Tag Archive for: Reports

Hacker exposed weakness in German electronic ID, magazine reports


A hacker has reportedly uncovered security gaps in the online functions of Germany’s new national ID cards, according to the news magazine Der Spiegel.

Using his own software instead of the official government AusweisApp, the hacker managed to access login data for the so-called eID function of Germany’s identity card, which is intended to allow German citizens to securely identify themselves online.

According to the report, this is activated for more than 50 million ID card holders and serves as the basis for digital administrative procedures. It is also used for identification at banks, among other things.

The hacker, who goes by the pseudonym “CtrlAlt,” used the trick to open an account at a major German bank under someone else’s name.

A spokesman for the Chaos Computer Club (CCC), a well-known German hacker and computer security group, confirmed to Der Spiegel that the hacker had exposed a critical point in the eID procedure on mobile devices.

“This is a realistic attack scenario,” the spokesman told the news magazine. “It must be prevented that an ID app other than the officially approved one can register and log into the cell phone for eID authentication.”

The hacker had already informed Germany’s Federal Office for Information Security (BSI) of his findings on December 31.

The agency told Der Spiegel that it saw no reason to “change the risk assessment for the use of the eID,” since the vulnerability appeared to be not in the eID system itself but in devices used by consumers.

However, the agency said it would still examine a possible adjustment to the system.

Source…

CBS and Paramount’s parent company reports hack affecting over 80,000 people


National Amusements, CBS and Paramount’s parent company, reported a year-old hack this month affecting 82,128 people. TechCrunch first covered the breach, revealed in a company legal filing with Maine’s Attorney General under a 2005 state digital privacy law. National Amusements hasn’t commented publicly on the intrusion outside of the legal filing, and it isn’t clear if customer (or “only” employee) data was stolen.

Maine’s data breach notification says the hack occurred over a year ago, from December 13 to 15, 2022. It states 82,128 people were affected, 64 of whom were Maine residents. National Amusements’ senior vice president of human resources filed the notice, which may suggest (but not confirm) that it revolved largely or entirely around internal employee data. The filing says the company began notifying customers in writing on December 22, 2023 — 372 days after the breach.

“On or about December 15, 2022, National Amusements became aware of suspicious activity in our computer network,” the notification letter to victims reads. “We immediately took steps to secure our network and minimize any disruption to our operations.”

However, that last sentence contains an inconsistency, as the notice posted by Maine’s Attorney General’s office lists the “date breach discovered” as August 23, 2023. That suggests the company didn’t know about the intrusion until eight months after the incident, hardly qualifying as “immediately” taking steps.

The filing says hackers accessed financial information, including “account number or credit/debit card number (in combination with security code, access code, password or PIN for the account).” National Amusements wrote in Maine’s notice that it’s offering victims 12 months of Experian credit monitoring and identity theft services to customers whose social security numbers were taken.

Engadget contacted National Amusements for confirmation or additional info. We will update this article if we hear back.

National Amusements gained a controlling stake in Paramount and CBS in 2019 following the Viacom-CBS merger. This hack appears separate from one Paramount disclosed in August through Massachusetts’…

Source…

WGRE Reports DePauw Attacked by Black Suit Ransomware Gang


Editor’s NoteThis article was submitted by WGRE News Director Taylor Fleming. The DePauw gives WGRE full credit for this news piece. 

DePauw’s Cyber incident was an attack by the Black Suit Ransomware gang. Black Suit claims to have stolen two-hundred fourteen gigabytes of data. The gang operates by stealing and encrypting data on a compromised network. This story was originally reported by The Record, a news organization run by cybersecurity firm Recorded Future. Last week, DePauw notified many students and parents that their social security numbers and other personal information may have been stolen by an unauthorized third party. This third party has turned out to be Black Suit. According to the US government’s Health Sector Cybersecurity Coordination Center, Black Suit is a relatively new ransomware group that was discovered in early May 2023. However, Black Suit is likely linked to another ransomware group called Royal. Royal was the direct successor of defunct Russian hacker group Conti. The FBI has been assisting DePauw University as they navigate this attack. DePauw has offered impacted students one year of free identity protection services. DePauw University found out about the cyber attack on October 31.

Source…

Kaspersky reports growth in gamer cyberattacks in 2023, ETCIO SEA


The global gaming community, which currently accounts for nearly half of the world’s population, has found itself increasingly under fire by cybercriminals, according to a comprehensive investigation by Kaspersky. In the period spanning from July 2022 to July 2023, the cybersecurity company discovered the growing vulnerability of the gaming user base. Cybercriminals exploited this vast community to access personal data, launching a range of attacks, including web vulnerabilities, Distributed Denial of Service (DDoS) attacks, cryptocurrency mining, and complex Trojan or phishing campaigns.

In the period from July 1, 2022, to July 1, 2023, Kaspersky’s solutions detected a substantial 4,076,530 attempts to download 30,684 unique files masked as popular games, mods, cheats, and other game-related software. These incidents affected 192,456 users worldwide. These files – primarily classified as unwanted software and often labeled as not-a-virus:Downloader (89.70%), – are not innately perilous, but they are capable of downloading various other programs, even malicious ones, onto the user’s device. Adware (5.25%) and Trojans (2.39%) were also noteworthy threats to desktop gamers.

Minecraft emerged as the favored target among cybercriminals, responsible for triggering 70.29% of all alerts. The threats using Minecraft as bait impacted 130,619 players across the globe during the reporting period. Roblox was the second most targeted game title, contributing to 20.37% of all alerts affecting 30,367 users. Counter-Strike: Global Offensive (4.78%), PUBG (2.85%), Hogwarts Legacy (0.60%), DOTA 2 (0.45%), and League of Legends (0.31%) were also among the prominent games subjected to cyber threats.

The mobile gaming community, which, according to the Newzoo 2023 report consists of over three billion gamers, or nearly 40% of the world’s population, is characterized by its significant growth and accessibility, and has become an enticing target for cybercriminals. Between July 1, 2022, and July 1, 2023, Kaspersky documented 436,786 attempts to infect mobile devices, impacting 84,539 users.

Various game titles were employed as bait to target mobile…

Source…