The target: GoDaddy, a U.S based website domain registrar and web hosting company.
The take: 1.2 million records of customer information including: email addresses, SSH keys, and database usernames and passwords.
The attack vector: The threat actor gained access to GoDaddy’s hosting servers through a compromised employee account, granting them the same access to all the systems the firm’s user had. Multi-factor authentication was not enabled.
This breach highlights not only the ever-present threat that compromised employee accounts pose to firms, but also the critical importance of proper credential management. Employing Multi-factor authentication is a key part of maintaining a robust cybersecurity posture and ensuring company and customer data Is only accessed by authorized parties.
New York Post: Two federal agencies warned Americans to “remain vigilant” about their online security during the long Thanksgiving weekend after a year full of high-profile hacks.
Tech Radar: Polling 3,600 business and technology executives from around the world for the report, PwC found multiple factors contributing to the rising threat of cybercrime, including lower barrier for entry for numerous types of malware attacks, rising complexity of organizations due to mergers and acquisitions, remote working, or multi-vendor environments, to name but a few.
ETF Trends: Cybersecurity is such an important theme that there an entire month devoted to awareness of it. For investors, the relevance of cybersecurity lasts for all 12 months of the year, and there are multiple avenues for addressing that relevance.
Help New Security: Bugcrowd released a report which provides CIOs and CISOs valuable insight on ethical hackers and the economics of security research. New findings indicate a startling shift in the threat landscape with 8 out of 10 ethical hackers recently having identified a vulnerability they had never seen before.
The target: RedDoorz, a Singapore based hotel booking site.
The take: Exposure of 5.9 million records of Personally Identifiable Information including: names, contact numbers, email addresses, dates of birth, encrypted passwords and booking information.
The attack vector: The attacker gained access to an Amazon Web Services key which was embedded in an APK (Android Application Package), a piece of software used in their systems. Had the firm examined the APK, they could have prevented the exploit by removing the AWS key from the APK.
This breach highlights the critical importance of IT asset management, specifically just how necessary it is that firms are aware of what software they are using and how it is being deployed. Regular auditing of all software configurations, especially where customer data is stored, across the firm is essential for maintaining a robust cybersecurity posture.
The Hill: The Senate is eyeing the annual defense bill as a vehicle to attach critical provisions to improve the nation’s cybersecurity following a devastating year in which major attacks left the government flat-footed.