Friday, July 23, 2021

Peatix Warns Users for Attacks After Breach

Must Read

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine...

Brave browser disables Google’s FLoC ad-tracking technology

Brave, a Chromium-based browser, has removed FLoC, Google's controversial alternative identifier to third-party cookies for tracking users across websites. Brave...

DoJ Says SolarWinds Attackers Has accessed its Microsoft O365 email server

Thousands of Department of Justice (DoJ) email accounts were accessed by SolarWinds attackers last year, the department has confirmed. The...

Occasions and ticketing program Peatix has cautioned users of follow-on cyber-attacks later acknowledging it endured a data breach earlier this month.

The company claimed to have been advised by a third party on November 9 that accounts information was”improperly obtained and got.

“It’s been verified that information, such as names, email addresses, salted and hashed version of passwords, nicknames, favorite languages, and states and time zones in which the accounts were made, about a number of our customers was included,” it noted.

Thankfully, since the company doesn’t store passwords in plain text or complete credit card information, the fallout in the violation ought to be rather included.

But, it’s still asking users to reset their passwords and cautioned possible follow-on credential password and stuffing spraying strikes, which suggests its encryption might be crackable.

“If your data was accessed by poor actors, they can use it to contact you (e.g. by sending you emails ) or to try to collect personal information from you by deception (called phishing attacks),” the note continued.

Paul Bischoff, the privacy advocate at Comparitech.com, contended that the amount of risk vulnerability for affected clients depends on details that have not been revealed by the business.

“Peatix hasn’t said what algorithm is used to rosemary and hash the passwords from the database, which might give us a much better indication as to if users’ passwords are in danger,” he clarified.

“I have seen lots of breaches of passwords which were hashed using deprecated algorithms like SHA1 or MD5 which may be deciphered with very little effort, therefore it’d be useful to understand what algorithm was used to reestablish those passwords”

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This