One Article Review
| Source |  knowbe4 |
|---|---|
| Identifiant | 8312171 |
| Date de publication | 2023-02-21 14:00:00 (vue: 2023-02-21 14:07:27) |
| Titre | CyberheistNews Vol 13 #08 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach |
| Texte |
CyberheistNews Vol 13 #08 | February 21st, 2023
[Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach
There is a lot to learn from Reddit's recent data breach, which was the result of an employee falling for a "sophisticated and highly-targeted" spear phishing attack.
I spend a lot of time talking about phishing attacks and the specifics that closely surround that pivotal action taken by the user once they are duped into believing the phishing email was legitimate.
However, there are additional details about the attack we can analyze to see what kind of access the attacker was able to garner from this attack. But first, here are the basics:
According to Reddit, an attacker set up a website that impersonated the company's intranet gateway, then sent targeted phishing emails to Reddit employees. The site was designed to steal credentials and two-factor authentication tokens.
There are only a few details from the breach, but the notification does mention that the threat actor was able to access "some internal docs, code, as well as some internal dashboards and business systems."
Since the notice does imply that only a single employee fell victim, we have to make a few assumptions about this attack:
The attacker had some knowledge of Reddit's internal workings – The fact that the attacker can spoof an intranet gateway shows they had some familiarity with the gateway's look and feel, and its use by Reddit employees.
The targeting of victims was limited to users with specific desired access – Given the knowledge about the intranet, it's reasonable to believe that the attacker(s) targeted users with specific roles within Reddit. From the use of the term "code," I'm going to assume the target was developers or someone on the product side of Reddit.
The attacker may have been an initial access broker – Despite the access gained that Reddit is making out to be not a big deal, they do also mention that no production systems were accessed. This makes me believe that this attack may have been focused on gaining a foothold within Reddit versus penetrating more sensitive systems and data.
There are also a few takeaways from this attack that you can learn from:
2FA is an important security measure – Despite the fact that the threat actor collected and (I'm guessing) passed the credentials and 2FA details onto the legitimate Intranet gateway-a classic man-in-the |
| Envoyé | Oui |
| Condensat | #08 #08 $90 000 000+ 2022 2023 2023:https://youtu 21st 2800 2800m 2:00 2fa :https://blog :https://fortune :https://securityboulevard :https://www ability able about abusing academic access accessed according account accounts across acting action active actor actors additional addresses admit ads advertisers affected afford after again against alaska alert alerts all allow allows almost already also altitude altshuler always america ammo ample analyze analyzes anchorage:https://www and/or another answers any anymore anything anytime anywhere app apply appreciated approach apt are areas asking association assume assumptions astounding:https://www attack attack/ attack: attack:https://arstechnica attacker attackers attacking attacks attacks/ attendees authentication automated automation avanan average avoid avoidable award aware awareness baby back bad based basics: be/ be/51vyxq8wpfc be/9vwad9chlnw because become becoming been before behavior behavioral behaviors being believe believing below benchmarking best better biases big biggest bike bing blm1nacfme blog bloghttps://blog boasts bots bound breach breaches broker budget build built bunch burden burner business but called campaign campaigns can capital carpet case cat cause caused ceo ceoknowbe4 cerf cert certain certification certified cfius challenge chance chances changes changing channel chat chatgpt cheaper check china chinese cinematic:https://www cio class classic click clients closely coach coaching coast code cognitive collected collection com/2023/02/15/father com/2023/02/why com/90848823/the com/about com/ai/the com/article/452793/attacks com/blog/layoffs com/cyberheistnews com/eu com/geotargeted com/heads com/highlining com/infographic com/information com/justice com/qrqlbv com/reddit com/sites/forbestechcouncil/2023/02/13/how com/socotra com/state com/story/north com/watch com/wcc/r/4071002/7e395d890fbbcb1799d5f307169660d1 com/wcc/r/4117873/342d6a8f51b1c1d7cf96908518cb0f28 combat combined commencing commerce common commonly communication companies company compare competency comprehension compromising concern concludes considered content contextual continual continue continued control convicted convincing costs could couldn council countries crafting create credential credentials crime critical cruising culture custom customer customers customize cut cventevents cyber cyberattack cyberattacks cybercriminal cybercriminals cyberheist cyberheistnews cybersecurity dangers dashboards data date/time: deal debt defending defense defenses deliver demand demo demonstrate demonstration department depth design designed desired despite details detected develop developers did didn difference different directory discover display disruption docs does dog doing don double doubt down download downtime dramatic dream driven due duped during each earn earning earthquake easily easy edison education efficacy elbows eliminating else email emails emmy employee employees enables enabling end engineer engineering enjoy enlighten enormous enough ensure environment error espionage essential essentially established ethical europe european even event events everywhere exactly exam exam/ examples excellent exciting execute existing explains exploit exposed exposure ey1m fabulous fact factor factors failure fake fall falling familiarity family:https://www famous far fast fastcompany father fave favorite fear feature features february feedback feel fell fetch:https://www filters finance find firewall first flash flaws flies flixxy focus focused follow followed following fool foothold forbes force forward found four fraud free frequent friendly from from: fuchs full fun funny:https://www further future gain gained gaining game garner garnier gateway gateways gave generated generation geotargeted geotargetly get getting give given global globe goes going gone good government grab great greatly group groups guessing hack hack:https://www hacker hackers hackers/ hackers:https://www hacking had half hard has hatch have having hayley heads healthy hear hector hello help helpful her here |
| Tags | Data Breach Hack Threat Guideline |
| Stories | ChatGPT |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.