Tag: data breach

Macy’s Was Hacked — What You Need To Know

Author wefightforsecurityPosted on November 20, 2019November 20, 2019Categories UncategorizedTags , , , ,

Two important pages of Macy’s website was hacked for one week in October. During that period your credit card details and other information may have been stolen. You were only impacted if you went to the checkout page or your wallet page. Any information entered, including credit cards was sent to the criminals between October 7th, 2019 and October 15th, 2019 when they detected and removed it.

How was Macys hacked? The information given makes it sound like persistent XSS, which means code in a computer language called Javascript was entered into an area that accepts information and was saved and stored with all the other information. It then contacted the hackers and sent any to the hackers system with the information, until it was removed.

This type of hack truly is trivial for most hackers to do, but we’re glad Macy’s detected it and removed it in a week.

Data breach victims can sue up to $1,000, CA senate bill says

Author wefightforsecurityPosted on June 1, 2018Categories cyber securityTags , , , , ,

A  California Senate Bill states each victim can sue up to $1,000 for being impacted. This has just passed the California senate. If this becomes law,  companies who suffer data breaches will be on the line for hundreds of billions of dollars. If the Equifax data breach had occurred and this was law they  would’ve paid up to 400 billion dollars if this was a federal data breach law, in every state and country victims were affected by the equifax data breach.

 

The wording is as such, that the person has to be affected, not be a registered user of your service. This is a very important detail, for cases like Cambridge Analytica where some debate if that was a breach of data, despite the company getting the data via an app that allegedly the description wasn’t accurate as to how the data would be used  and allegedly using it to influence US voters.

 

It is far cheaper to hire a company who specializes in security with an elite team of freelance security professionals who will audit your systems and then explainhow to avoid the problems detected along with written patches for each issue, if you’re on that tier, then have to pay billions of dollars, as data breaches hit everyone, because few truly care about security

 

 

CCleaner Hacked Up to 2 million impacted by Malicious CCleaner — Is it worse Than Equifax?

Author wefightforsecurityPosted on September 18, 2017Categories UncategorizedTags , , , , , , , , ,

CCleaner distribution center was hacked  and a malicious version of CCleaner was put in it’s place.  Unfortunately, up to 2 million CCleaner users downloaded a malicious version that had a RAT, also called remote access tool. This could be worse than Equifax, which some would say that is unrealistic, because Equifax affected up to 142 million people. However, it only affected the information curated by Equifax, not the entire users computer, which some of them most likely had their SSN, along with other very personal information.

What Is CCleaner and how was I affected?

CCleaner is used to clean up computers, which naturally would tick off hackers. So, in August 2017 a hacker with malicious intent broke into the CCleaner servers and replaced  the legitimate CCleaner  with one that had malware in it. Over 2 million people downloaded malware or to be more precise, a remote access tool that allowed the hacker to gain access to your computer’s name, a list of installed software and Windows updates, running processes, MAC addresses of network adapters alongside additional information.

 

While that sounds pointless, it actually isn’t. This information is sent back to a hacker who is using a U.S server. Now the hacker knows the system he has infected and how secure or insecure it is, then without pointing out how he got into the system he has an easier way of exploiting it. Or he could exploit the system after already being inside of it, but from what we’re reading it appears the remote access tool was doing recon work after infecting you to find another way into your system, so the malicious version of CCleaner wouldn’t be noticed for awhile and they suceeded. CCleaner was hacked with a RAT on August 15th and wasn’t detected until September 12th. That’s almost a full month the hackers had complete access to two million systems.

 

To conclude, it appears the hackers used the malicious version of CCleaner to do recon, or if this were a traditonal robbery the term “case the joint” would be used. They infected the computers, to see how to get into the system further without their initial point of entry, which in this case the CCleaner hack from being noticed.

Depending on what type of data was exfiltrated, this could be worse than equifax, because it affected more data. We are looking at the quality of the data stolen, not the quantity of the data stolen. Clearly the quantity of the data stolen from Equifax is far higher than CCleaner, but CCleaner may have gotten the users higher quality data they can use for ransom and other malicious uses or reselling it.

We will continue to update this, to keep you informed