San Francisco International Airport SFO Websites Hacked: Airport Discloses Data Breach

San Francisco International Airport notifies users of two low-traffic websites about data breaches in March.

San Francisco International Airport (SFO) revealed this week that two websites have been hacked, revealing the login information of some users on both websites. The attack took place in March and received a consensus between SFOConnect.com and SFOConstruction.com Which is a website with few visitors

According to the message sent to the Department of Airport Information and Telecommunications Technology (ITT) "The attackers have included malicious computer codes on these websites in order to steal user credentials." "Users affected by this attack may have access outside the airport network to Windows devices or devices. That is not maintained by SFO via Internet Explorer. "

The advertisement also stated that "The user name and password of the user affected by the attacker are not used to access those personal devices." Anyone who visits the website with a web browser, Internet Explorer recommends changing the password. Of devices used to access endpoint hardware outside the management network

In addition, on Monday 23 March 2020, SFO representatives must reset all email and network passwords for SFO. "The malicious code has been removed from the compromised website."

Dedicated to SFO construction projects. SFOConstruction.com website. Is the clearing house for third bidders and airport related contracts. The second consensus website is SFOConnect.com Is an information center where airport employees can search for logos and the latest safety news related to underground transportation.

-Sumit Tiwari

#cybersecurity #ceo #ciso #euinac #attack #ethicalhacking #security #networksecurity #computersecurity #privacy #informationsecurity #intelligence #cyberattack #secure #infosec #hacking #databreach #SFO

Google bans employees from using this video chat app

After SpaceX, Elon Musk and NASA companies, space research, it was Google's Google to connect workers with zoom applications. Since the workplace, a global trend has occurred since coronavirus pandemic professionals have migrated to applications such as Zoom. Teleconferencing applications are seeing its popular charts, but it comes with a fair amount of personal concerns. BuzzFeed According to the report, Google sent an email to all employees about the ban last week. Google has told employees that everyone has Zoom installed on their device, that the program works quickly. Google sent an email to employees about the ban last week, saying that employees had been posted to their zoom device and asked that Google stop the program soon. Interestingly, Google has its own Zoom competitor, Meet, which is great in the G costume.

Google spokesman Jose Castaneda told BuzzFeed News that the company has a policy of not allowing employees "unapproved applications" to use the job. "Recently, noteworthy employees using our secure Zoom desktop client are running on computers that are legally bound to meet our standard of security application used by our employees. Zoom employees are using them to stay in touch with the ability to keep up with family and friends through a web browser or over a phone, ”Castenada told BuzzFeed News.

SpaceX research firm Musk ELX also says its employees will not use Zoom. According to a Reuters report, SpaceX sent a short employee on March 28 stating explicitly that Zoom employees should not be used. "We understand that most of us use this tool to support conferences and meetings. Please use email, text or telephone to provide other means of communication," notes. In addition, the importance of the decision is not to use the company because of the zoom, as there are "confidentiality and security issues".

reported online most of the recommended zoom has privacy and security issues. The lack of resolution to this conclusion has worsened a great deal of worry. Zoom CEO Eric S Yuan says the company is taking the right steps to meet the challenges. Companies looking to release the next 90 days will work on issues of security and privacy instead.

-Sumit Tiwari

#google #zoom #covid #coronavirus #cybersecurity #ceo #ciso #euinac #attack #ethicalhacking #security #networksecurity #computersecurity #privacy #informationsecurity #intelligence #cyberattack #secure #infosec #hacking

PayPal and Venmo Are Letting SIM Swappers Hijack Accounts

Even after researchers received a warning, some companies did not have any systems in place to help the crisis spill over.

Some major applications and websites, such as Paypal and Venmo, have an error that allows users to easily access people's data after taking the victim's phone.

Earlier this year, researchers at Princeton University found 17 major companies, including Amazon, Paypal, Venmo, Blizzard, Adobe, eBay, Snapchat and Yahoo, that allowed people to remake use their web site to use text messages sent to the connected phone. and their stories. This means that if a mobile user accesses a mobile phone using a simple, standard operating system such as SIM tracking, then he or she can use it on the websites that use these programs and websites. .

"When considering the analogy, I never expected it to be too much, and I didn't expect a problem to occur on these large sites," Kevin Lee, senior researcher, told an interview with Motherboard. A week ago, two months after they first asked companies to report this maliciously in their endorsement, Princeton researchers re-examined if the company had solved the problem. Some, including Adobe, Blizzard, Ebay, Microsoft, and Snapchat, have closed the hole.

PayPal and Venmo, since they are applications that allow users to exchange cash and are associated with bank or credit card information, are probably the most popular examples. This week, the motherboard has confirmed that passwords can be corrected to Paypal and Venmo using a text message.

Venmo is owned by Paypal and none of their members has responded to many requests for comment on this story.

In fact, there is a security policy because companies balance security with the need for users to redesign their password when they forget it. Providing users with the ability to redirect information to digital content is, in general, an excellent solution. But the increase in SIM card transactions that the motherboard has been reporting for years has made this sensitive protocol even more dangerous.

If you do not want companies to update and improve their policies, there is a simple solution that you can use today to reduce the risk for your accounts. you have captured your number by disconnecting your phone number from these accounts using a VoIP number, such as Google Voice, Skype or otherwise. Google Voice numbers, since they don't actually connect to a real SIM card, are much harder to jump.

-Sumit Tiwari

#cybersecurity #ceo #ciso #euinac #attack #ethicalhacking #security #networksecurity #computersecurity #amazon #paypal #adobe #venamo #blizarred

Just visiting the site can capture the camera of your iPhone or MacBook.

If you use an Apple iPhone or MacBook, we will provide you with some disturbing news.

It turns out that using the Safari browser to access websites (not only malicious websites, but also legitimate websites that do not suspect that malicious ads can be downloaded) may allow remote attackers to secretly access the camera, microphone, or device location, and in some cases save passwords .

Apple recently paid a reward of $ 75,000 to ethical hacker Ryan Pickren. He actually proved the hacking behavior and helped the company fix seven new vulnerabilities, and then no attacker could use them.

The fix was released in a series of updates to Safari, covering version 13.0.5 (released on January 28, 2020) and Safari 13.1 (released on March 24, 2020).

"If the malicious website wanted camera access, all it had to do was masquerade as a trusted video-conferencing website such as Skype or Zoom," Pickren said.

When chained together, three of the reported Safari flaws could have allowed malicious sites to impersonate any legit site a victim trusts and access camera or microphone by abusing the permissions that were otherwise explicitly granted by the victim to the trusted domain only.

A vulnerability exploit chain that misuses Safari permissions for sites

The Safari browser provides access to specific permissions for each website, such as the camera, microphone, location, etc. Skype says this allows different websites to access the camera without having to ask for user permission every time the application starts.

But on iOS, there are exceptions to this rule. Although third-party applications must obtain the explicit consent of the user to access the camera, Safari can access the camera or album without permission.

In particular, using a chain to combine multiple flaws in how browsers analyze URL patterns and process security settings for each website can lead to incorrect access. This method only applies to the site that is currently open.

Pikren said: "The most important conclusion is that URL schemes are completely ignored." "This is problematic because some schemes do not contain any significant hostnames, such as file:, javascript: or data:"

In other words, Safari cannot verify that the website complies with policies of the same origin, thus giving access to other websites that should not be given permission. As a result, "https://example.com" websites and their malicious copies of "fake: //example.com" may terminate with the same permissions.

Therefore, using lazy host resolution in Safari, you can use the "file" URI (for example, file: //path/to/file/index.html) to trick the browser into changing the JavaScript domain name as follows.

Picron said: "Safari thinks we're on skype.com and can download some kind of bad JavaScript. When you open a local HTML file, everything about the camera, microphone and general screen is compromised. "

Research has shown that even simple text passwords can be stolen this way, because Safari uses the same method to detect websites that require automatic password entry.

In addition, you can avoid precautions when downloading automatically, first opening a trusted site as a pop-up window and then using it to download malicious files.

Similarly, you can use blob: URI (for example, blob: //skype.com) to run arbitrary JavaScript code and use it to access the victim's webcam directly without permission.

-Sumit Tiwari

#cybersecurity #attack #euinac #ceo #ciso #coronavirus #apple #ios #safari #macbook #iphone #pandemic #firefox #hacking #ethicalhacking #thehackerstalk

SBI cautions against fake UPI ID for collecting coronavirus funds

India's largest creditor bank, the State Bank (SBI), has warned people against identifying a fake Unified Payment Interface (UPI), which is being traded under the pretext of the Prime Minister's Citizens Assistance and Emergency Relief Fund (PM-CARES). “Beware of fake UPIs that travel under the guise of the Prime Minister for Assistance to Citizens and Emergencies, known as the Prime Minister of Care. Make sure your donation to the global epidemic is in the right hand. ” ,SBI tweeted-

"Beware of the fake UPI IDs that are making the rounds in the guise of Prime Minister’s Citizen Assistance & Relief in Emergency Situations a.k.a. PM Cares. Make sure your monetary donation to fight against the global pandemic is going into the right hands. @PMOIndia #PMCaresFund"

                                    

The government has warned donors against bogus UPI identifiers that track people on various social media. “Beware of false UPIs distributed under the pretext of the PM CARES Foundation. #PIBFactcheck: The correct UPI for #PMCaresFunds is pmcares @ sbi ", - Verification of GDP data from Twitter. On Saturday, Prime Minister Narendra Modi announced the creation of an emergency aid and relief fund, where people can contribute and help the government fight the coronavirus.

-Sumit Tiwari

#cybersecurity #attack #euinac #ceo #ciso #coronavirus #sbi #pmcarefund #firefox #hacking #ethicalhacking