Cyberaanval Australisch parlement, gebruikersdata in de uitverkoop en Facebook’s CSRF bounty
Door: Lex Borger; 24 februari 2019
Cyberaanval Australisch parlement
Australia’s parliament confirmed that is investigating a suspicious security incident
A government cybersecurity expert said one difficulty in identifying the perpetrators was that the hackers used tools that had not previously been seen.
The nations most likely to carry out such an attack are China and Russia, security experts said, though Iran, Israel and North Korea also have sophisticated cyberwarfare capabilities.
Nation states zijn behoorlijk actief geweest, getuige de volgende berichten:
Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies
Alleged Iran-linked APT groups behind global DNS Hijacking campaign
North Korea’s Lazarus Hackers Found Targeting Russian Entities
Gebruikersdata in de uitverkoop
Hacker puts up for sale third round of hacked databases on the Dark Web
Today, the hacker published eight more hacked DBs containing data for 92.76 million users. The biggest name in today’s batch is GfyCat, the famous GIF hosting and sharing platform.
Hacker ‘Gnosticplayers’ gaat door met gebruikersdata verkopen.
During an interview with The Hacker News, the hacker also claimed that many targeted companies have probably no idea that they have been compromised and that their customers’ data have already been sold to multiple cyber criminal groups and individuals.
“This bug could have allowed malicious users to send requests with CSRF tokens to arbitrary endpoints on Facebook which could lead to takeover of victims accounts. In order for this attack to be effective, an attacker would have to trick the target into clicking on a link.” wrote the expert.