Stolen data given away, the price of stolen data, computers for kids infected and patch these SAP and Cisco applications.
Welcome to Cyber Security Today. This is the Friday morning edition for January 22nd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
Christmas has long gone but a threat actor thinks it’s still the gift-giving season. This week the person or group called ShinyHunters gave away piles of stolen email addresses and other information on hacker forums.
According to the Bleeping Computer news service, one pile was a database with thousands of email addresses of users of the free Pixlr online photo editing application. Another is a database with information on thousands of users of the Nitro PDF application. It contains users’ full names and their email addresses.
And according to the ZDNet news service, a third was a list of millions of email addresses of users of the custom apparel printing service called Teespring.
It’s not clear if ShinyHunters was responsible for the original theft of the data or it was stolen from other hackers, but they have a history of giving stolen data away. That devalues the data being sold by others. ZDNet says the Teepsring data was recently offered for sale.
Some laptops for children distributed by Britain’s education department to schools were found this week to have unwanted malware installed. The BBC reports they were part of 800,000 laptops the government is giving disadvantaged student who don’t have computers at home. The malware, which reportedly contacts servers in Russia, installs spyware that gathers personal information and browsing habits of users. The government said it is urgently investigating. It isn’t known if the laptops were infected by someone who prepared the computers or if a hacker got into the computer manufacturer’s system to install the malware.
Hackers sell and buy stolen data on criminal marketplaces. How much stolen data is worth depends on what it is, and how much stolen information is already listed for sale. Social Security numbers, for example, aren’t useful on their own. A name with a social security number is more valuable. Add the victim’s date of birth and the combination becomes really valuable because it could be used for identity impersonation. The British news site Comparitech this week released an analysis of 40 dark web marketplaces to find out how much your personal information is worth. Here’s a precis:
A full credentials bundle of information about an American — such as name, address, Social Security number and date of birth — averages $8 a person. That’s cheap because there’s so much stolen data on Americans. A crook will pay an average of $15 a person for a full credential bundle on a Canadian, and $25 for someone from Japan. Prices for stolen credit card numbers range from 11 cents to almost $1,000, depending on whether the card also includes the CVV number from the back of the card, victim’s name and card expiration date. All that data makes the card useful for online purchases.
So with all this stolen data floating around how can you protect yourself? One of the best ways is to beware of email scams trying to trick you into divulging your credit card or PayPal credentials. And be careful where you use your credit card.
Attention IT administrators of SAP systems: Make sure SAP Solution Manager is running the latest security patches. According to the ZDNet news service, threat actors are trying to take advantage of a recently-described exploit of a vulnerability in the application to get into SAP systems. From there they can get into anything Solution Manager connects to. That vulnerability was patched over a year ago, so if Solution Manager hasn’t been patched by now your system is in trouble.
And network administrators who oversee equipment from Cisco Systems should make sure their SD-WAN software has the latest updates.
That’s it for this morning’s podcast. Remember this afternoon you can catch the Week In Review edition, where my guest analyst will be Dinah Davis of Arctic Wolf. We’ll be talking about ways organizations can prevent employee and customer accounts from being hacked.
Links to details about my stories can be found in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon