Hackers Successfully Targeted Google Translate as an Entry Point for a Major Attack: Phishing Was The Method of Penetration
In an unprecedented and never before seen method, hackers successfully spoofed Google’s Language Translator page. Using tense wording with a bombardment of emails that appear legitimate, the hackers bypassed email security scanners and spam filters. The messages directed users to a link redirecting them to credential-harvesting pages that appeared as legitimate Google Translate pages. The site had pre-populated email fields that requested a person enter their password to log in. Unfortunately, the pages were bogus and captured private credentials. Phishing campaigns are getting more sophisticated as people spend more time online due to the holiday season. Additional information can be found here.SSL.com Response
Industry experts urge stronger end-user education and vigilance in identifying bogus emails. In this phishing campaign, many of the emails had phishing indications by exposing grammar and punctuation mistakes. Also, hovering over the links and questioning the URL link can expose potential online fraud. SSL.com also recommends using S/MIME Certificates to validate the identity of the sender and encrypt sensitive information.
The Importance of National Cybersecurity Awareness Month
October was National Cybersecurity Month in the United States. However, adhering to cybersecurity practices is an ongoing effort that extends beyond the month and must be taken seriously. Every device and user connected to the internet is a potential target for hackers. While safeguards range from cloud-based security to on-premise threat management platforms, to secured encryption, threat analysis, and digital trust, there is no single solution that can prevent cybersecurity intrusions 100% of the time. The healthcare industry is emerging as the most vulnerable, due to its ongoing digital transformation shift. During the first half of 2022, there was a 42% increase in cyber-attacks compared to 2021. Within those statistics, the healthcare industry suffered a 69% increase in data breaches. Even with the advent of the Health Insurance Portability and Accountability Act (HIPAA) in 1996, the more recent shift to ePHI systems (Electronic Protected Health Information systems) has broadened hacker attack surfaces. ePHI systems manage the health, financial, and treatment information for patients. The systems are mission-critical requiring ongoing security administration to ensure HIPAA compliance and patient privacy. The Department of Health and Human Services is responsible for the administration and enforcement of HIPAA. There is a lot of available information on the web at HIPAA compliance . SSL.com Response: SSL.com highlights the role of digital identity and trust, along with helping organizations maintain privacy through encryption. Our S/MIME Certificates help protect against debilitating cyber attacks, including email tampering, phishing, pharming, identity fraud, corporate impersonation, and sensitive data leaks. At the same time, our ClientAuth Certificates help prevent unauthorized access to critical system and can be part of a Single Sign On (SSO) solution. Additional information regarding our solutions can be found here.
Experts Are Concerned About The Online Security of Electric Vehicles and Charging Stations
There are close to two million electric vehicles on the road today and the number is growing. In addition to vehicles, there is a proportionate increase in charging stations. Both of these require connectivity to the internet and are considered IoT devices, which presents a threat risk to the units and the end user. The types of vulnerabilities surfacing are man-in-the-middle attacks, hacks to the associated mobile apps and the vehicle or charging station itself. All of these can compromise personal information, manipulate data on the vehicle’s internal server, or cause maintenance records to become invalid. It is imperative that owners and vehicle buyers change default passwords immediately on purchase, and at random times. It is also recommended that ongoing monitoring of vehicle records takes place to ensure changes are incremental based on use and not being manipulated by an unknown party. As with any online device or service, vigilance is the key to protection and privacy. Follow this link to learn more about electric vehicles and charging security. SSL.com Response: IoT devices are projected to number over 13 billion devices by the end of 2022. Each device has the potential to be a security risk. The security industry is working closely with the manufactures to ensure the devices are secured, meet various standards and are able to maintain security certificates. For additional information regarding SSL.com and IoT security development please refer to this link.
Toyota Admits to Four Years of Exposed Source Code: Close to 300,000 Customer Records Breached
This was actually a software development mistake that went unnoticed for four years. A software contractor uploaded open source code to a GitHub server that was configured for public access. The password was in the clear and exposed along with the data records. Fortunately the exposed data was structured so that only a portion was stolen. The stolen data was fragmented and didn’t provide concise enough information to build an effective phishing campaign. Here is a summary of the Toyota Breach. Unfortunately this type of software development error is more frequent than expected. DevOps teams are formulating DevSecOps teams to oversee security operations for software development. This frees up developers to focus on writing code, submitting it to the repository as part of a CI/CD pipeline for testing in a timely manner. A DevSecOps team, in the Toyota breach, would have been able to detect the problem quickly. SSL.com Response: Continuous code signing is integral to the SSL.com eSigner solution suite. Combined with an Extended Validation Code Signing Certificate, development code within a CI/CD pipeline is digitally signed, validating that the code comes from an identifiable source and has not been altered. Protecting development code with this service prevents man-in-the-middle attempts, trojan insertion, and malware. Additional information can be found here.
User Caution: There Were Android Apps in The Play Store Redirecting Users to Malicious Sites
It happens, but it shouldn’t. There are apps slipping through the Google Play Store security screening. The Hacker News reports that four apps, with more than a million downloads were recently discovered in the Play Store. The apps redirected users to known malicious sites that farmed user’s private information while prompting users to download additional pieces of malware. The Apps in question are:- Bluetooth App Sender (com.Bluetooth.share.app) – 50,000+ downloads
- Bluetooth Auto Connect (com.Bluetooth.auto-connect.any devices) – 1,000,000+ downloads
- Driver: Bluetooth, Wi-Fi, USB (com.driver.finder.Bluetooth.wifi.USB) – 10,000+ downloads
- Mobile transfer: smart switch (com.mobile.faster.transfer.smart.switch) – 1,000+ downloads
