A Bit of Background Behind Reddit’s Stolen Data 

Reddit CTO Christopher Slowe, AKA Keysersosa said that their systems were hacked on 5th February 2023. Because of that, some internal documents and personnel data that contained sensitive user information from Reddit have been stolen by hackers during a “highly-targeted” breach of the company’s systems cyber security. Slowe continued by saying that the business had no evidence that passwords and other private user information had been stolen. Reddit did not provide any additional information regarding the hack or its perpetrators.   

When the Drama & Culprits Unfolded 

On 17 June, Blackcat posted an article regarding this incident. In the post titled The Reddit Files, Blackcat claims it contacted Reddit twice, on April 13 and June 16. But, they did not hear back.  

The post said, “We informed them through our initial email that we would hold off till their IPO to come out. But this feels like the ideal chance”. Further, “we are extremely convinced that Reddit will not pay any money for their data”.  

In the article, they demanded Reddit to pay $4.5 million and removed its recent price hikes for API in exchange for returning the data.  

Reddit Continues to Face the Heat of Controversy 

Reddit has seen several communities go black, effectively going down in protest of the way the site has been operating. This includes proposals to charge for access to its data. However, companies have announced that they will need an Application Programming Interface (API) to access the site’s data. And as Reddit stated back in April, this “premium access” is now quite expensive.   

How Will the API Access Change Affect Reddit users  

It is anticipated that the planned changes will effectively put an end to third-party Reddit programs like Apollo. This allow users to surf the website with a customizable interface.   

According to Apollo’s lone developer, Christian Selig, such apps would need to charge around $5 per user per month just to use the new Reddit premium access. Which sounds exorbitant, in all honesty. 

 Conclusion 

Strong cybersecurity safeguards are essential, and ransomware assaults are becoming a bigger concern. This comes as evidenced by the ransom demand from the BlackCat ransomware organization. The current issue over Reddit’s API pricing has also brought attention to the necessity of openness and cooperation between platform providers and developers. Organizations must take precautions to safeguard themselves and their users as the threat of cyberattacks increases. This entails making investments in cybersecurity safeguards, educating staff about best practices, and working with industry partners to exchange knowledge and best practices. 

The post Reddit’s 80GB of Stolen Data Can Get Leaked by Hackers From ALPHV/BlackCat appeared first on Tech Research Online.

Last year, ransomware remained the most hazardous, costly, and ubiquitous cyber threat to EMEA organizations, and it will be the most damaging cybercrime instrument in 2023. According to CrowdStrike’s Global Threat Report, ransomware-related data exposures have increased by 82% yearly, heavily costing firms involved.

What Is a Cyber Attack?

A cyber-attack is intended to harm or exploit a network while changing, destroying, or stealing data from a computer or any component of a computerized information system. Cyberattacks have increased in recent years as the industry has become more digitized.

How to Prevent Cyber Attacks?

Companies across all industries require cybersecurity security specialists. Still, financial, healthcare, and even educational institutions are in demand, given the necessity to secure patient data, assets, and transactions, mainly to prevent cyberattacks. Enrolling in the best cybersecurity courses is recommended to become a cybersecurity expert.

• Use passwords with alphanumeric characters that are challenging to decode, and change your passwords periodically to ensure the security of your accounts.
• Be cautious when opening emails from unknown senders. Ensure there are no mistakes or flaws in any emails you receive.
• Employees should be familiar with cybersecurity fundamentals. They must comprehend the different cyberattacks and how to defend against them. To understand cybersecurity fundamentals, register for cybersecurity courses that will help you and your employees to avoid cyber attacks.
• It is advised to use two-factor or multi-factor authentication.
• Maintain frequent data backups.
• Be careful to secure your mobile device, as they are common targets for cyberattacks.

What Types of Cyber Attacks are Used by Hackers?

While attackers can access an IT system in several ways, most cyberattacks use similar strategies. Some of the most typical forms of cyberattacks are listed below:

1. Malware

Malware is malicious software that aims to damage or steal information from a server, network, or computer. You are tricked into downloading malware onto your gadgets by hackers.

One of the most popular types of online assaults is malware. You should also be aware of the following variations:

• Ransomware: This software encrypts files on your computer, so you can only access them once you pay a ransom.
• Viruses: The virus is activated when you open software or a file with a virus attached.
• Trojans: These varieties of malware hide inside a reliable piece of software, earning their name from the well-known Trojan horse.
• Spyware: This type of spyware spies on your activity and provides information to the hacker, as the name indicates.

2. Phishing Cyber Attack

Phishing is a common type of cyber-attacks that is widely used. To send the target a fraudulent email, the attacker assumes the identity of a recognized contact. It represents a specific kind of social engineering attack. Without realizing it, the victim opens the email, clicks on the malicious link, or opens the attachment. Attackers can use this to access sensitive data and account credentials.

3. A Man-in-the-Middle Attack

Hackers inserting themselves into a two-party transaction are said to be conducting man-in-the-middle attacks, also referred to as eavesdropping attacks. This attack occurs when an attacker inserts themself in the middle of a two-party transaction by intercepting it. Cyber intruders can then disrupt transmission to steal and modify data. This attack typically takes advantage of network security flaws, such as unprotected public WiFi, to place oneself between a visitor’s device and the network.

4. Zero-Day Attack

Zero-day attacks often happen when a network vulnerability is recently discovered and used without a fix. Attackers using zero-day techniques use recently discovered vulnerabilities during the brief window when neither fixes nor safeguards are available. It is crucial to continually monitor, find, and manage zero-day attacks to stop them.

5. Password Attack

Password attacks are cyber attacks in which hackers attempt to guess, forcefully, or deceive you into revealing your passwords. Passwords are the most common means of authenticating access to a protected information system, which makes them an appealing target for cyber attackers. An attacker can acquire access to private or vital data and systems by gaining access to a person’s password, including the power to modify and manage said data or systems.

Thus to safeguard your data effectively, you need a strong password generator which can be the most powerful shield against potential breaches and attacks.

 6. SQL Injection Attack

The problem of SQL injection has spread to database-driven websites. It happens when a malicious party uses the input data from the client to the server to run a SQL query on the database. It attempts to execute predefined SQL instructions, and SQL commands are introduced into data-plane input (for instance, rather than the login or password).

7. Denial-of-Service Attack

In a denial-of-service attack, a system’s resources are overloaded, making it unable to respond to service requests. The system’s resources are likewise under assault in a DDoS attack, but this time, the attacker controls several additional host devices infected with malicious software. Denial-of-service attacks don’t directly benefit the attacker, unlike attacks intended to provide the attacker with more or better access.

8. Ransomware

Today, the most common malware is ransomware. It often gets installed when a person accesses a malicious website or downloads a tampered email attachment. The ransom demand is followed by the attacker providing the decryption key required to unlock the encrypted data in return for a ransom.

9. Spoofing the DNS

To redirect users to a hacker-controlled website rather than the real one, hackers have long taken advantage of the vulnerable nature of DNS to replace recorded IP addresses on DNS servers and resolvers with bogus entries. So that users won’t be suspicious when requested to submit login information on what they believe to be a legitimate site, these false websites are created to seem exactly like the website they were expecting to visit.

10. Insider Danger

As the name suggests, an internal danger is done by an insider rather than a third party. In such a circumstance, someone from within the company may know everything about it. Insider threats can wreak enormous harm. Insider threats are common in small firms since employees have access to many accounts containing sensitive information.

Conclusion

A cyberattack is an effort to access an IT system illegally for theft, extortion, disruption, or other destructive activity. Security issues frequently result from internal malice or carelessness. Cyber attacks arise when a person, group, or collaborative group tries to break the security system of another person or organization intentionally.

You may now have a better understanding of the types of cyberattacks used by hackers, and you should be aware of them and the precautions you should take. The cybersecurity course includes a thorough curriculum that will teach you about the many cyberattacks you should be aware of to understand and learn how to defend against them.

The post 10 Types of Cyber Attacks Commonly Used by Hackers appeared first on Tech Research Online.