Cybersecurity experts — Planet Zuda
cyber-security experts
Author wefightforsecurityPosted on October 9, 2017Categories Uncategorized
Planet Zuda was in Readers digest explaining when you should give out your Social Security number, unfortunately a typo has us as Planet Zuta. An excerpt of what we said in Readers Digest says “First, focus on where you have to give your SSN”
If you want to read more, check out Readers Digest.
https://www.rd.com/advice/saving-money/times-to-never-disclose-social-security-number/
Author wefightforsecurityPosted on October 9, 2017October 9, 2017Categories Uncategorized
PureVPN in our opinion is a shady VPN provider, but we aren’t saying that because PureVPN worked with the FBI to catch a criminal. We are saying this based on experience our founder actually has had with them and when they were hacked.
PureVPN’s founder Uzair Gadit email was allegedly hacked years ago that sent out a message to users saying we could get refunds. Why a criminal would send out refund emails is something we don’t know the answer to, but in response to this we contacted them and somewhere in this process we were informed that the email address had been hacked. We argued for a long time for the refund, but what they exposed surprised us. They were willing to show us how many gigabytes of data we had used while being online. From what we experienced and per our knowledge, we firmly believe they do keep some logs or some form of file that if not technically called a log, stores data on you. This made us stop using PureVPN for all purposes.
We later discovered PureVPN was using insecure software on their site, which we believe makes their statement that they provide “Complete Online Security, Privacy and Anonymity” to be inaccurate.
What does PUREVPN say on assisting the FBI and what information they store on you? This is what they have said so far.
“We do not maintain any log of your internet traffic or browsing data. We keep timestamps, as of which purevpn ip was assigned to which username at what time and date. Refer to the link for further information: https://www.purevpn.com/term.php
When further pushed on how many gigabytes they store they repeated theirselves by saying “We keep timestamps, as of which purevpn ip was assigned to which username at what time and date.”
We do not have a problem with tracking down criminals, even if that includes assisting law enforcement, however we do have a problem with companies who make claims that per what we know are not true and PureVPN falls into the latter.
We will update this if PureVPN provides more information.
Author wefightforsecurityPosted on October 9, 2017Categories Uncategorized
The Yahoo! Security breach of 2013 seems like old news, however a revelation has occured. We used to believe the Yahoo! Security breach of 2013 only affected 1 billion accounts. We have now learned it has affected all users of Yahoo!. If for some odd reason you are still using a password from 4 years ago on Yahoo! or have used that password on other sites, please change them now.
Author wefightforsecurityPosted on September 18, 2017Categories Uncategorized
CCleaner distribution center was hacked and a malicious version of CCleaner was put in it’s place. Unfortunately, up to 2 million CCleaner users downloaded a malicious version that had a RAT, also called remote access tool. This could be worse than Equifax, which some would say that is unrealistic, because Equifax affected up to 142 million people. However, it only affected the information curated by Equifax, not the entire users computer, which some of them most likely had their SSN, along with other very personal information.
CCleaner is used to clean up computers, which naturally would tick off hackers. So, in August 2017 a hacker with malicious intent broke into the CCleaner servers and replaced the legitimate CCleaner with one that had malware in it. Over 2 million people downloaded malware or to be more precise, a remote access tool that allowed the hacker to gain access to your computer’s name, a list of installed software and Windows updates, running processes, MAC addresses of network adapters alongside additional information.
While that sounds pointless, it actually isn’t. This information is sent back to a hacker who is using a U.S server. Now the hacker knows the system he has infected and how secure or insecure it is, then without pointing out how he got into the system he has an easier way of exploiting it. Or he could exploit the system after already being inside of it, but from what we’re reading it appears the remote access tool was doing recon work after infecting you to find another way into your system, so the malicious version of CCleaner wouldn’t be noticed for awhile and they suceeded. CCleaner was hacked with a RAT on August 15th and wasn’t detected until September 12th. That’s almost a full month the hackers had complete access to two million systems.
To conclude, it appears the hackers used the malicious version of CCleaner to do recon, or if this were a traditonal robbery the term “case the joint” would be used. They infected the computers, to see how to get into the system further without their initial point of entry, which in this case the CCleaner hack from being noticed.
Depending on what type of data was exfiltrated, this could be worse than equifax, because it affected more data. We are looking at the quality of the data stolen, not the quantity of the data stolen. Clearly the quantity of the data stolen from Equifax is far higher than CCleaner, but CCleaner may have gotten the users higher quality data they can use for ransom and other malicious uses or reselling it.
We will continue to update this, to keep you informed
Author wefightforsecurityPosted on September 13, 2017September 14, 2017Categories cyber security, Uncategorized
The Equifax hack & the Equifax data breach was horrible, because it has affected up to 143 million people that had their social security numbers exposed in the Equifax data breach disaster. Now Equifax Argentina has been hacked due to equifax using no security measure for a certain portals login credentials. So, what happened with Equifax data breach? Equifax security had a history of not responding or fixing known security vulnerabilities in their system at the time the equifax hack in the U.S took place. One of many vulnerabilities that had not been fixed was an xss that was reported a year prior to the malicious hack, which may help show the negligence that Equifax showed towards their cyber-security.
After the Equifax hack in the U.S took place, the Argentina Equifax hack took place, because their username and password were the same default credentials, no one in the world should be using. What was their username and password? admin for username and the password was also admin.
If you haven’t heard that Equifax royally screwed up on providing credit card monitoring, or even if you have heard that they messed up, it’s far worse than what you know. Originally when people accepted the Equifax credit card monitoring they were waiving their rights to sue Equifax for the equifax data breach, according to multiple reports. After they came under extreme criticism Equifax updated their terms to say they meant you can’t sue them for the use of the credit card monitoring, but you can still sue them for the cyber-security breach that has already occurred.
If the Equifax credit card monitoring issues stopped there, that would be amazing but Equifax showed they weren’t prepared to handle a breach. Equifax only provides you a year of free monitoring services and they use their own companies services to provide you that one year of monitoring. Senator Schatz wrote a scathing, yet one hundred percent factual critique of Equifax and the Equifax data breach that points out they will make a large profit off of their credit monitoring, because per his critique, Senator Schatz stated that was insufficient. He Also pointed out that their current one year monitoring model makes them profit when people can go back to the company that equifax owns for continued monitoring after the year is up.
It was pointed out by others that Equifax can make up to $120 of profit per person off of credit card monitoring per their page that allows you to sign up. If all 142 million people affected paid for the next year of credit card monitoring they would make 14 billion dollars off of the breach, just on the credit card monitoring. Senator Schatz went on to point out that they will make 30 dollars off of each person who wants to freeze their credit card file, which is a smart thing to do.
After the scathing critique from Senator Schatz, and colleagues and many other people who protested over the credit freeze charge Equifax announced they will be allowing free credit report freezes until November 21st and refunding anyone who paid for the service after the breach was announced. A credit freeze is also known as a security freeze for your credit report adding layers of security helping protect criminals from opening new credit in your name.
Equifax went on to say that you will not be automatically enrolled or charged after the free year of credit monitoring is over. However, they do not state that they won’t use the email addresses or other information to contact you to let you know you have the option to enroll for another year. Their wording is quite specific in that it states you won’t be automatically enrolled, so the probability of them trying to manually convert you into a paying customer whether via email blasts or phone calls still appears to remain per the wording they have chosen to use.
Now let’s make this very clear, the Equifax data breach could still make them up to 14 billion dollars if every single person used their service and was manually or via automatic blast email opted into one paid year of monitoring after the free year ended. Let’s make it equally clear that not every person has signed up for their monitoring nor would every person renew services, but let’s say 50 percent of the 142 million people affected used the service for an additional year on their own dime. Based off of Equifax’s site the services cost $120 a year so , Equifax could make 8 billion and 520 million dollars. Even if only 25 percent of people renewed they would make 4 billion and 200 million dollars off of their own disaster. Nonetheless, they stand to profit off of being hacked.
When you go to equifaxsecurity2017.com to see if you are hacked and click on any button to see if you were affected by the hack or to enroll in the one year monitoring, they are going to direct you to go to trustedidpremier.com. Most people won’t notice this, since sadly people don’t pay attention to the site they are actually on. This site asks for your six digit social security number, which quite frankly you should never enter online. Furthermore, you did not hire Equifax to collect the data that was leaked on you, they collect it as part of their business model for their clients. You are not the client, you are the product, which the well written CNN piece makes painfully clear.
Updated: We were correct that Equifax was hacked by the March, 2017 Apache Struts bug.
Updated: Providing insight to the carefully crafted Equifax announcment that looks like they are blaming Apache Struts, but are evading from doing so. Removed the Quartz article link, since that article appears to be partially inaccurate.
Equifax released a statement that many news outlets took as admitting they were hacked by an Apache Struts vulnerability, however after careful analysis, that isn’t what they were saying whatsoever. They were simply noting that their is evidence that someone may have tried to use the 2 month old Apache struts vulnerability, but have not yet confirmed that is indeed how the hack took place. While we do believe not updating Apache Struts is one way an attacker could’ve gotten in, their security is inexcusably weak making it possible that a different exploit was used.
However the equifax data breach wouldn’t have happened as badly if they hadn’t kept so much data about people online, that the people did not ask to be collected about them. When a site you are the customer of is hacked that’s one thing, when a site that you are the product of and in this case you are a product of Equifax, that’s entirely different. You are the victim in this scenario, and Equifax put too much of your personal data online. Also, they did not fix known security vulnerabilities.
The Equifax Data breach in Argentina occured because someone had the idea to put the username and password as admin for the username and admin as password. Now to be fair, they may have just bought some software and did not follow the instructions or do any security review whatsoever, like resetting the default admin credentials for the portal they were using. As far as we know, only thousands upon thousands of people were affected in the Equifax Argentina Data Breach. The Equifax Argentina data breach is a developing story, so we will continue to update this as more information becomes available.
There have been multiple Equifax breaches this year, but so far we know that the U.S was affected, Argentina was affected, U.K was partially affected.
We will continue to update this article when more information becomes available
