The Attackers Seem to be Winning

I don’t know whether this is a slow news week or things are getting bad but check out all of these items this week:

I could have easily listed twice as many hacks, but I stopped after a dozen.

1. SonicWall says to disable your SSL VPN in their firewalls – They are seeing a significant uptick in attacks and don’t know if this is an old vulnerability or a new one, but until they figure it out, they recommend not having a working VPN capability is better than getting hacked. Credit: Tech Crunch
2. French telecom giant Bouygues breached – The attack allowed the hackers to steal information on 6.4 million customers. Data stolen included bank account information. Credit: Tech Crunch
3. CISA and Microsoft issued an alert on a “high severity” vulnerability in Exchange. This only affects on premise Exchange, but if you are running that, it is time to patch. If your version is End-Of-Life, disconnect it from the Internet, which sort of makes a mail server not very useful. Credit: The Record
4. TeaOnHer, a rival to Tea App (for women), breached. TeaOnHer is the men’s equivalent of TeaApp (which was hacked last week). Like Tea, TeaOnHer didn’t bother to secure their data, including over 72,000 images, including photo IDs. The Tea App breach exposed direct messages to the tune of a million of them on subjects including abortion. Credit: Tech Crunch
5. Orange, France’s largest telecom, hacked. Orange has more than 290 million customers in Europe and Africa. As they work to contain the damage they have taken some systems offline, which affects customer services. Credit: The Record
6. Why go to the effort of attacking satellites with missiles when you can just hack them? A Black Hat presentation described how easy it is to attack satellites and their ground stations. One of the presenters used to work for the EU satellite regulator and got tired of telling the companies they were vulnerable, only to see the companies ignore them. Credit: The Register
7. Google’s Salesforce instance hacked, customer data stolen. Google has joined the crowd of companies whose Salesforce instance has been compromised using voice phishing. The attack is being attributed to ShinyHunters, who has been very successful. Credit: Bleeping Computer
8. Cisco Salesforce instance also hacked. Same method, probably same hackers. Not sure if Salesforce is the problem or whether companies are not training employees on voice phishing attacks. Credit: Bleeping Computer
9. Axis security cameras vulnerable to takeover; can run arbitrary code. Hackers could hijack entire security networks, crash camera systems and tap into live camera feeds. The researchers found thousands of vulnerable camera systems, but there are probably a lot more. Credit: Data Breach Today
10. Chinese hackers used a vulnerability in Apple Pay and Google Pay to bypass MFA and compromise as many as 115 million cards. This is another example of security or convenience, pick one. It combines smishing with social engineering and a dose of vulnerability to steal billions of dollars. Credit: Hack Read
11. Akamai bug enabled mass credential compromise. The details are pretty technical and once researchers were able to connect the dots and link the attacks of many, many company’s credentials to a common point – they all use Akamai – Akamai quickly fixed the bug. The bug affected almost every Akamai customer, including the US government, SaaS providers and big tech. Credit: Security Week
12. And to round out a dozen, Cloudflare was also attacked using a similar but slightly different variant of the Akamai attack. The hack allowed researchers to redirect the visitors of any of Cloudflare’s millions of customers to sites controlled by the researchers. Credit: Security Week

So you tell me – is this just a bad week or are the hackers winning? I think the hackers are winning. In many cases, like 11 and 12 above, the companies would not even know they were vulnerable unless the hackers told them.

Need help? Contact us.

by