Security Newsletter
29 April 2019
Breach at IT Outsourcing Giant Wipro
Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity. Wipro has refused to respond to questions about the alleged incident.
Both sources, who spoke on condition of anonymity, said Wipro’s systems were seen being used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems. The security experts said Wipro’s customers traced malicious and suspicious network reconnaissance activity back to partner systems that were communicating directly with Wipro’s network.
One source familiar with the forensic investigation at a Wipro customer said it appears at least 11 other companies were attacked, as evidenced from file folders found on the intruders’ back-end infrastructure that were named after various Wipro clients. That source declined to name the other clients. The other source said Wipro is now in the process of building out a new private email network because the intruders were thought to have compromised Wipro’s corporate email system for some time. The source also said Wipro is now telling concerned clients about specific “indicators of compromise,” telltale clues about tactics, tools and procedures used by the bad guys that might signify an attempted or successful intrusion. Wipro says it has more than 170,000 employees helping clients across six continents with Fortune 500 customers in healthcare, banking, communications and other industries. In March 2018, Wipro said it passed the $8 billion mark in annual IT services revenue.
Read More on KrebsOnSecurity
How Not to Acknowledge a Data Breach
 
The Anatomy of Highly Profitable Credential Stuffing Attacks
Credential stuffing attacks are one of today's most prevalent threats to online businesses everywhere. But despite this threat rising on everyone's radar in the infosec community, very little is known about how criminal groups are performing these attacks.
Credential stuffing is a term used by the cybersecurity industry to describe a particular type of automated attack against a website or application's login system. It relies on a hacker taking username-password combos that have been leaked via data breaches at other companies, and attempting to use these leaked credentials in the hope of gaining access to accounts on other sites -- exploiting users' habit of reusing usernames and passwords across multiple online services.
Credential stuffing is a relatively new attack vector and has been fueled by the huge leaks of user credentials that have taken place since 2016, after hacks at LinkedIn, VK.com, Tumblr, Twitter, and many other major platforms. Hundreds of millions of username and password credentials were dumped online in 2016, and other leaks have continued to pop up regularly since then, supplying fresh cannon fodder for criminal gangs to use for their attacks.
Organizations can protect their users by implementing multi-factor authentication (MFA) "which blocks the credential stuffing attack vector" but some of them already confirmed that they "may not be prepared to choose security over convenience." On the other hand, end users can do their part by never using the same password on more than one service, utilizing a password manager to safely store their credentials and generate more complex passwords, as well as turning on two-factor authentication (2FA) for all services that support it.
Read More on ZDNet
Even More on BleepingComputer
 
Facebook Could Be Fined Up To $5 Billion Over Privacy Violations
Facebook expects to face a massive fine of up to $5 billion from the Federal Trade Commission (FTC) as the result of an investigation into its privacy policies—that's about one month's revenue for the social media giant.
To be clear the amount of fine is not what the FTC has announced or hinted yet; instead, it's an estimated due that Facebook disclosed on Wednesday in its first quarter 2019 financial earnings report. In its earnings report, Facebook said the company had set $3 billion aside in anticipation of the settlement with the FTC, who launched a probe into Facebook following the Cambridge Analytica scandal.
The FTC launched an investigation into Facebook last year after it was revealed that the company allowed Cambridge Analytica access to the personal data of around 50 million Facebook users without their explicit consent.
Read More on TheHackerNews
How many days since last Facebook Scandal?
 
More #News
 
#Patch Time!
 
#Tech and #Tools
Kingred Group is growing, so does the Group Security team! We're looking for new talented professionals to come join us: Kindred is one of the largest online gambling companies in the world with over 24 million customers across 100 markets. You can find all our open vacancies on our career page.
This content was created by Kindred Group Security. Please share if you enjoyed!
Kindred Group in brief
Kindred is one of the largest online gambling companies in the world with over 24 million customers across 100 markets. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and as an innovation driven company that builds on trust.
You can access the previous newsletters at https://news.infosecgur.us
If you no longer wish to receive this newsletter, you can unsubscribe from this list.