought to belong to welfare claimants applying for PIP disability benefits. A watchdog has been examining the incident, with two...

A number of data-scraping groups have been using the Facebook link preview feature to scrape data from internet sites which disguised as Facebook's content crawler. They are using a technique which consists of utilising Facebooks developer accounts in order to place calls to Facebook or Facebook's Messenger API servers requesting a link preview for pages a group wanted to scrape. Facebook then fetch the data, assemble it in a link preview, and send it to...

According to Outpost 24's Web Application Security for Retail & E-commerce Report, US retailers are more vulnerable to web application attacks than retailers based in the EU. Outpost 24, a cybersecurity firm, calculated that web apps used by American retailers have a larger aggregated average risk score of 35, compared to their EU counterparts smaller risk scores of 31. US retailers were also found to have a wider attack surface, running more publicly exposed web...

Mashable, a major tech and culture news website has recently experienced a data breach which has resulted in the personal data of their users being exposed online. On Sunday 8 November Mashable issued a statement confirming that their database had breached and that they had discovered that reader who use their social media sign-in feature to access the site have had their details posted online. The data that has been exposed includes users full names,...

A threat actor is selling the RedDoorz database containing 5.8 million user record on a hacking forum following a data breach in September. RedDoorz is a hotel management and booking platform based in Singapore, which manages bookings for over 1,000 properties in Southeast Asia. Users can register an account to browse hotels and book reservation using the platform via the website or mobile app. After RedDoorz experienced the breach in September they believed that none...

Luxottica, the world's largest eyewear company, has recently suffered a data breach which has resulted in the exposure of the personal information of Lenscrafters patients. The attack also affected Optical, EyeMed and other eye practices. Luxottica warned that “the personal information involved in this incident may have included: full name, contact information, appointment date and time, health insurance policy number, and doctor or appointment notes that may indicate information related to eye care treatment, such...

The Spanish developer Prestige software has experienced a data breach after misconfiguring an AWS bucket. The breach has lead to the exposure of their cloud database, and the data of millions of hotel guests. Prestige software is a platform which enables hotels to automate their availability on booking site such as Expedia. The misconfigured S3 bucket contained more than 100 individual login details, dating back to as far as 2013. Mark Holden, a Website Planet...