Tag: Stole

Use iPhone to change website passwords that hackers stole

Post author By miranda cosgrove
Post date May 2, 2024
No Comments on Use iPhone to change website passwords that hackers stole

[ad_1]

It’s World Password Day, and that’s a good opportunity to do something you’ve probably been procrastinating about: Replace your website passwords that hackers stole because of some company’s lax security. Fortunately, your Apple devices make it easy to find out which of your passwords leaked so you can change them.

Fix a potentially serious problem now, before something bad happens..

iCloud Keychain helps you deal with too many passwords

If you’re like me, you probably use unique passwords to log in to hundreds of websites and apps. I have so many I can’t conveniently count them – I stopped at 100 and was still near the top of the list.

Apple makes it easy to store and use your passwords with iCloud Keychain. With it, your Apple device (iPhone, Mac, etc.) remembers passwords for you, and automatically inserts them into websites and apps. All you have to do is verify your identity with Face ID or Touch ID.

This makes it easy for you to use strong passwords and change them periodically, because you never need to remember them. Your computer remembers for you.

But if you don’t ever change passwords, you’re opening yourself up to a criminal using your password to, say, buy a bunch of products on Amazon. Or simply empty your bank accounts.

How to find and change passwords compromised by data breaches

How to find hacked passwords on your iPhone — Go to the Passwords section of Settings, see the Security Recommendations, then tap Change Password on Website.
Graphic: Ed Hardy/Cult of Mac

Beyond simply storing them, your Apple device also will warn you if passwords in your iCloud Keychain have been compromised by a data leak. It’s easy to find which ones need to be updated.

This feature is available on iPhone, iPad and Mac. (I’m using iPhone for my example.) And you must be using iCloud Keychain, but that’s something Apple urges you to turn on whenever you set up a new device.

Go to Settings > Passwords. You’ll need to go through Face ID or Touch ID to open this section, of course.

Then look for the Security Recommendations section. Next to this is probably a number. This is how many security problems Keychain has found in your password list. You’ll note I have 184 – I need to take my own advice and update some passwords.

Tap on Security Recommendations to open a list of websites and applications for which your passwords have problems. You are told why for each one, with “this password has appeared in a data leak” being the most common reason.

You have the option to tap on each website for a more detailed description of the security problems. This might include a scolding on reusing passwords.

For each password, you are given the option to Change Password on Website.

An example of changing a Google password via iCloud Keychain

To give you an example of how easy this is, I’ll change the password for one of my Google accounts when going through Passwords in Settings.

While looking at the list of Security Recommendations, I hit Change Password on Website, which opens the Google sign-on screen. I have to sign in to the Google account before I can change the password, obviously. There’s no problem because iCloud Keychain has the user name and current password stored.

Google wants me to go through two-factor authentication so it texts me a code. After I supply this, the screen to enter a new password opens.

The Safari browser is smart enough to figure out that I want to create a new password and automatically suggests a strong one.

Keychain then asks if I should store the new password. I tell it to do so.

And that’s it. The process is very similar with other sites. Or you could just take the iCloud Keychain as a warning and switch over to your favorite web browser, go to the website, and update the password there.

Change passwords the easy way: You’ll be glad you did

I get it – changing passwords is kind of a hassle. I’m the guy with 184 security warnings, after all. But it’s worth it.

Any day you discover someone has used one of your leaked passwords to steal money from you is a bad day. Changing your passwords goes a long way toward preventing that.

[ad_2]

Source Article Link

Tags Change, hackers, iPhone, passwords, Stole, Website

Featured

UnitedHealth confirms major cyberattack, says hackers stole “substantial” amount of patient data

Post author By lisa nichols
Post date April 23, 2024
No Comments on UnitedHealth confirms major cyberattack, says hackers stole “substantial” amount of patient data

[ad_1]

UnitedHealth Group has issued an update on the data breach that recently struck its subsidiary, Change Healthcare.

The healthcare giant suffered a ransomware attack that knocked some of its services offline and affected different pharmacies and other adjacent businesses across the United States.

In an update, UnitedHealth Group said that based on initial targeted data sampling to date, the company found “files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America.”

Ransomware fiasco

So far, there has been no evidence that the hackers stole materials such as doctors’ charts, or full medical histories.

The company further explained that the data review is ongoing and complex, and that it will likely take a few months to conclude the investigation, suggesting that the type of stolen data, as well as its scope, might change.

In the meantime, it set up a dedicated website http://changecybersupport.com/ where affected individuals can get more information and details. It also set up a dedicated call center, and is offering free credit monitoring and identity theft protection for two years.

The ransomware attack suffered something of a fiasco on both sides. The company was apparently attacked by an affiliate of the infamous ALPHV (BlackCat) ransomware-as-a-service (RaaS). To address the problem and get its data back, the company paid the attackers $22 million in cryptocurrency. However, due to the nature of RaaS, the affiliates who breached Change never got the money, as ALPHV took all of it and shut the entire operation down.

This also meant that Change never got its data back. In the meantime, a separate threat actor came forward, claiming to be in possession of the data, and asking for even more money.

UnitedHealth Group said that it’s monitoring the internet and the dark web, together with industry experts, to determine if any data made it online.

“There were 22 screenshots, allegedly from exfiltrated files, some containing PHI and PII, posted for about a week on the dark web by a malicious threat actor. No further publication of PHI or PII has occurred at this time,” the notification concludes.

Cisco Duo says a third-party data breach stole MFA SMS logs

Post author By lisa nichols
Post date April 16, 2024
No Comments on Cisco Duo says a third-party data breach stole MFA SMS logs

[ad_1]

Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident.

In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Unidentified threat actors mounted a phishing attack against the third party, through which they stole login credentials for the company’s systems.

With those login credentials, the attackers downloaded SMS and VoIP MFA message logs associated with specific Duo accounts. The logs were generated in March, it was said.

Smishing incoming

“The message logs did not contain any message content but did contain the phone number, phone carrier, country, and state to which each message was sent, as well as other metadata (e.g., date and time of the message, type of message, etc.),” the message reads.

“The Provider confirmed that the threat actor did not download or otherwise access the content of any messages or use their access to the Provider’s internal systems to send any messages to any of the numbers contained in the message logs.”

Obtaining phone numbers and other metadata is probably enough to run social engineering attacks such as phishing, or even engage in identity theft. Cisco warned its customers to be wary of any incoming SMS messages. “Please also consider educating your users on the risks posed by social engineering attacks and investigating any suspicious activity.”

When the victim company discovered the incident, they invalidated the compromised credentials and pinged Cisco about what had happened. They then implemented “additional technical measures” to prevent similar incidents in the future, as well as to mitigate the damage done by this attack.

Cisco Duo has more than 100,000 customers and processes more than a billion authentications every month. It has more than 10 million downloads on Google Play.

Via BleepingComputer

Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over

Post author By miranda cosgrove
Post date March 9, 2024
No Comments on Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over

[ad_1]

For years, Registered Agents Inc.—a secretive company whose business is setting up other businesses—has registered thousands of companies to people who appear to not exist. Multiple former employees tell WIRED that the company routinely incorporates businesses on behalf of its customers using what they claim are fake personas. An investigation found that incorporation paperwork for thousands of companies that listed these allegedly fake personas had links to Registered Agents.

State attorneys general from around the US sent a letter to Meta on Wednesday demanding the company take “immediate action” amid a record-breaking spike in complaints over hacked Facebook and Instagram accounts. Figures provided by the office of New York attorney general Letitia James, who spearheaded the effort, show that in 2023 her office received more than 780 complaints—10 times as many as in 2019. Many complaints cited in the letter say Meta did nothing to help them recover their stolen accounts. “We refuse to operate as the customer service representatives of your company,” the officials wrote in the letter. “Proper investment in response and mitigation is mandatory.”

Meanwhile, Meta suffered a major outage this week that took most of its platforms offline. When it came back, users were often forced to log back in to their accounts. Last year, however, the company changed how two-factor authentication works for Facebook and Instagram. Now, any devices you’ve frequently used with Meta services in recent years will be trusted by default. The move has made experts uneasy; this means that your devices may not need a two-factor authentication code to log in anymore. We updated our guide for how to turn off this setting.

A ransomware attack targeting medical firm Change Healthcare has caused chaos at pharmacies around the US, delaying delivery of prescription drugs nationwide. Last week, a Bitcoin address connected to AlphV, the group behind the attack, received $22 million in cryptocurrency—suggesting Change Healthcare has likely paid the ransom. A spokesperson for the firm declined to answer whether it was behind the payment.

And there’s more. Each week, we highlight the news we didn’t cover in depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

In January, Microsoft revealed that a notorious group of Russian state-sponsored hackers known as Nobelium infiltrated the email accounts of the company’s senior leadership team. Today, the company revealed that the attack is ongoing. In a blog post, the company explains that in recent weeks, it has seen evidence that hackers are leveraging information exfiltrated from its email systems to gain access to source code and other “internal systems.”

It is unclear exactly what internal systems were accessed by Nobelium, which Microsoft calls Midnight Blizzard, but according to the company, it is not over. The blog post states that the hackers are now using “secrets of different types” to breach further into its systems. “Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures.”

Nobelium is responsible for the SolarWinds attack, a sophisticated 2020 supply-chain attack that compromised thousands of organizations including the major US government agencies like the Departments of Homeland Security, Defense, Justice, and Treasury.

[ad_2]

Source Article Link

Tags attack, Codeand, hackers, isnt, Microsoft, Russian, source, Stole