Skip to content
View in the app

A better way to browse. Learn more.
Thailand News and Discussion Forum | ASEANNOW

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

The biggest hacks and data breaches of 2020

techietraveller84
in IT and Computers

Featured Replies

25 minutes ago, techietraveller84 said:

This is quite a list, and I'm sure it's just the tip of the iceberg. The scary thing is that most of this year's hacks and breaches probably haven't even been discovered yet.

 

Keep changing those passwords.

 

https://www.zdnet.com/article/the-biggest-hacks-data-breaches-of-2020/

Not only change them but choose one which takes longer to hack.   http://keithieopia.com/post/2017-12-13-passwd-crack-time/

 

    • Like 1
    • Author
    • Popular Post
    22 hours ago, FritsSikkink said:

    Not only change them but choose one which takes longer to hack.   http://keithieopia.com/post/2017-12-13-passwd-crack-time/

     

     

    Very true. For those struggling to finally update their passwords, here's a simplified chart on password strength that I think does a great job illustrating how much this matters.

    Password Strength.PNG

    •
    • Like 3
    • Thanks 1
    17 minutes ago, techietraveller84 said:

    here's a simplified chart on password strength that I think does a great job illustrating how much this matters.

    Interesting chart. Thank you.

    ... and many more that do not report breaches to avoid being compromised.

    In reality it is not complicated to keep information systems secure but employees must be trained regularly

    I got an alert that somebody had logged into my Apple account from China, fortunately I was able to deny them access & reset my password but When companies like FireEye are getting hacked https://www.cnet.com/news/fireeye-hack-cybersecurity-firm-says-nation-state-stole-attacking-tools/

     

    It makes you wonder can you ever be really safe.


    A little less safe now as the hackers stole their Red Hat hacking tools used to Pen Test large companies & government agencies 

     

    • Author

    Yep, if Fireeye can get hacked, then none of us are safe, no matter what we do. Just have to stay low key and uninteresting.

    • Like 1
    On 12/8/2020 at 8:03 AM, techietraveller84 said:

    Keep changing those passwords.

    Not meaning to hijack your thread, but maybe a quick side discussion is ok.

     

    Is anyone using a password manager? 

     

    I have thought about using one, but then thought, if the one password I have to get into the password manager is hacked or compromised, they would have access to every account I have online and can do untold damage, so I opted to not use one, but I do see their benefits.  

    • Like 1
    • Author

    Totally valid question, and something I wondered about as well.  Last Pass is a big player in the password manager business, and the image attached gives a sense of their security concept. Of course, nothing is perfect, but there are varying degrees of secure.

    LastPass.PNG

    •
    • Like 1
    On 12/11/2020 at 6:50 AM, KhunHeineken said:

    Not meaning to hijack your thread, but maybe a quick side discussion is ok.

     

    Is anyone using a password manager? 

     

    I have thought about using one, but then thought, if the one password I have to get into the password manager is hacked or compromised, they would have access to every account I have online and can do untold damage, so I opted to not use one, but I do see their benefits.  

    1Password  https://1password.com/

    On 12/12/2020 at 6:20 PM, berrec said:

    1Password  https://1password.com/

    There are many password manager companies out there.  Does any member use a password manager?  If so, are you concerned that if your password is compromised, someone would have access to every online account you have?  Do any password managers offer 2 Stage Authentication?  If they did, I would probably sign up.  

    • Author
    23 hours ago, KhunHeineken said:

    There are many password manager companies out there.  Does any member use a password manager?  If so, are you concerned that if your password is compromised, someone would have access to every online account you have?  Do any password managers offer 2 Stage Authentication?  If they did, I would probably sign up.  

    LastPass has multi-factor (2 stage) authentication. https://www.lastpass.com/how-lastpass-works

    1862872086_LastPassMultiFactor.PNG.f07022fa3d293c90ed83b0a552133626.PNG

    On 12/14/2020 at 3:23 AM, oby said:

    biggest hack: 2020 US election fraud.

    algorithm transferring millions of votes from trump to biden.

    dominion machines used in last venuezuela, canada, and us elections denied democracy.

    dominion machines ensure socialists win every time.

     


    I see someone has drunk the trumpanzee Koolaid.

    • Haha 1
    On 12/9/2020 at 12:53 PM, WebGuy said:

    ... and many more that do not report breaches to avoid being compromised.

    In reality it is not complicated to keep information systems secure but employees must be trained regularly


    In reality, the more complex the system, the harder it is to protect.



     

    • 2 weeks later...
    • Author

    Updates on the SolarWinds hack are coming in a bit too slow. But at least journalists are doing some interesting analysis. I like this one by Geekwire.com titled, "How hacked is hacked? Here’s a ‘hack scale’ to better understand the SolarWinds cyberattacks."

     

    And here's the scale.

    • Stage 0: The attackers have found or made an entry point to systems or the network but haven’t used it or took no action.
    • Stage I: Attackers have control of a system but haven’t moved beyond the system to the broader network.
    • Stage II: Attackers have moved to the broader network and are in “read-only” mode meaning they can read and steal data but not alter it.
    • Stage III: Attackers have moved to the broader network and have “write” access to the network meaning they can alter data as well as read and steal it.
    • Stage IV: Attackers have administrative control of the broader network meaning they can create accounts and new means of entry to the network as well as alter, read and steal data.

    So which one does the SolarWinds hack fall under?

    https://www.geekwire.com/2020/hacked-hacked-heres-hack-scale-better-understand-solarwinds-cyberattacks/

    • 1 month later...

    In this case it's "networkS". Lots of them.

    The first one giving access to the rest, and reaching Stage IV only dependent on the tools and skills of the defenders.

    • Like 1
    • Author

    Feels like 2021 has already delivered more high profile attacks than the first 11 months of 2020. Going to be a rough year on so many fronts.

     

    February is already off to a strong start: Female escort review site data breach affects 470,000 members.

    ????

    https://www.bleepingcomputer.com/news/security/female-escort-review-site-data-breach-affects-470-000-members/?&web_view=true

    • Author
    21 hours ago, KhunHeineken said:

     

    Thanks.  I'll check it out.  

    Now that the holidays are past and life is returning to normal, it's the perfect time. ????

    5 hours ago, techietraveller84 said:

    Now that the holidays are past and life is returning to normal, it's the perfect time. ????

    Quick question.  Does software have to be installed on the computer?  I travel with my laptop, but in the past, on rare occasions, in small villages, I have had to use public computers for the purpose of printing out a form, signing it, scanning it, and emailing it back.  

     

    • Author

    It's a browser extension that you would need to add to each browser you use on your personal computers. Unfortunately wouldn't help you much on public computers.

    LastPass.PNG

    Create an account or sign in to comment
    Go to topic listing

    Recently Browsing 0

    • No registered users viewing this page.

    Account

    Navigation

    Search

    Search

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.