Press Release
Samsung Galaxy S22 hacked in 55 seconds
Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges.
Starting on December 19th, many Xfinity email users began receiving notifications that their account information had been changed. However, when attempting to access the accounts, they could not log in as the passwords had been changed.
After regaining access to the accounts, they discovered they had been hacked and a secondary email at the disposable @yopmail.com domain was added to their profile.
Similar to Gmail, Xfinity allows customers to configure a secondary email address to be used for account notifications and password resets in the event they lose access to their Xfinity account.
BleepingComputer first learned of these account hacks after numerous Xfinity customers reached out to us to share their experiences. In addition, other customers shared similar reports on Reddit [1, 2], Twitter [1, 2, 3], and Xfinity’s own support forum.
All Xfinity customers we spoke to said they have two-factor authentication enabled on their accounts, yet the threat actors could bypass it and log in to their accounts.
“Someone was able to reset my password and change personal account information, they bypassed 2FA. the email they setup was xxxxxxxx@yopmail.com,” explained an Xfinity customer on Reddit.
2FA bypass allegedly circulating privately
A researcher has told BleepingComputer that the attacks are being conducted through credential stuffing attacks to determine the login credentials for Xfinity attacks.
Once they gain access to the account and are prompted to enter their 2FA code, the attackers allegedly use a privately circulated OTP bypass for the Xfinity site that allows them to forge successful 2FA verification requests.
Once logged into the account, they can change the secondary email to the @yopmail.com account and perform password resets.
The main Xfinity email will also receive a notification that their information was changed, but as the password has been changed as well, will be unable to access it.
Once they gain full access to an Xfinity email account, the threat actors attempt to breach further online services used by the customer, verifying password reset requests to the now compromised email account.
BleepingComputer has been told by some of the affected customers that the hackers attempted to reset passwords at DropBox, Evernote, and the Coinbase and Gemini cryptocurrency exchanges.
While BleepingComputer has been unable to verify the legitimacy of this OTP bypass independently and whether it has been used in the reported hacks, it would explain how the threat actors can gain access to accounts with 2FA enabled.
BleepingComputer reached out to Comcast press contacts several times this week but has yet to receive a reply to our emails.
However, an Xfinity customer posted on Reddit that the company is aware of the account breaches and looking for the source of the hacks.
“I spoke to a second person in the xfinity security department that told me not to worry about the fraudulent yopmail account on my xfinity account and indicated that this had happened with many (maybe all) xfinity accounts,” a user posted to Reddit about the hacks.
“She indicated that xfinity is still working to find the source of the hack. Apparently this this is a much more widespread issue than is being reported. It does not seem that xfinity e-mail is secure at this time.”
Press Release
MICROSOFT IS IN TERMS TO BUY SPEECH TECHNOLOGY COMPANY NUANCE COMMUNICATIONS FOR ABOUT $16 BILLION, OR $56 A SHARE, A 23% OVERPAYMENT TO NUANCE’S FRIDAY CLOSE, According to Sources (BLOOMBERG)
Bloomberg:
According to sources, Microsoft is in advanced talks to acquire Nuance Communications, a provider of speech technology, for about $16 billion, or $56 per share, a 23% premium to Nuance’s Friday close. The proposed price would value Nuance at $56 per share. This week could see the announcement of a deal.
Even when using the most recent firmware, security researchers examined nine widely used WiFi routers and discovered a total of 226 possible vulnerabilities in them.
Millions of people use the tested routers, which are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys.
The TP-Link Archer AX6000, which has 32 problems, and the Synology RT-2600ac, which has 30 security flaws, are the two devices with the most vulnerabilities.
The examination process
In partnership with CHIP magazine, researchers at IoT Inspector conducted security tests with a focus on models primarily used by small businesses and residential users.
According to Florian Lukavsky, CTO & Founder at IoT Inspector, “vendors provided them with current models, which were upgraded to the newest firmware version, for Chip’s router review.”
“IoT Inspector automatically examined the firmware versions and searched for more than 5,000 CVEs and other security flaws.”
Although not all defects posed the same risk, the researchers discovered a few widespread issues that impacted the majority of the evaluated models:
The firmware contains an outdated Linux kernel.
stale VPN and multimedia features
over-reliance on BusyBox’s earlier iterations
weak default passwords like “admin” are used
Hardcoded credentials are present in plain text.
Changing the router’s default password when configuring it for the first time is one of the most crucial steps you can take to secure it, according to Jan Wendenburg, CEO of IoT Inspector.
Whether an IoT device is used at home or in a corporate network, changing the password upon first use and turning on automatic updates must be regular procedure, according to Wendenburg.
In addition to manufacturer-introduced vulnerabilities, utilising an IoT device with the adage “plug, play, and forget” poses the greatest risk.
Press Release
MASSACHUSETTS COURT SUPPORTS A REQUEST FROM THE IRS TO OBTAIN THE RECORDS OF ALL CIRCLE CUSTOMERS WHO HAD $20K+ IN CRYPTO TRANSACTIONS BETWEEN 2016 AND 2020 (ZACK SEWARD/COINDESK)
Massachusetts court supports a request from the IRS to obtain the records of all Circle customers who had $20K+ in crypto transactions between 2016 and 2020 — A Massachusetts court is supporting a request from the IRS to obtain the records Circle customers, the Department of Justice said.
-
Apps1 year agoWhy is Everyone Talking About Hindi Keyboards?
-
Social Media1 year agoWho is Rouba Saadeh?
-
Apps1 year agoThings you need to know about Marathi keyboard today
-
Apps1 year agoStuck with Your default Bangla keyboard? Isn’t it time for a change?
-
Games1 year agoTop 7 Popular Puzzle and Card Games for Relaxing Your Brain on Mobile, Featuring Solitaire
-
Social Media1 year agoMati Marroni Instagram Wiki (Model’s Age, Net Worth, Body Measurements, Marriage)
-
Entertainment1 year ago12 Online Streaming Sites that Serve as Best Alternatives to CouchTuner
-
Entertainment1 year agoMovierulz Website: Movierulzz 2021 Latest Movies on Movierulz.com