Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label User. Show all posts

Decentralized Network Friend.tech Faces Controversy After Data Breach

 

In the dynamic landscape of cryptocurrency and decentralized networks, Friend.tech emerged as a promising contender; however, it has faced significant backlash following a recent data breach. This event has sparked concerns regarding the platform's security protocols and the broader implications for users who rely on third-party platforms to safeguard their information.

Commencing on a Positive Note Yet Marred by Security Apprehensions

Friend.tech, a decentralized social network, made headlines by accumulating a remarkable $1 million in fees on its inaugural day. The platform's rapid growth and potential to enhance Bitcoin utilization garnered praise from both industry experts and enthusiasts. Nevertheless, this initial triumph lost its sheen when Banteg, an unfamiliar contributor to Yearn Finance, brought to light a substantial breach of user data on GitHub. This revelation exposed sensitive details of over 101,000 individuals, including their Base wallet addresses and associated Twitter identities.

The celerity with which Friend.tech conceived and launched its platform is laudable; however, it raises queries about the adequacy of security measures in place to safeguard user data. The recent breach understandably instilled alarm among its users, precipitating a wave of criticism and anxiety.

The Authority and Risk of Third-Party Privileges
A contentious aspect of Friend.tech is its capacity to compose tweets and retweets on behalf of users. While this innovation is intriguing, it has been met with skepticism and disapproval, particularly in the wake of the recent data breach. Numerous Twitter users have expressed concerns, urging others to rescind Friend Tech's access to their accounts. A user cogently highlighted the dangers, tweeting, "Contemplate entrusting a third party with such authority over your profile. A solitary security lapse could lead to utter devastation."

In response to these apprehensions, users are advised to navigate to their Twitter account settings and sever Friend Tech's access. By entering the 'Security and account access' section and selecting 'Connected account,' users can effectively revoke the platform's privilege to post and retweet on their behalf.

Friend Tech's Defense and the Path Ahead

Spot On chain experts have illuminated the technical intricacies of the breach, revealing that Friend.tech's API inadvertently divulged user-generated wallet addresses, making them accessible via the API. Noteworthy is the fact that Friend.tech functions as a web3 social application on the Base Layer 2 chain incubated by Coinbase. This distinctive arrangement allows users to trade shares in Twitter accounts and gain entry to exclusive chat rooms.

Despite the controversy, Friend Tech's popularity remains steadfast, particularly among prominent figures. Distinguished personalities such as Richard "FaZe Banks" Bengtson II, co-founder of a prominent esports community, and NBA star Grayson Allen, have witnessed a surge in their share values after affiliating with the platform.

In defense of the breach, Friend.tech contended that the exposed data resembled information accessible on a public Twitter feed. Nonetheless, Banteg's disclosure presents a contrasting view, suggesting that 101,183 individuals inadvertently granted Friend.tech the authority to post on their behalf.

While the decentralized realm offers remarkable potential and ingenuity, it also presents a set of challenges. Platforms like Friend.tech must prioritize user security to uphold trust and ensure a sustainable future in the industry. As Friend Tech continues to expand and evolve, this incident stands as a poignant reminder of the significance of online security. Users are strongly advised to exercise caution when conferring third-party platforms with access to their social media accounts and to remain informed about potential security vulnerabilities.

Safeguard Your Home Against Rising Cyber Threats, Here's All You Need To Know

 

Malicious cyber actors have the ability to exploit vulnerable networks within households, potentially compromising personal and private information of family members, including children and elders.

In today's highly connected world, it is crucial to prioritize cybersecurity and take proactive steps to protect your household from cyber threats.

Educating your children and elders about the significance of safeguarding personal information, using strong passwords, and understanding cybersecurity best practices can significantly reduce the risk of falling victim to cyberattacks. 

As the threat landscape continues to evolve, safeguarding your household from malicious actors becomes paramount. To protect your family from cyber threats, consider implementing the following measures:

1. Manage your routing devices:
  • Keep your devices up-to-date with the latest firmware and software.
  • Secure your home network by using unique router usernames and strong passwords.
  • Create a separate guest network for visitors.
  • Change passwords regularly and schedule weekly router reboots.

2. Secure laptops, computers, and web devices:
  • Cover cameras when not in use to prevent unauthorized access.
  • Utilize non-admin accounts for everyday activities.
  • Regularly update operating systems and apply security patches.
  • Disconnect devices from the internet when not in use.
  • Enable multi-factor authentication or use passkeys where possible.
  • Schedule weekly reboots for added security.

3. Manage home assistants:
  • Be aware of which devices in your home have listening capabilities.
  • Avoid having sensitive conversations near home assistants.
  • Mute their microphones when not in use.
  • Review and understand the terms and conditions before accepting them blindly.

Additionally, it is crucial to protect senior relatives from cyberattacks, as they are often targeted for financial frauds due to their limited exposure to technology. 

Educate seniors about common scams and advise them to send unknown calls to voicemail, use credit freezes, and set strict privacy settings on social media. Legal tools such as living trusts, guardianships, or power of attorney can also be utilized to safeguard seniors from scammers.

When teaching children about cybersecurity, instill good cyber hygiene and privacy practices from an early age. Use cybersecurity games and resources suitable for their age group to impart knowledge effectively. 

Beyond passwords and privacy, educate children about verifying online information and identifying phishing and smishing attempts. Encourage them to be mindful of their privacy settings on social media platforms to prevent cyberbullying and protect their personal information.

By adopting these cybersecurity practices and fostering a cybersecurity-conscious environment, you can significantly enhance the safety and security of your family in the digital world.

Massive Data Breach at HCA Healthcare: 11 Million Patients' Information Compromised by Hackers

 

Hospital and clinic operator HCA Healthcare has announced that it experienced a significant cyberattack, posing a risk to the data of at least 11 million patients. 

The breach affects patients in 20 states, including California, Florida, Georgia, and Texas. HCA Healthcare, headquartered in Nashville, disclosed that the compromised data includes potentially sensitive information such as patients' names, partial addresses, contact details, and upcoming appointment dates.

This breach, discovered by the company on July 5, is considered one of the largest healthcare breaches in history. HCA Healthcare revealed that the hackers accessed various types of information, including patient names, cities, states, zip codes, emails, telephone numbers, dates of birth, genders, service dates, locations, and next appointment dates.

"This appears to be a theft from an external storage location exclusively used to automate the formatting of email messages," the company said in its Monday announcement.

"The company disabled user access to the storage location as an immediate containment measure and plans to contact any impacted patients to provide additional information and support, in accordance with its legal and regulatory obligations, and will offer credit monitoring and identity protection services, where appropriate," it said.

If the estimated number of affected patients reaches 11 million, this breach would rank among the top five healthcare hacks reported to the Department of Health and Human Services Office of Civil Rights. The most severe breach in this sector occurred in 2015 when medical insurer Anthem was compromised, affecting 79 million individuals. In that case, Chinese spies were indicted, but there is no evidence that the stolen data was ever sold.

According to the Associated Press, the suspected hacker behind the HCA breach initially posted a sample of the stolen data online on July 5, attempting to sell it and potentially extort HCA. The hacker claimed to possess 27.7 million records and subsequently released a file on Monday containing nearly 1 million records from HCA's San Antonio division.

To ensure the legitimacy of any invoices or billing requests, HCA is advising patients to contact the chain at (844) 608-1803 before making any payments. The company has reported the incident to law enforcement and engaged third-party forensic and threat intelligence advisors. 

HCA maintains that the breach, which exposed approximately 27 million rows of data related to around 11 million patients, did not include highly sensitive information such as patients' treatment or diagnosis details, payment information, passwords, driver's license numbers, or Social Security numbers.

Although DataBreaches.net initially reported on the hack and shared a code sample purportedly offered by the hacker, HCA's spokesperson clarified that the code was an email template developed by the company, and the client ID mentioned referred to a doctor's office or facility, not a patient.

HCA Healthcare assured that it has not discovered any evidence of malicious activity on its networks or systems related to this incident. As an immediate containment measure, the company has disabled user access to the storage location. 

HCA intends to reach out to affected patients to provide additional information and support, complying with legal and regulatory obligations. It will also offer credit monitoring and identity protection services where necessary. HCA Healthcare operates more than 180 hospitals and 2,000 care locations, including walk-in clinics, across 20 states and the U.K., according to its website.

Government Issues High-risk Warning for iPhone Users

 

Apple iPhones are known for their strength and security features. The Cupertino-based tech behemoth releases security updates for its devices on a regular basis. Although Apple recommends that people install the most recent builds of iOS on their iPhones in order to have a more protected and feature-rich operating system, older iPhone models are incapable to deploy the most recent updates due to hardware limitations. 

Some users prefer to run older versions of iOS for simplicity of use, but it's important to note that older iOS versions are easier to exploit. One such flaw has been discovered in Apple's iOS, and the Indian government has issued a warning to iPhone users.

According to the Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology, a vulnerability in iOS has been disclosed that could permit an attacker to implement arbitrary code on the targeted device. Apple iOS versions prior to 12.5.7 are vulnerable for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).

This vulnerability exists in Apple IOS due to a type of confusion flaw in the WebKit component, according to CERT-In. An attacker could utilize this vulnerability by luring the victim to a maliciously crafted website. An attacker who successfully exploits this vulnerability may be able to execute arbitrary code on the targeted system. 

The security flaw is actively being exploited against iOS versions prior to iOS 15.1. To avoid being duped, install the new iOS 12.5.7 patch, which Apple released earlier this week.

Shangri-La Reports Major Data Breach at Eight Hotels, Guests Data Leaked

 

A database breach at Shangri-La Group has potentially exposed the personal information of guests who stayed at its hotels in Singapore, Hong Kong, Chiang Mai, Taipei, and Tokyo. 

Mr. Brian Yu, the group's senior vice-president for operations and process transformation, stated in an e-mail to affected guests on Friday: "A sophisticated threat actor managed to bypass Shangri-IT La's security monitoring systems undetected and illegally accessed the guest databases." The breach occurred between May and July 2022, according to its investigation. 

Around the same time, Asia's top security summit, the Shangri-La Dialogue, returned to Singapore after a two-year hiatus due to the pandemic. From June 10 to 12, the event was held at the eponymous Shangri-La hotel on Orange Grove Road near Orchard Road. In the e-mail sent to the affected guests, Mr. Yu confirmed that certain data files had been stolen from the breached databases.

"Although we were not able to confirm the content of the exfiltrated data files, it is likely that they contained guest data," he added.

Upon being asked whether the Shangri-La Dialogue was specifically targeted, a hotel spokesman said, “There is no evidence to suggest any specific hotel or event was singled out. As a matter of policy, we do not disclose information about our guests.” 

"Data related to the Shangri-La Dialogue was stored on a separate secure server and was not affected in this incident," stated a spokesman for the event's organiser, the International Institute for Strategic Studies (IISS).

The Singapore Cyber Security Agency mentioned that it is aware of the incident and urged organisations to monitor and check their IT networks for signs of suspicious activity regularly. The  properties affected are listed below:

• Shangri-La Apartments, Singapore
• Shangri-La Singapore
• Island Shangri-La, Hong Kong
• Kerry Hotel, Hong Kong
• Kowloon Shangri-La, Hong Kong
• Shangri-La Chiang Mai
• Shangri-La Far Eastern, Taipei
• Shangri-La Tokyo

Following the discovery of unauthorised network activity, the hotel group said it hired cyber forensic experts to investigate the discrepancies. The databases of the hotels affected by this incident contained a combination of the following data sets: guest names, e-mail addresses, phone numbers, postal addresses, Shangri-La Circle membership numbers, reservation dates, and company names, according to the statement.

The hotel chain assured guests that there is currently no evidence that their personal information has been released or misused by third parties. As a precaution, in destinations where local regulations allow, it is providing affected guests with a one-year complimentary identity monitoring service provided by Experian, a third-party cyber security service provider.

"We deeply regret this has occurred and wish to assure you that all necessary steps have been taken to investigate and contain this incident. This notice provides information about what happened and how we can assist you," wrote Mr. Yu in the e-mail.

He ensured guests that data such as passport numbers, ID numbers, dates of birth, and credit card numbers with expiry dates are encrypted. "Protecting our guests' information is very important to us and we wish to assure you that all necessary steps have been taken to further strengthen the security of our networks, systems, and databases. Once again, we deeply regret any inconvenience or concerns this incident may cause."

Over 1,900 Signal User Data Exposed

 

The attacker involved in the latest Twilio data leak may have obtained phone numbers and SMS registration codes for 1,900 Signal users.

“Among the 1,900 phone numbers, the attacker explicitly searched for three numbers, and we’ve received a report from one of those three users that their account was re-registered,” the Signal team shared on Monday.

Twilio offers phone number verification services (through SMS) to Signal. Earlier this month, several Twilio employees were duped into receiving SMS messages that seemed to be from the company's IT department. The attacker gained access to information pertaining to 125 Twilio client accounts, including Signal's.

“During the window when an attacker had access to Twilio’s customer support systems it was possible for them to attempt to register the phone numbers they accessed to another device using the SMS verification code,” the Signal team explained.

As previously stated, the attacker was able to re-register at least one of the three numbers they specifically sought for.

“All users can rest assured that their message history, contact lists, profile information, whom they’d blocked, and other personal data remain private and secure and were not affected,” the team noted. That’s because that data is stored on the users’ device and Signal has no access to or copy of it. “And this information certainly is not available to Twilio, or via the access temporarily gained by Twilio’s attackers,” the team added.

Unfortunately, if the attacker was successful in re-registering an account, they might impersonate the user by sending and receiving Signal communications from that phone number.

Signal is immediately contacting potentially affected users of this vulnerability through SMS. The business has unregistered Signal on all devices that these 1,900 users are now using (or that an attacker has registered for them) and is requesting that they re-register Signal with their phone number on their preferred device.

Furthermore, they are advising them to enable registration lock (Signal Settings (profile) > Account > Registration Lock) for their account, which is a function that aids in the prevention of this sort of fraud.

The attacker was able to obtain either the phone numbers of 1,900 registered Signal users or the SMS verification code they used to register with Signal as a result of this.

“The kind of telecom attack suffered by Twilio is a vulnerability that Signal developed features like registration lock and Signal PINs to protect against. We strongly encourage users to enable the registration lock. While we don’t have the ability to directly fix the issues affecting the telecom ecosystem, we will be working with Twilio and potentially other providers to tighten up their security where it matters for our users,” the team concluded.