Weekly Comments

4 - 12 February 2019

The login credentials from 16 compromised websites are now available for sale in the darknet market for a total estimated price of US$20,000 in Bitcoin.
The login credentials from 16 compromised websites are now available for sale in the darknet market for a total estimated price of US$20,000 in Bitcoin. The exposed credential database appears to be fresh as most of the breaches took place in 2018. Some exposed credentials are hashed and therefore can only be used after they are cracked. Typically, simple passwords can be easily reversed especially if it is hashed with the obsolete MD5 algorithm. The seller is expected to dump as many as 20 databases and claims to have swiped some one billion accounts by exploiting vulnerabilities in web applications. Stolen credentials can provide legitimate access to a user’s account without triggering security implementations and can result in fraud or identity theft. The leaked credentials can also be used in credential stuffing attacks, targeting users that reuse password across multiple online platforms. Organisations and users should minimally adopt two-factor authentication to protect their account from takeover, and use strong, unpredictable passwords to secure their online identity. 

References:
[1] Blue Monday in Infosec: 620 Million Accounts Stolen from 16 Hacked Websites Now for Sale on Dark Web, Seller Boasts<hxxps:></hxxps:>
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence