Dr. Bill.TV | The Computer Curmudgeon

I just recently signed up for Disney +, and probably, so did you! Sigh. Watch out!

Thousands Of Disney+ Accounts Are Up For Sale On Hacking Forums

Forbes – By: Lee Mathews – “Disney’s hotly-anticipated streaming service Disney+ finally launched this week. Despite being open to the public for just a few days, hackers have already hijacked thousands of accounts and put them up for sale on the Dark Web.

Reporting for ZDNet, Catalin Cimpanu discovered several listings for Disney+ accounts on different underground hacking forums. The going rate for a hacked account appears to be somewhere between $3 and $5.

That’s three to four times more than the asking price for a hacked Netflix account. Logical enough, given the excitement around the Disney+ launch.

So how is it possible that these accounts – many of which are just a few days old – have already been taken over by hackers? I haven’t seen any reports confirming the root cause, but it seems likely that bad habits are to blame.

One bad habit in particular: password re-use.

You should never, ever use the same password for multiple websites or online services. Security professionals have been repeating this refrain for years.

One bad habit in particular: password re-use.

Their warnings often fall on deaf ears, unfortunately. To users creating yet another account, it can feel like too much trouble to come up with a unique password to protect it.

When you’re creating a new account – whether for a hot new service like Disney+ or any other – remind yourself that hackers are always lurking in the shadows and ready to attack.

They’re armed with billions of email addresses (likely including yours) and billions of previously-used passwords. Using automated brute-forcing tools they can quickly break into accounts en masse.

Recovering a compromised account can be tricky, too. Once a hacker has gained access they tend to move quickly. They revoke access to authorized devices and then change passwords to prevent users from logging back in. They’ll change the email address associated with an account, too, which stops users from using automated password reset tools to regain access.

If you’re getting ready to sign up for Disney+ – or any other service, for that matter – get yourself a password manager first. Use it to create a unique password and let it remember that password for you.

Otherwise you may find yourself fighting to regain access to your account before you even have a chance to enjoy what you’ve signed up for.”

Cyware.com: Understanding the difference between risk, threat, and vulnerability

Vulnerabilities refer to weaknesses in a system or program that can be exploited by threats to gain unauthorized access to an asset.

Cyber threats refer to cybersecurity circumstances or events that can result in harm to the target organization.

Terms like threats, vulnerabilities, and risks are often confused with each other when it comes to cybersecurity and cyber attacks.

The post aims to define each term while highlighting the difference between them.

Vulnerabilities

Vulnerabilities refer to weaknesses in a system or program that can be exploited by threats to gain unauthorized access to an asset.

They make threat outcomes possible and potentially even more dangerous.

Examples of common vulnerabilities are SQL Injection, Cross-Site Scripting, server misconfiguration, sensitive data transmit in plain text and more.

Cyber threats

Cyber threats refer to cybersecurity circumstances or events that can result in harm to the target organization.

For example, threat actors can exploit a vulnerability, intentionally, or accidentally and obtain, damage or destroy an asset.

Threats include organized crime, spyware, malware, adware, and disgruntled internal employees who start attacking the employers of the target organization.

Common threats are social engineering or phishing attack that leads to an attacker installing a trojan or stealing information from your applications or overloading the ISP of a data center with unwanted traffic.

Risks

Risk is a metric used to understand the loss (both in terms of finance and physical) caused due to loss, damage or destruction of an asset.

Usually, it is translated as Risk = threat probability * potential loss/impact.

To get a clear understanding, let’s take the example of a scenario involving SQL injection vulnerability:

SQL Injection is a vulnerability that can be exploited to steal sensitive data theft.

Financially motivated attackers are one of the threat actors that usually leverage the vulnerability.

The impact of sensitive data getting stolen will bear a significant financial cost to the business. It will also hamper the reputation of the business.

The probability of such an attack is high, given that SQL injection is an easy-access, widely exploited vulnerability and the site is externally facing.

Therefore the SQL injection vulnerability in this scenario is treated as a high-risk vulnerability.

Cyware.com: HTTPS, SSL, and TLS: How are they different from each other?

HTTPS is the ‘Secured’ version of HTTP which stands for ‘Hypertext Transfer Protocol’.

Secure Socket Layer (SSL) was created by Netscape Communications Corporation in 1994.

These above-mentioned three protocols are used between browsers and web servers for the safe exchange of data but the main difference lies in their functionalities. Let’s take a dive into what each one of them stands for and how they differ.

HTTPS

HTTPS is the ‘Secured’ version of HTTP which stands for ‘Hypertext Transfer Protocol’.

It is used by different browsers and web servers to communicate and exchange information.

In other words, the exchanged data is encrypted with SSL/TLS; hence called HTTPS.

HTTPS-based websites are less vulnerable to cybercrimes. For example: If your online site is not secured with HTTPS, then bad actors can intercept the content of the website and then easily create the exact replica of the payment page to capture your credit card numbers and other personal details.

By default, HTTP uses port 80 and HTTPS uses port 443.

SSL

Secure Socket Layer (SSL) was created by Netscape Communications Corporation in 1994.

It was designed to create a secure internet communication via the Web.

It is a standard protocol that encrypts communication between the browser and the server, thus allowing easy and safe transfer of sensitive information like social security numbers, credit card details and login credentials.

It utilizes two types of keys: (1) Public keys – that are known to everyone; (2) Private keys – that is known only to the person receiving the message.

TLS

Transport Layer Security (TLS) – a renamed version of SSL 3.1 – came into existence in 1999.

TLS 1.3, released in March 2018, is the latest version of TLS.

It is a protocol that allows communication between the internet and client-server applications. It forms a secure communication via the Web for email, data transfer and faxing.

TLS has two distinct layers: TLS Record Protocol and TLS Handshake Protocol.

TLS Record Protocol establishes a secure connection with encryption methods like data encryption standard. On the other hand, the TLS Handshake Protocol allows authentication for servers and clients together.

Can YOU think of ways to use this in a security/social engineering scenario?