May Hacks of the Month (Security Flaws)
Here are the latest May hacks of the month from cyberattacks, data breaches, security flaws you may have missed.
Zoom Passwords Exposed
Over 500,000 Zoom users’ account information reported being sold on the dark web. Cybercriminals gained access to the user’s accounts by credential stuffing attacks from users. As the company hits 300 million active monthly users, hackers are targeting the platform due to its weak security measures. The information exposed was usernames, passwords, and meetings URLs. According to cybersecurity researchers, the hackers found old current passwords that are still active and that are used on other accounts. Again here in this time, many individuals should be creating unique passwords per online accounts. A benefit of creating one-use passwords for each account is storing them on a secured password manager.
Over 160,000 Nintendo accounts suffered a data breach when hackers compromised the accounts payment information. The company released a statement that cybercriminals indeed compromised the payment methods of PayPal account and credit cards linked to the Nintendo Network ID (NNID). Nintendo users reported charges for digital items without their permission. Here is the information exposed:
- Account Users Nicknames
- Date of Birth
- Email Addresses
As a result, the company sent an email for password resets to the accounts affected. They claim these accounts were accessed by weak or reused passwords that have been previously exposed. Security tip, enable two-factor authentication on your Nintendo account.
Microsoft Security Flaw
Security vulnerability found in Microsoft window versions 7, 8.1, 10, and windows server 2008, 2012, 2016, and 2019. The flaw is an arbitrary code with system privileges. This means an attacker can install programs, view, change or delete data and lastly, create a new user account with full user rights. The solution for this security flaw is Microsoft’s Patch Tuesday. To download and update the latest windows security measures, and if not a reminder is no patch update is available for older systems end of life, windows 7.
Laptop Port Security Flaw
Intel’s thunderbolt port on millions of computers. Any computer machine manufactured between 2011 and 2020 is affected. As well as if your computer operating system is Windows, Linux, and MacOS. If you’re wondering what is Thunderbolt port is it’s the physical port on your computer (lighting symbol) is the non-standard USB-C port to power to charge your phones and connect external GPU. To best protect yourself never leave your computer unattended, lock your screen, and protect your computers with a security tool. Not sure how to check security vulnerability contact us to help out.
LiveJournal User Data Breach
A database of 26 million LiveJournal accounts breached as well as leaked and sold via the dark web. LiveJournal is a popular community blogging platform since the early 2000s. The reports of accounts leaked come from 2014 and 2017 incidents which both were never confirmed by LiveJournal. The LiveJournal data breach exposed:
- Email Addresses
This incident has been published on Have I Been Pawned, a site where you can read more on related data breaches. Our security tip is to change your password and to click on the previous link to check if your email has been exposed to this data breach or any other breach.
Security Tips Take away