Copy this code and paste it between the and tags of your site: The 9 worst cyber security incidents of ( 2019 ) - Leo Tech Media - Leo Tech Media

Technology , Tips Tricks , Android Mobile , Computer , Laptop , ALl Technology Information , Earn Money Online , social Media , latest updats

Saturday, December 14, 2019

The 9 worst cyber security incidents of ( 2019 ) - Leo Tech Media


 cyber security incidents of ( 2019 )


The 9 worst cyber security incidents of ( 2019 ) -Tech To Fast A few hours after the end of the year, we finished with the 10 worst cyber security incidents of 2019.cyber security incidents of ( 2019 ) A classic selection in our computer security blog where, by the way, we took advantage to wish all our readers health and prosperity for 2019.

The 2019  incident summary confirms the introduction of malware on all types of platforms we have seen in recent years. Cyber attacks of all kinds against commercial services that cause a huge leak of business and personal data and thus a brutal invasion of user privacy also continue to rise.


Violations are caused by this and also by the undesirable practices of some companies in the search for greater economic benefit without due transparency and controls. Data is gold in the Internet era and regaining consumer confidence in the ability of product and service providers to protect their data will be key for 2019.

We leave you with some of these incidents. It is only a selection because the year has given much sadly, confirming how much we have left to advance in cyber security.



  • Specter and Meltdown


2019 began with a bombshell that shook the world of computing. An article published in The Register advanced a series of critical vulnerabilities in Intel processors and side-channel attack methods that allowed skipping the ASLR, a protection mechanism included in operating systems based on randomization of RAM memory locations.


Shortly after it became known that Specter and Meltdown affected the same architecture of the processors and also extended in some of its variants to other suppliers such as AMD and ARM. The vulnerabilities affected the security (and performance) of hundreds of millions of electronic devices from various providers of chips and operating systems.

 And not just personal computers. If Meltdown affected only Intel processors, Specter also affects AMD and ARM, so several media extend the problem to smart phones, video game consoles and other devices.

The CERT (Computer Emergency Response Team), the center of response to security incidents in information technologies and absolute reference in cyber security, confirmed the critical situation and issued statements that set off alarms across the planet: “Due to the fact that the vulnerability exists in the CPU architecture instead of the software, the patches cannot fully address it in all cases.

The same CERT confirmed the original news of The Register and spoke of a loss of performance of up to 30%, which would be a real barbarity and would force to replace the processor in some cases of use. Finally it has not been for so much. The loss of performance exists, although it varies greatly depending on the version of the operating system and the hardware platform we use. Solving this vulnerability via software 

(at least for Meltdown) would necessarily imply separating user processes from kernel memory and thereby varying processor performance, which in the case of Intel (and also those of other compatible manufacturers) gains performance precisely with a kind of privilege lifting techniques that in recent hours has been strongly criticized by the creator of Linux, Linus Torvalds.

The news about Specter and Meltdown have accumulated throughout the year as well as its multiple patches on the firmware of processors, operating systems and applications. Potential attacks have been mitigated although their complete solution is simply impossible as anticipated. Researchers at MIT (Massachusetts Institute of Technology) 

have developed a way to partition and isolate memory caches with "protection domains" and prevent exploitation of "speculative execution" and this month, Intel has announced the new architecture of Sunny Cove processors, the first to reach the market completely free of these vulnerabilities.



  • The horrible year of Facebook


The first social network by number of users has never stood out in its security and privacy aspects, but this year has meant 'a before and after' as a company and 2019 will close as the year in which the most serious has been known Facebook breaches of its duty to protect user data, privacy and privacy.

The Cambridge Analytica scandal (including extortions in the purest mafia style with bribes, spies and prostitutes), whereby the consultant had unauthorized access to data and private information of up to 87 million users, was followed by a more recent hacking that It became the most serious security error in the company's history, compromising the personal information of 30 million users.


Another case was seriously affected privacy when the social network turned security into business by selling 2FA phone numbers provided by users with the aim of improving security in accessing Internet services, to send personalized advertisements.


This same month a security breach compromised the privacy of 6.8 million users, by revealing private photographs that had not been publicly shared on the social network. The software crash affected millions of users who used the Facebook login to grant permissions to third-party applications and access the photos. Facebook spoke of 1,500 applications and 876 developers affected by a case that occurred for twelve days between September 13 and 25.


And at the end of the year, another very fat case arrived that, if confirmed, should force regulators around the world to take urgent and definitive measures against the signature of Mark Zuckerberg. The New York Times said Facebook delivered data and messages to Amazon, Microsoft, Netflix and up to 150 other large companies, without the knowledge or consent of its users,


NYT information is very serious and describes secret agreements with other technology to allow intrusive access to users' personal data, including their private messages. To do this, Facebook skipped its own privacy rules and transparency rules, as stated in the company's internal documents cited by The New York Times.


Half-world regulators have Facebook in their sights with multiple investigations, while the company has lost billions in the stock market. Mark Zucker berg promises major changes and improvements. We will see.



  • Huge data theft at Marriott


The Marriott hotel chain reported one of the biggest security breaches in history, with theft of personal and financial data from 500 million customers. The security breach dates back - no less - than to 2014 and would have originated in the Star wood hotel chain acquired by Marriott in 2016. The breach was not detected either in the merger process or in the following years.


Marriott says it was unaware of unauthorized access to the reservation database until November 19, 2018. The stolen database accumulated more than 4 years of information and included extensive personal and financial information, “a combination of name, postal address, telephone number, email address, passport, account information, date of birth, arrival and departure information, reservation date and communication preferences ”.

To make matters worse, Marriott says credit card numbers were probably stolen too. Although the numbers were encrypted with the AES-128 standard, Marriott says it can't rule out that hackers also stole the keys to decrypt card number information.

The Washington Post said it was unclear whether hackers were “criminals who collect data for identity theft or spies that collect information about travelers from around the world, including possibly diplomats, businessmen or intelligence officials as they travel around the world "



  • Ransomware is the main cyber threat


Ransomware maintains supremacy as the main cyber threat of malware in most member states of the European Union, according to the Europol report, Internet Organized Crime Threat Assessment (IOCTA) for 2018.


As with other types of malware, cyber attacks by Ransomware are increasingly numerous, sophisticated, dangerous and massive, as Wanda Crypt or showed, a well-planned and structured attack whose goal was to achieve a massive global infection, putting on the ropes to a good number of large companies from dozens of countries.

If until now Ransomware used to have exclusively economic motivations producing high benefits for attackers, lately it is expanding objectives as a preferred method of introducing malware as we saw with the Not Petya ransomware.

Recall that a typical Ransomware infects a personal computer or mobile device, blocks the operation and / or access to part or all of the equipment by seizing the files with strong encryption and requires the user an amount of money as "rescue" to free them. Therefore, if the best advice on cyber security is prevention, in the case of Ransomware it is essential to stop it by following this type of advice.



  • Close Google+

The Internet giant will advance the closure of the Google+ social network four months after a new bug compromised the information of more than 52 million users.

A couple of months ago a vulnerability was announced on Google+ that exposed the personal data of up to 500,000 users between 2015 and March 2018, when the company patched it. The error was discovered by Google as part of an internal review called Project Strobe and affected an API called "People" to which up to 438 application developers had access on Google+.

The error allowed those applications access to private information in the Google+ user profile. This included details such as email addresses, gender, age, images, relationship states, places lived and occupations. Up to 438 applications on Google+ had access to this API "People", although the company said "they had no evidence that developers were aware of the vulnerability."

According to a report published by the Wall Street Journal, the company did not reveal the vulnerability when it was repaired in March before "reputation damage" and because "it did not want lawmakers to submit it to a regulatory review." Google CEO Sundar Pichai was informed about the decision not to reveal the vulnerability after an internal committee had decided on the plan, explains WJS.cyber security incidents of ( 2019 )

Already in December, Google discovered a new ‘bug’ that this time affected a large number of customers. The bug allowed applications that used the API to see full user profile information, even if that profile was set to private. 

Google fixed the bug in a week and said that the exposed data "did not include sensitive information" such as passwords or financial data. However, to "ensure the protection of our users", Google has decided to close the social network for consumers in April 2019, four months ahead of schedule.


  • OpenSSH failed  cyber security incidents of ( 2019 ) |


Qualys security researchers discovered in August a vulnerability that had been present in Open SSH for 19 years, the best known implementation of the SSH protocol and whose responsible are the developers of the Open BSD operating system (although it is also widely used in Linux, Mac and more recently come to Windows).


Entering details, it is a failure in the enumeration of the user name (CVE-2018-15473) that allows a remote attacker to guess usernames registered in an Open  SSH server (a client accesses the server system with the privileges determined for the last part). The attack scenario is based on a malicious actor trying to authenticate to an   endpoint through a badly formed authentication request, which can be composed of a truncated packet.

Then, the vulnerable Open SSH server can react in two different ways. If the username in the badly formed authentication does not exist, the server will respond with the typical authentication failure error, however, if it is already registered, the connection will simply be closed without giving any response.

 This   behavior allows you to guess the valid user names to remotely access a system, thus opening the door to brute force attacks to guess the password.

The bug was patched in stable versions, but a large number of devices were exposed to a possible massive attack because   is one of the most used technologies in the world when it comes to remote access and is used in millions of large and small devices. from servers to IoT devices.



  • GitHub suffers the biggest DDoS attack ever recorded


GitHub, one of the world's largest hosting services for version control, software development and exchange, suffered in March the largest DDoS attack ever recorded: 1.35 terabits per second.

As you know, distributed denial of service (DDoS) attacks overload the computed resources of the attacked system until it is inaccessible. Saturation through large flows of information from several points to leave the servers out of service.


The DDoS attack on GitHub had an unknown level of 1.35 Tbps (126.9 million packages per second), almost double the average of the largest attacks recorded so far as the one that knocked down Krebs on Security at 620 Gbps, the made to the French hosting provider OVH that reached almost 800 Gbps or the largest registered so far against the Dyn provider at 1.2 Tbps.

The huge volume of data surpassed GitHub's computers, which caused them to stop responding and disconnect. At that time, GitHub turned to Akamai's specialized DDos attack mitigation service to filter malicious traffic, ending the attack's effect in a few minutes. There was a second attack that reached a maximum of 400 Gbps, but it was absorbed without the site falling.


Another highlight of the  attack against GitHub is that it did not use botnets as usual until now, if not using memcached servers. Around 100,000 of them, owned by companies and other institutions, are currently exposed without authentication protection, which means they are within reach of the attackers.


  • Vulnerability in Drupal


He also spoke of a critical vulnerability in Drupal, one of the best known CMS in the market, second most used after Word Press and with a special niche in electronic commerce.


It was a remote code execution vulnerability located in multiple Drupal sub-systems. The security holes opened the door for the website to be fully compromised, and to exploit them no access credentials or any privileges were required, so any anonymous visitor who had the necessary knowledge could gain full control of the site web, being able to delete and manipulate data that was not public (belonging to the database or back office).

Drupal patched the software, but could not prevent attackers from actively exploiting the patched vulnerability in Drupal, which received the informal name of Drupal geddon 2 with code CVE- 2018-7600. To take full control of the website, including the server that is running it, you just had to access the URL of a vulnerable website and inject the exploit code, which is publicly available to anyone who wants to use it.


The vulnerability was exploited for multiple purposes, including the installation of malicious charges such as malicious miners and software to cause denials of service. Malicious charges spread like a worm, so infected websites dedicated themselves to finding others that were not and were vulnerable.


  • Alternative search engines challenge Google


In the battle of search and online advertising, Google is a giant compared to all other great technology. And let's not say with European small businesses. However, the popular reaction about the massive collection of personal data, not always carried out with the necessary transparency, offers new hope to a series of little-known search engines that fly the user's privacy protection flag.


DuckDuckGo is an example. Far from the leader, Google, but it is striking that in an era in which it seems that almost all major Internet services seek to sell personal data, a pro-privacy search engine is experiencing massive growth. In addition, it is interesting to note that the new daily search log of DuckDuckGo came days after the violation of data on Google+ and its concealment by the Internet giant. The same thing happened when Google changed its privacy policy in 2012 and when the NSA's mass surveillance activities were known to Edward Snowden.

What  is getting is what sites like Mojeek from Great Britain, Qwant from France, Unbubble in Germany or Swiss Swissws aspire to. Everyone has something in common, they don't track user data, or filter results or show ads based on "behavior." 

These sites are growing amid the implementation of the new European privacy regulations (GDPR) and the numerous data traffic and rights violation scandals that have raised public awareness about the mountains of personal information that some companies collect and sell to Advertisers


The widespread suspicion in Europe about Google's dominance in Internet searches has also helped make the continent a place of spawning for a safe search. Europe is particularly sensitive to privacy issues.

 They are not yet popular, but there is no doubt that European search engines are challenging Google with the privacy flag, a fundamental right that the Internet giant will have to guarantee if it wants to maintain its privileged situation.cyber security incidents of ( 2019 )


Also Read ;


No comments:

Post a Comment