A TikTok breach compromises 2 billion user records, Samsung falls victim to a theft of US customer records and public-facing applications have become the most widely used initial vector to penetrate an organization.
Welcome to CyberSecurity Today. I’m Jim Love, CIO of IT World Canada and Tech News Day in the US sitting in for the vacationing Howard Solomon.
TikTok Breach may have exposed 2 billion user records
A massive data breach has reportedly hit the popular social media platforms, TikTok. Security experts have stated that the breach could affect up to 2 billion – that’s B as in Billion user database records.
Social media has been abuzz with comments including (pun intended) a poster using the name Blue Hornet who summed it up as:
“Who would have thought that @TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?”
Experts are warning users to to take preventive measures including changing their TikTok password and enabling Two-Factor Authentication.
A TikTok spokesperson claimed that their team had investigated and determined that the code in question was not related to TikTok’s backend source code.
And perhaps in the ultimate irony, Troy Hunt, creator of haveIbeenpwned noted that his user name would now turn up as having been pwned, but, as he also noted since he uses a unique complex password and two factor authentication, this is more of an inconvenience to him than a threat. Hunt also noted that evidence of the breach was “so far pretty inconclusive.”
Samsung cyberattack may affect U.S. Customer Data
South Korean technology giant Samsung has confirmed an attack that resulted in unauthorized access to some U. S. customer data.
There is no clear statement of how many customers were affected by the breach, but Samsung announced that the breach may have given hackers access to personal data including names, contact and demographic information, date of birth as well as product registration data. Not affected, according to the company, were social security numbers, or credit and debit card numbers.
The company statement reads as follows:
“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected.”
Samsung is urging customers to be wary of potential social engineering attempts. This includes avoiding clicking on links or attachments from unknown senders. As well, customers should check their accounts for any suspicious activity.
Samsung states that they have taken steps to secure the affected system and that they have hired an external cybersecurity firm to head up the response efforts.
Public facing applications become the most widely used initial attack vector.
Security research from Kaspersky’s Incident Response Analytics Report reported that public facing applications have now become the most widely used initial vector to penetrate an organization.
More than half of cyberattacks in 2021 started with vulnerability exploitation of public facing applications.
Their percentage as an initial attack vector has increased from 31.5% in 2020 to 53.6% in 2021.
This increase may be as a result of a flaw discovered on Microsoft Exchange Servers last year.
Compromised accounts and malicious emails are a close second and third in terms of starting points for cyberattacks.
The report which can be found on Kaspersky’s Securelist blog also noted that “51.9% of incidents were ransomware attacks, and in 62.5% of those cases, cybercriminals had had access to target systems for more than a month before they started file encryption.”
A link to the Securelist blog is included in the text version of this podcast which can be found at ITWorldCanada.com/podcasts
Follow Cyber Security Today where ever you get your podcasts – Apple, Google or other sources. You can also have it delivered to you via your Google or Alexa smart speaker.
Links from today’s podcast will be posted in an article on itworldcanada.com on our podcast page.
I’m Jim Love, CIO of ITWC, publishers of ITWorldCanada.com, TechNewsDay.com in the US and creators of the ITWC podcasting network. I’m also host of several of our podcasts which you can find at itworldcanada.com/podcasts.
I’ll be back on Friday while Howard enjoys his time away. Til then, stay safe.