July Hacks and Vulnerabilities of the Month
Last updated on November 5th, 2020 at 11:34 am
As we have an eye on all Tech news for anyone who missed it, here are the cyber-attacks and security vulnerabilities for the month. Read on for the July Hacks and Vulnerabilities of the Month.
Password Security Vulnerability
15 billion hacked online passwords were being sold on the dark web. How were they stolen? It ranges from successfully hacking company databases to phishing campaigns. The stolen users’ credentials include usernames and passwords. The security vulnerability is the reuse of the same password across various sites. We recommend never using the same password across various online accounts. A best practice to avoid using a password more than once is using a strong password manager. Whichever password manager you end up using don’t forget to update all passwords every 3 months. You never know if that password manager login or any login credentials saved can be hacked.
Zoom Security Vulnerability
The recent new Zoom security measure presents a security flaw found in the video conferencing platform. The security vulnerability now patched, or should we say fixed, was for password-protected meetings. The password on Zoom would automatically populate six numbers to password protect new upcoming conference meetings. This new forced password access to a conference call is one of the latest attempts from Zoom to secure its platform. The video conferencing platform has grown in popularity earlier in the year, has had previous security vulnerabilities that you can learn more on. We strongly suggest everyone to use alternative video conference calls such as jitsi, google duo, etc.
July Computer Hacks
Twitter Bitcoin Hack
Top celebrity accounts were hacked with a bitcoin hack tweet coming from account users in tech, Apple, and personalities, Elon Musk. The scam tweet message offered to double any Bitcoin sent to a digital wallet due to COVID-19. The attack consisted of gaining access from a small number of employees’ credentials that had internal account management tools. Hence how the attacker took control of these twitter accounts. They had access to their tweets, Direct Message inbox, and downloadable data. The security breach is one the biggest to date for Twitter. Even though this cyber attack hijacked “famous” people and brands we recommend you adopt 2-factor authentication on top of a password login on all social media accounts you own.
MGM hotel guests data hacked
Hotel giant MGM became the latest hotel chain hacked that was disclosed in February, actually now reveals updates on the total amount of hotel guests. The total that they reported was about 10 million and now that number soars to 142 million. As previously reported the hotel guests data breached included:
- Full Names
- Home Addresses
- Phone Numbers
- Birth Dates
- Emails
The leaked information came from a successful spear-phishing campaign or SIM swapping attacks.
Garmin Fitness Tech Ransomware Attack
A successful ransomware attack locked Garmin’s systems, leaving the company to shut down a few sites. Such as the website, customer support, company communications, and Garmin Connect data sync service. The company has restored the systems but is still currently experiencing data connection and syncing accurately. They claim no personal information was compromised but if you use Garmin fitness products and app services, you can read their FAQ page on the attack. We would like to inform business owners that ransomware is one of the biggest cyberattacks that can happen to any sized business. And causes long periods of downtime which, in turn, is causing any sized business loss in revenue.