Tag Archive for: attempts

Pokemon resets some users passwords after hacking attempts


The Pokemon Company said it detected hacking attempts against some of its users and reset those user account passwords.

Last week, an alert was visible on Pokemon’s official support website, which said that “following an attempt to compromise our account system, Pokemon proactively locked the accounts of fans who might have been affected.”

The alert about hacking attempts that The Pokemon Company posted on its official support website.The alert about hacking attempts that The Pokemon Company posted on its official support website.

The alert about hacking attempts that The Pokemon Company posted on its official support website.

The alert about hacking attempts that The Pokemon Company posted on its official support website.

As of Tuesday, the alert is gone. A spokesperson for the company said there was no breach, just a series of hacking attempts against some users.

“The account system was not compromised. What we did experience and catch was an attempt to log in to some accounts. To protect our customers we have reset some passwords which prompted the message,” said Daniel Benkwitt, a Pokemon Company spokesperson.

Pokemon is a wildly popular game franchise with hundreds of millions of players around the world.

Benkwitt said that only 0.1% of the accounts targeted by the hackers were actually compromised, and reiterated that the company already forced the impacted users to reset their passwords, so there isn’t anything to do for people who have not been forced to reset their passwords.

The description of the Pokemon account breaches sounds like credential stuffing, where malicious hackers use usernames and passwords stolen from other breaches and reuse them on other sites.

A recent example of a similar incident is what happened last year to the genetic testing company 23andMe. In that case, hackers used leaked passwords from other breaches to break into the accounts of around 14,000 accounts. By breaking into those accounts, the hackers were then able to access the sensitive genetic data on millions of other 23andMe account holders.

That prompted the company (and several other of its competitors) to roll out mandatory two-factor authentication, a security feature that prevents credential stuffing attacks.

For its part, the Pokemon Company does not allow its users to enable two-factor on their accounts, when TechCrunch checked.

Source…

How Google Chrome Plans to Block Hacking Attempts on Users’ Network |


Google has been adding features to Chrome to keep users safe. In a bid to strengthen the security of the web browser, the company is working on a feature that will detect and block hacking attempts to gain control of the target’s network.
How Google Chrome will block hacking attempts
Web browsers act as the medium between a user and the internet, hence, it becomes important for it to have safety features to protect users from hackers and take control of your network. By gaining the control of the network, hackers can monitor all the unencrypted traffic to and fro from all the devices that are connected to that particular internet connection.
For example, if your Wi-Fi is hacked, cybercriminals can spy on all the computers, laptops and mobile phones connected to the Wi-Fi. This can also provide access to personal information like name, address, and even financial information.
The upcoming feature will scan connection attempts to user network devices and stop any suspicious activity. Before a website A navigates to another site B in the user’s private network, the feature will “check whether the request has been initiated from a secure context” and “whether B responds with a header that allows private network access.”
“The above checks are made to protect the user’s private network. Since this feature is the ‘warning-only’ mode, we do not fail the requests if any of the checks fails. Instead, a warning will be shown in the DevTools, to help developers prepare for the coming enforcement,” Google said on the Chrome Platform Status website.
Google Chrome Tracking Protection
Earlier this year, Google started to roll out the Tracking Protection feature that will limit cross-site tracking by restricting website access to third-party cookies by default. The move is aimed at making browsing on Chrome more safe and secure. Google plans to phase out third-party cookies for everyone in the second half of 2024.

Source…

Rising Wave of Hacking Attempts Targeting Sensitive Data on NHIS Servers


The number of hacking attempts from abroad targeting the health insurance server, which contains personal, financial, and medical information, is on a steep rise. (Image courtesy of Yonhap)

The number of hacking attempts from abroad targeting the health insurance server, which contains personal, financial, and medical information, is on a steep rise. (Image courtesy of Yonhap)

SEOUL, Oct. 19 (Korea Bizwire) – The number of hacking attempts from abroad targeting the health insurance server, which contains personal, financial, and medical information, is on a steep rise.

According to data from the National Health Insurance Service (NHIS) on Wednesday, cyberattacks on NHIS servers have been on the rise since the NHIS implemented in-house security control in 2019. 

The number of cyberattack attempts detected by the NHIS over the past five years amounted to 1,781 in 2019, 3,684 in 2020, 3,489 in 2021, 8,429 in 2022, and 8,448 cases so far this year. 

At 98.3 percent, almost all of the cyberattack attempts are made from abroad. By country, China had the largest share, followed by the U.S., Netherlands, and Germany. Data on cyberattack attempts from North Korea is not compiled as North Korean IP addresses are originally interrupted at the NHIS communication server. 

Approximately 64.3 percent of the cyberattack attempts occurred during non-official work hours. According to the NHIS, all detected cyberattack attempts were interrupted, and a data breach has yet to occur.

The NHIS handles personal information, including ID numbers, financial information such as cards and accounts, and medical information, including medical checkups and recuperation allowances for 57 million individuals. 

To cope with the increase in cyberattacks and advancements in hacking techniques, the NHIS is working on several countermeasures, including expanding dedicated staff, mobilizing a multi-layered defense system, and operating a segregated Internet network.

Kevin Lee ([email protected])


Source…

Inside Russia’s attempts to hack Ukrainian military operations : NPR


In this photo illustration, the 502 Bad Gateway message is seen on Ministry of Defence of Ukraine official webpage displayed on a smartphone screen and flag of Ukraine in the background.

SOPA Images/LightRocket via Getty Images


hide caption

toggle caption

SOPA Images/LightRocket via Getty Images

In this photo illustration, the 502 Bad Gateway message is seen on Ministry of Defence of Ukraine official webpage displayed on a smartphone screen and flag of Ukraine in the background.

SOPA Images/LightRocket via Getty Images

KYIV, Ukraine — Ukrainian intelligence officials have revealed details to NPR about an attempt by Russian state hackers to penetrate Ukrainian military planning operations systems.

The hackers from Russian military intelligence captured Android tablet devices used by Ukrainian officers on the front lines in an attempt to spy, according to a report published by the Security Service of Ukraine’s Cyber Security Situation Center.

“We saw that there were attempts to penetrate these systems,” said Illia Vitiuk, the head of the Cybersecurity Department of Ukraine’s Security Services, also known as the SBU. Vitiuk spoke to NPR in an exclusive interview in Kyiv on Wednesday.

“Our enemy is extremely focused on getting insight into these systems,” he continued.

The Ukrainian military uses multiple tools for situational awareness to track Russian troop positions and gather other intelligence from the land, air and sea. Those include Delta, a military platform developed by the Defense Technology Innovation and Development Center within Ukraine’s Ministry of Defense, and Kropvya, a defense mapping software made by Ukrainian NGO Army SOS. Developers working on these systems in Kyiv are becoming increasingly aware of Russia’s focus on them, and are declining to openly discuss the platforms and how they work to…

Source…