Past Week in Cyber

Past Week in Cyber

1)?Hackers from the Moses staff group have been attacking Israeli organizations for several months. Security experts from FortiGuard claim that the group exploits PowerShell vulnerabilities on exchange servers and then penetrates deeper into the company

2)?Hackers from the HOS LEAK group claim that they managed to gain access to the admin interface of the Port of Ashdod and access the cameras. They have began to publish information and personal details of the port employees.

3)?A large data leak from VERINT was posted on the RaidForums website, a forum used to share hacked databases.

4)?Many Ukrainian sites have been hacked and a special cyber unit on behalf of the EU has been sent to help.

5)?The Anonymous Group announced that it had shut down the Kremlin website and other Russian government websites, in addition to starting to disseminate information about Russian Defense Ministry employees.

6)?On the other hand - the CONTI group of hackers, affiliated with Russia, has announced that it will take action to attack the infrastructure of anyone who tries to harm Russia.

Spying and Gathering Information from Social Media

We hear about multiple attacks that occur due to improperly exposed data, for example, a file that has been shared online without limiting access to specific users, or an individual leaving a password to the default one that was set.?

This is critical, since in order for an attacker to gain access to a company’s internal network he must first have information about where the organization vulnerable to attack. Vulnerabilities due to improperly exposed data can reveal information that show where the organization’s weaknesses lie, and where the attacker can try to exploit.

Often, attackers will use search engines and social media networks to search for the wide range of data that employees upload there, often without paying attention to the details that are revealed in the imaged. The common perception about social media is that privacy is not needed there, and that if you are an honest person and have nothing to hide, than there is no problem posting all sorts of personal information there. This allows potential hackers to gather large amounts of information, build a profile of the target, the company he works for, and his status there. He can then use the information to try to impersonate the person or to further gain valuable information about the company from within and cause damage.

To protect ourselves and our company, we should keep track of the information shared online, verifying that updates don’t include sensitive information on a personal or organizational level. To refrain as much as possible from publishing of personal information is also helpful.

Both organizations and individuals, should keep track of the information shared on the network, check before publishing a news item whether it does not contain disclosure of information that may be sensitive on a personal or organizational level. And avoid publishing personal information as much as possible.

Tips for Safe Use of Personal Email:

1)??Set a long and complex password

2)??Set up 2FA

3)??Set alerts for when a new device signs in

4)??Back up your email, if possible

5)??Avoid clicking on links from unfamiliar addresses

6)??Check connected devices periodically. If you identify an unrecognized device, disconnect it and change your account password.?