Burger Breach, Extra Credential-Stuffing, with a Side-Channel
08/21/23 • 40 min
In the latest Unmasked episode, we're taking a deep dive into August headlines, unpacking all the threats and vulnerabilities that lurk in our digital realm. We're covering some major ground, from the Burger King data breach to unsettling cyber attacks on hospital EMR systems.
Join us as we also get into the nitty-gritty of credential-stuffing attacks, exploring the quirky world of threat group naming, and delving into the intriguing realm of side channel attacks – it's like something out of a spy movie!
Cybersecurity is like a never-ending puzzle, always evolving. So, keep your eyes peeled, stay informed, and remember that things are rarely straightforward in the world of cybersecurity!
You can subscribe to Unmasked wherever you get your podcasts.
Show notes
Headlines for beginning of August
- Emergency Rooms in 5 states shut down due to cyber attack
- WhatA- cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted
- The “data security incident” began Thursday at facilities operated by Prospect Medical Holdings, which is based in California
- Then spread to Texas, Connecticut, Rhode Island and Pennsylvania.
- Ransomware Attack Disrupts Health Care in at Least Three States - The New York Times (nytimes.com)
- Burger King's Data Breach Exposes Sensitive Credentials
- Experienced a serious data breach that made private login information public
- Security Affairs was first to note the vulnerability
- Exposed credentials could be exploited be malicious actors to access additional systems, perpetrate identity theft or launch targeted attacks on induvial and organizations to the breached data
- Burger King has reportedly taken immediate steps to rectify the situation
Additional: Burger King Serves Up Sensitive Data, No Mayo (darkreading.com)
- Retail chain Hot Topic discloses wave of credential-stuffing attacks (bleepingcomputer.com)
- Sub topic: What is "Credential Stuffing"?
- Microsoft shifts to a new threat actor naming taxonomy | Microsoft Security Blog
- New naming conventions
- Weather related names (Blizzard, Sleet, Typhoon)
- Does this help or hurt?
- Need we ask, does this "water down the threats?" "Downpour of confusion?"
- Table with APT names: How Microsoft names threat actors | Microsoft Learn
- Acoustic attack
New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy (thehackernews.com)
- This is one of those things people love to make sound magic.
- Sensitive compartmented information facility - Wikipedia
In the latest Unmasked episode, we're taking a deep dive into August headlines, unpacking all the threats and vulnerabilities that lurk in our digital realm. We're covering some major ground, from the Burger King data breach to unsettling cyber attacks on hospital EMR systems.
Join us as we also get into the nitty-gritty of credential-stuffing attacks, exploring the quirky world of threat group naming, and delving into the intriguing realm of side channel attacks – it's like something out of a spy movie!
Cybersecurity is like a never-ending puzzle, always evolving. So, keep your eyes peeled, stay informed, and remember that things are rarely straightforward in the world of cybersecurity!
You can subscribe to Unmasked wherever you get your podcasts.
Show notes
Headlines for beginning of August
- Emergency Rooms in 5 states shut down due to cyber attack
- WhatA- cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted
- The “data security incident” began Thursday at facilities operated by Prospect Medical Holdings, which is based in California
- Then spread to Texas, Connecticut, Rhode Island and Pennsylvania.
- Ransomware Attack Disrupts Health Care in at Least Three States - The New York Times (nytimes.com)
- Burger King's Data Breach Exposes Sensitive Credentials
- Experienced a serious data breach that made private login information public
- Security Affairs was first to note the vulnerability
- Exposed credentials could be exploited be malicious actors to access additional systems, perpetrate identity theft or launch targeted attacks on induvial and organizations to the breached data
- Burger King has reportedly taken immediate steps to rectify the situation
Additional: Burger King Serves Up Sensitive Data, No Mayo (darkreading.com)
- Retail chain Hot Topic discloses wave of credential-stuffing attacks (bleepingcomputer.com)
- Sub topic: What is "Credential Stuffing"?
- Microsoft shifts to a new threat actor naming taxonomy | Microsoft Security Blog
- New naming conventions
- Weather related names (Blizzard, Sleet, Typhoon)
- Does this help or hurt?
- Need we ask, does this "water down the threats?" "Downpour of confusion?"
- Table with APT names: How Microsoft names threat actors | Microsoft Learn
- Acoustic attack
New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy (thehackernews.com)
- This is one of those things people love to make sound magic.
- Sensitive compartmented information facility - Wikipedia
Previous Episode
Breaches, Scams, and Countdown to DEFCON
Welcome to the latest episode of Unmasked. In this episode, we dive into the end of July headlines, covering a class action lawsuit against John Hopkins following a major data breach, emphasizing the need for better data handling and security practices. We also explore the complexities of IoT device regulation, questioning the absence of tech giants like Apple and Microsoft in this area. The episode educates listeners on online scams and provides essential tips to avoid falling victim to phishing tactics. Additionally, it stresses the importance of timely software updates and informed decision-making to enhance cybersecurity in the digital realm. All this and the building anticipation of the upcoming DEFCON.
Episode 3 show notes:
Headlines for the end of July
- John Hopkins- Hit with Class Action Lawsuit connected to data breach
- Filed by the patient named Pamela Hunter, alleges that Hopkins "failed to properly secure and safeguard" patients' personal and medical information.
- If based on original MoveIT breach- not their fault/ hard to prove
- If plaintiff can prove negligence, then potential cancelation of cybersecurity insurance policy etc.
- Biden Administration is tackling smart devices with a new label
- US Cyber Trust Mark- would require smart products to meet certain thresholds, including ongoing software security support, to qualify for the program
- FCC says the mark will signify that the devices meet/ and maintain certain standards
- Main devices would be smart home appliances, TV's, climate controllers, but also list smart fitness tracker
- Mark would be a shield – indicating that that device is meeting the standards
- Participating manufactures and retailers are: Amazon, Google, Samsung, Logitech, Best Buy
- Back to School Scams- Amazon Releases Scam warning email to all customers
- Unexpected calls, texts, emails that refer to costly membership fees going up if you do not act now...
- Issues with your membership- asking for bank account/ payment info
- Amazon issues warnings:
- Trust Amazon –owned channels
- Beware of false urgency
- Never pay over the phone
- Verify links first
- Apple fixes new Zero Day threat
- Apple is aware of a report that this issue may have been actively exploited," the company said in an advisory describing a WebKit flaw tracked as CVE-2023-37450 that was addressed in a new round of Rapid Security Response (RSR) updates earlier this month.
- The other zero-day patched today is a new Kernel flaw tracked as CVE-2023-38606 that was exploited in attacks targeting devices running older iOS releases.
- exploited against versions of iOS released before iOS 15.7.1
- DEFCON – Mark to interview industry folks while out in Las Vegas this week
Next Episode
Fake Ads, Insider Threats, and a Big Data Dump
In this thrilling episode of Unmasked, our cybersecurity superheroes plunge headfirst into the late August headlines to uncover the most cutting-edge and formidable cyberattacks. Fasten your seatbelts and ensure your hands remain securely inside the vehicle as we embark on an exhilarating journey through the world of cybersecurity.
Along our path, we'll make intriguing stops, including a detour through the realm of deceptive Amazon ads on Google, an exploration of Tesla's security breach stemming from an insider threat, and a stealthy incursion targeting the renowned international snack-maker, Mondelez, by way of a third-party partner. You might recognize Mondelez from their household snack brands like Ritz and Honey Maid. All this and much more await you in this week's gripping episode.
You can subscribe to Unmasked on Spotify, Amazon, or wherever you get your podcasts.
Show notes:
August Headlines
Sneaky Amazon Google ad leads to Microsoft support scam (bleepingcomputer.com)
- Classic Tech Support scam
- But done in clever way
- Data leaked to German media
- Former employees behind the breach
- Employees misappropriated the information
Hackers ask $120,000 for access to multi-billion auction house (bleepingcomputer.com)
- IABs
- initial access through VPN or RDP
- privileges associated with the access accounts ranged from cloud administrator (14 cases) to local admin (5 cases) and domain user (2 cases)
- positive side effects, such as uncovering areas that need stronger security or identifying devices, services, and accounts that could pose a risk.
Mondelez says crooks stole staff data in security breach • The Register
- Mondelez International – Parent company for Oreo and Ritz Crackers and many others
- 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker
- Mondelez was among the global companies hit in the NotPetya outbreak — and it recently settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover Mondelez's $100-million-plus cleanup bill
- data may have been compromised for 24 months.
Unmasked - Burger Breach, Extra Credential-Stuffing, with a Side-Channel
Transcript
Welcome to Unmasked , brought to you by Ashura , where the superheroes of cybersecurity provide a clearer understanding of the threats we face in our digital world . Hey
Pauleverybody , welcome out to another episode of Unmasked , where we give you a little bit of a lighter side of cybersecurity and headlines that matter . We're going to start off tod
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/unmasked-373529/burger-breach-extra-credential-stuffing-with-a-side-channel-53486537"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to burger breach, extra credential-stuffing, with a side-channel on goodpods" style="width: 225px" /> </a>
Copy