Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Malwares. Show all posts
NSW Bug
Customer Data Exposed Cyberattacks Cybersecurity Data Breach Malwares MyGov App NSW Bug

Data of 3700 Customers Exposed by the Service NSW Bug

 


It has been confirmed that Greg Wells, Service NSW's chief executive, said that the personal information of 3,700 customers was left exposed. This incident occurred on March 20 between 1:20 pm and 2:54 pm. 

Earlier this week, 3700 affected customers received an email from Service NSW's chief executive Greg Wells. The email informed them that their information may have been exposed for 90 minutes due to an update on the company's website on March 20. 

The agency says logged-in individuals could now access the personal information of other logged-in customers who also use Service NSW services due to a privacy incident. The exposed information could include details such as the customer's driving license number, vehicle registration number, mobile number, and your child's name. 

As stated in the email to those affected, Service NSW believes the risk of being harmed by this incident is very low. In addition, this incident was not a cyberattack. Based on Service NSW information, the incident was meant to affect only the website and did not impact the mobile app. 

There were only a few customers affected by this problem who logged on to the website during that period. There was a possibility that they could access other users' data simultaneously. As far as app users are concerned, it does not apply to them. There was no breach of personal data involved in the matter, according to a representative of the government agency in NSW. The issue affected only the landing dashboard page. After 90 minutes, the dashboard page on the landing page was taken down, and the issue was resolved quickly. 

In the email, the customer was advised to be aware of suspicious communications. They should keep an eye out for them as soon as they receive them. Affected customers are informed by email that they do not have to act immediately. This is because their details were “only accessible for a short period to another logged-in individual and were not searchable” because they were not available to anyone else at any time. 

Service NSW has begun an investigation into the incident to prevent similar issues in the future. In addition, the agency has suggested that customers contact ID Support NSW to find out what they can do to better their chances of regaining their identity and for counseling. 

There was an incident that occurred just a few days after federal officials announced they were planning to add a digital Medicare card to the Service NSW app. This was as a means of improving accessibility.

The digital card can be used by MyGov app users from Thursday (31 March) and there has been no interruption in service. In their view, the government believes the digital version will provide more security and be more accessible to the public, both of which will increase efficiency.
Read more »
Privacy
Cyberattacks CyberCrime Cyberfraud iCloud MaaS Malwares Passwords Privacy

iCloud Keychain Data and Passwords are at Risk From MacStealer Malware

 


Uptycs, a cybersecurity company that discovered the information-stealing malware while searching for threats on the dark web, is warning that Mac computers have been the latest targets of updated info-stealing malware. 

The iCloud Keychain can easily access cryptocurrency wallets with the help of MacStealer. This is an innovative malware that steals your credentials from your web browsers, cryptocurrency wallets, and potentially sensitive files stored in your iCloud Keychain. 

The MacStealer malware is distributed as malware-as-a-service (MaaS), whereby the developer sells pre-built builds for $100, allowing customers to run their marketing campaigns and spread the malware to their victims. 

On the dark web, cybercriminals use Mac computers as a breeding ground to launch malware and conduct illegal activities. This makes the dark web a prime place to conduct illegal activities and launch malware. 

Upon discovering the newly discovered macOS malware, the Uptycs threat research team reported that it could run on multiple versions of Mac OS. This included the current Mac OS, Catalina (10.15), and the latest and greatest Apple OS, Ventura (13.2). 

Sellers claim that the malware is still in beta testing and that there are no panels or builders available. In China, Big Sur, Monterey, and Ventura provides rebuilt DMG payloads that infect macOS with malware. 

To charge a low $100 price for a piece of malware without a builder and panel, the threat actor uses this fact. Despite this, he will release more advanced features as soon as possible. 

A new threat named MacStealer is using Telegram as a command and control (C2) platform to exfiltrate data, with the latest example being called PharmBot. There is a problem that affects primarily computers running MacOS Catalina and later with CPUs built on the M1 or M2 architecture. 

According to Uptycs' Shilpesh Trivedi and Pratik Jeware in their latest report on the MacStealer exploit, the tool steals files and cookies from the victim's browser and login information. 

In its first advertising on online hacking forums at the beginning of the month, this project was advertised for $100, but it is still far from being finished. There is an idea among the malware authors of adding features to allow them to access notes in Apple's Notes app and Safari web browser. 

Functioning of Malware

MacStealer is distributed by the threat actors using an unsigned DMG file which is disguised as being something that can be executed on Mac OS if it is tricked into going into the system.

As a result, the victim is presented with a fake password prompt to run the command, which is made to look real. The compromised machine becomes vulnerable to malware that collects passwords from it. 

Once it has collected all the data described in the previous section, the malware then begins to spread. As soon as the stolen data is collected, it is stored in a ZIP file. It is then sent to a remote server for processing and analysis. Later on, the threat actor will be in a position to collect this information as well.

Additionally, MacStealer is also able to send some basic information to a pre-configured Telegram channel, which allows the operator to be notified immediately when updates to the stolen data have been made, which will enable him to download the ZIP file immediately as well.

What can You do to Protect Your Mac?

You can do a few things right now to ensure that you have the latest software update installed on your Mac computer, beginning with opening the Settings app and checking that it is the latest version. 

The first thing you should do is install it as soon as possible if it has not been installed already. You should make sure that all of your Apple devices are up-to-date before you begin using them since Apple is constantly improving its security. 

Your devices will be protected from malware if you use antivirus software, which protects you from potentially malicious links on the internet. By clicking the magnifying glass icon at the top of my webpage, you can find my expert review of the highest-rated antivirus protection for your Windows, Mac, Android, and iOS devices, which includes reviews of which ranked antivirus protection for Windows, Mac, Android, and iOS devices.  

Different forms of malware, such as email attachments, bogus software downloads, and other techniques of social engineering, are utilized to spread stealer malware. 

Keeping up-to-date the operating system and security software of the computer is one of the best ways to mitigate such threats. In addition, they should not download files from unknown sources or click on links they find on the internet. 

"It becomes more important for data stored on Macs to be protected from attackers as Macs become more popular among leadership teams as well as development and design teams within organizations", SentinelOne researcher Phil Stokes said in a statement last week.
Read more »
Subscribe to: Posts (Atom)