Tag Archive for: Storing

1,859 Mobile Apps, Mostly iOS, Found Storing Hard-Coded Credentials for AWS Databases

/in


According to research from Symantec, as many as 1,859 publicly available Android and iOS apps contain hard-coded AWS credentials. The unsafe mobile application development practices are paving the way for such supply chain vulnerabilities.

AWS access tokens are active in around 77% (1,431) of these 1,859 apps, which makes it possible for threat actors to access private AWS cloud services. Additionally, almost half of these apps (873) containing valid AWS access tokens provided access to private databases stored in Amazon S3 containing millions of files and data records.

The scenario is ideally suited for threat actors to breach data and have a far-reaching impact on the privacy of users and the security fabric of the entire mobile software supply chain. Such databases are usually leveraged by mobile app developers to store sensitive data, including but not limited to communication, app logs, private customer/user data, etc.

Case studies undertaken by Symantec Threat Hunter Team researcher Kevin Watkins revealed one such instance contained private authentication data and keys belonging to every banking and financial app. Personal data, including the names, dates of birth, et al., and 300,000 digital biometric fingerprints, were leaked across five mobile banking apps using the SDK.

Watkins also came across 16 online gambling apps that expose the entire infrastructure and cloud services across all AWS cloud services with full read/write root account credentials. As a result, their gaming operations, business data, and customer data are at risk.

Yet another case revealed that a company’s tech stack exposed all files it had on its intranet for more than 15,000 medium-to-large-sized companies, as well as customers’ corporate data, financial records, and employees’ private data.

Each of these cases has one thing in common. Companies exposed in each case leverage vulnerable software development kits (SDKs), libraries, or any other tech stack from its tech provider. For example., the 16 online gambling apps were using a vulnerable library or outsourced their digital and online operations to B2B companies.

Similarly, all banking apps that exposed data were…

Source…

Are Cold Wallets Safer Than Hot Wallets For Storing Your Crypto Keys?

/in


Recently, hackers stole around $5.2 million worth of Solana from 8,000 hot wallets, such as Phantom, Slope, and Trust. Solana claimed that the security vulnerability was in the code of the third-party wallets and not in their own. 

Now in the light of such revelations, cyber experts are debating whether crypto investors should store their private keys in cold wallets in order to secure their crypto holdings from such cyber hacking.

Incidentally, Peck Shield Alert, a security firm has Tweeted that around $8,000 worth Stablecoin and Solana have been stolen. Besides, Solana has also struggled with security issues in the past, and now, probes has revealed that as many as four addresses were linked to the hacker. 

Crypto investing has come in vogue of late as they are considered the currencies of tomorrow. They are based on the Blockchain, and will be the native currency in the WEB3 space, the new digital world that we will be able to access in a few years using virtual reality.

Central banks across the world, including the Reserve Bank of India have announced they will be launching the central bank digital currency (CBDC) soon. As we usher towards this new world, the important question that now rises is how we can keep our money safe.

Technically, you can store crypto in a custodial wallet, where they do not provide you with a private key. Else, you can choose a hot wallet where your private key is stored in a browser extension or a desktop application, and lastly there is the most secure of all, the cold wallet, where you store your key in a hardware wallet. Keeping the private key secure is the most important piece of the puzzle.

Let us understand the concept of hot and cold wallets in detail.

Hot Wallets

Hot wallets include Web-based wallets (browser extension), mobile wallets, and desktop wallets. They are all connected to the Internet. In other words, if your system gets compromised, or if the hot wallet you use has security vulnerabilities, like in the Solana hacking case, where hackers stole the private key from inactive crypto Slope, Trust, and Phantom wallets, hackers can steal your private keys and drain your wallet. They can use a crypto tumbler…

Source…

Experts warn against storing passwords in Chrome

/in


Hackers are preying on people working from home for passwords stored in web browsers, experts claim.

Keeping passwords saved in the likes of Chrome and Edge are pretty common practice and usually considered quite safe.

They are designed to take the hassle out of remembering login details for every site you use.

But now IT researchers are cautioning against using such features in any browser over a recent security breach that compromised a company.

Bad actors appear to be exploiting the fact office workers in the UK and US are being forced to work from home amid the ongoing coronavirus pandemic.

According to security experts AhnLab, an employee working remotely fell victim as they used a VPN to access their company’s network.

The person was innocently doing their job on a device shared with others they live with, unaware it was already infected with a nasty piece of info-stealing malware called Redline Stealer.

This led to sensitive account details and passwords from various sites being stolen, including information to access the company’s VPN.

Hackers then used it to login and pry on the private business data three months later.

And worse still, the computer had antivirus software installed but the malware was able to get around it.

“Although the account credentials storing feature of browsers is very convenient, as there is a risk of leakage of account credentials upon malware infection, users are recommended to refrain from using it and only use programs from clear sources,” AhnLab said.

Hackers have been reportedly been targeting people who work at home due to the COVID-19 pandemic.
Hackers have been reportedly targeting people who work at home due to the COVID-19 pandemic.
Shutterstock

Redline Stealer is pretty cheap and easy to get hold of on the dark web, which means it’s hard to trace the incident back to a specific group.

It costs as little as $150 to get hold off.

The malicious tool first appeared in March 2020, right as the pandemic began to spread.

It comes amid a huge spike in scams over the course of COVID-19’s unwelcome arrival.

Millions were targeted by COVID Pass scams conning people out of money and sensitive data, while phony jabs have also been rife.

Source…

Experts warn AGAINST storing passwords in Chrome after hackers target homeworkers

/in


HACKERS are preying on people working from home for passwords stored in web browsers, experts claim.

Keeping passwords saved in the likes of Chrome and Edge are pretty common practice and usually considered quite safe.

A worker was unaware the computer they were using to work was already infested with malware

2

A worker was unaware the computer they were using to work was already infested with malwareCredit: Getty

They are designed to take the hassle out of remembering login details for every site you use.

But now IT researchers are cautioning against using such features in any browser over a recent security breach that compromised a company.

Bad actors appear to be exploiting the fact office workers in the UK and US are being forced to work from home amid the ongoing coronavirus pandemic.

According to security experts AhnLab, an employee working remotely fell victim as they used a VPN to access their company’s network.

The person was innocently doing their job on a device shared with others they live with, unaware it was already infected with a nasty piece of infostealing malware called Redline Stealer.

This led to sensitive account details and passwords from various sites being stolen, including information to access the company’s VPN.

Hackers then used it to login and pry on the private business data three months later.

And worse still, the computer had antivirus software installed but the malware was able to get around it.

“Although the account credentials storing feature of browsers is very convenient, as there is a risk of leakage of account credentials upon malware infection, users are recommended to refrain from using it and only use programs from clear sources,” AhnLab said.

Redline Stealer is pretty cheap and easy to get hold of on the dark web, which means it’s hard to trace the incident back to a specific group.

It costs as little as $150/£111 to get hold off.

The malicious tool first appeared in March 2020, right as the pandemic began to spread.

It comes amid a huge spike in scams over the course of COVID-19’s unwelcome arrival.

Millions were targeted by Covid Pass scams conning people out of money and sensitive data, while phony jabs have also been rife.

The pandemic has been the perfect opportunity for hackers to exploit people stuck indoors

2

The pandemic has been the perfect opportunity for hackers to exploit people stuck indoorsCredit: Alamy

Source…