Cyber Himalayas

𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun Protecting Your Health Data: A Crucial Mission for Pharma & Us #Cybersecurity #Healthcare The world of medicine is rapidly changing, and with it, the threats to patient data security! 🌐 Pharmaceutical companies hold a treasure trove of sensitive information, making them prime targets for cyber attacks. This can disrupt medication production, expose patient records, and even manipulate research. 💊 🏥 Together, we can build a more secure future for healthcare data! #CyberSafetyTips #ProtectYourPrivacy #CyberAwareness #SecurityAwareness #DataPrivacy #SecureYourDevices #SupplyChainSecurity #PatientCare #IoT #MachineLearning #AI

𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun 🔒 𝐋𝐞𝐚𝐫𝐧 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐜𝐚𝐮𝐭𝐢𝐨𝐧𝐚𝐫𝐲 𝐭𝐚𝐥𝐞 𝐨𝐟 𝐑𝐚𝐭𝐚𝐧 𝐀𝐦𝐛𝐚𝐧𝐢, 𝐭𝐡𝐞 𝐫𝐞𝐧𝐨𝐰𝐧𝐞𝐝 𝐈𝐧𝐝𝐢𝐚𝐧 𝐛𝐮𝐬𝐢𝐧𝐞𝐬𝐬 𝐦𝐚𝐠𝐧𝐚𝐭𝐞 𝐰𝐡𝐨 𝐟𝐚𝐜𝐞𝐝 𝐜𝐚𝐭𝐚𝐬𝐭𝐫𝐨𝐩𝐡𝐢𝐜 𝐥𝐨𝐬𝐬𝐞𝐬 𝐝𝐮𝐞 𝐭𝐨 𝐰𝐞𝐚𝐤 𝐞𝐧𝐝𝐩𝐨𝐢𝐧𝐭 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲. His experiences highlight the critical importance of robust cybersecurity measures in today's interconnected world. 🌐 💼 From data interception to firmware vulnerabilities, Ratan's story unveils the grim realities of cyber threats. Hacker groups like "Black Cobra" and "Shadow Scavengers" exploited weaknesses in his smartwatch, exposing sensitive business data and personal information, leading to financial losses and public humiliation. But there's hope. By implementing measures like strong encryption, regular updates, and secure pairing, you can fortify your defenses against cyber attacks. App vetting, user education, and remote wipe capabilities are crucial steps to protect your data and privacy. #StaySecure #CyberSafetyTips #ProtectYourPrivacy #CyberAwareness #SecurityAwareness #DataPrivacy #SecureYourDevices #PrivacyMatters #CyberCrimePrevention Share your thoughts and stay protected with Cyber Himalayas

𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun 🌲 𝗧𝗶𝘁𝗹𝗲: 𝗙𝗹𝘂𝗲𝗻𝘁 𝗕𝗶𝘁: 𝗗𝗲𝘁𝗲𝗰𝘁𝗲𝗱 𝘄𝗶𝘁𝗵 𝗻𝗲𝘄 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 - 𝗟𝗶𝗻𝗴𝘂𝗶𝘀𝘁𝗶𝗰 𝗟𝘂𝗺𝗯𝗲𝗿𝗷𝗮𝗰𝗸 🔍 Overview: 𝘗𝘰𝘱𝘶𝘭𝘢𝘳 𝘥𝘢𝘵𝘢 𝘮𝘢𝘤𝘩𝘪𝘯𝘦 𝘨𝘪𝘢𝘯𝘵 𝘍𝘭𝘶𝘦𝘯𝘵 𝘉𝘪𝘵 𝘧𝘢𝘤𝘦𝘴 𝘢 𝘤𝘳𝘪𝘵𝘪𝘤𝘢𝘭 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘧𝘭𝘢𝘸, 𝘥𝘶𝘣𝘣𝘦𝘥 "𝘓𝘪𝘯𝘨𝘶𝘪𝘴𝘵𝘪𝘤 𝘓𝘶𝘮𝘣𝘦𝘳𝘫𝘢𝘤𝘬," 𝘳𝘢𝘪𝘴𝘪𝘯𝘨 𝘤𝘰𝘯𝘤𝘦𝘳𝘯𝘴 𝘪𝘯 𝘵𝘩𝘦 𝘤𝘺𝘣𝘦𝘳𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘳𝘦𝘢𝘭𝘮. 🛡️ Impact: 𝘛𝘩𝘦 𝘷𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘪𝘭𝘪𝘵𝘺, 𝘪𝘥𝘦𝘯𝘵𝘪𝘧𝘪𝘦𝘥 𝘢𝘴 𝘊𝘝𝘌-2024-4323, 𝘵𝘩𝘳𝘦𝘢𝘵𝘦𝘯𝘴 𝘥𝘦𝘯𝘪𝘢𝘭-𝘰𝘧-𝘴𝘦𝘳𝘷𝘪𝘤𝘦 (𝘋𝘰𝘚), 𝘥𝘢𝘵𝘢 𝘦𝘹𝘱𝘰𝘴𝘶𝘳𝘦, 𝘢𝘯𝘥 𝘳𝘦𝘮𝘰𝘵𝘦 𝘤𝘰𝘥𝘦 𝘦𝘹𝘦𝘤𝘶𝘵𝘪𝘰𝘯, 𝘱𝘰𝘴𝘪𝘯𝘨 𝘳𝘪𝘴𝘬𝘴 𝘧𝘰𝘳 𝘶𝘴𝘦𝘳𝘴 𝘳𝘦𝘭𝘪𝘢𝘯𝘵 𝘰𝘯 𝘍𝘭𝘶𝘦𝘯𝘵 𝘉𝘪𝘵 𝘧𝘰𝘳 𝘭𝘰𝘨𝘨𝘪𝘯𝘨 𝘢𝘯𝘥 𝘮𝘦𝘵𝘳𝘪𝘤𝘴. 🔒 Security Risk: 𝘌𝘹𝘱𝘭𝘰𝘪𝘵𝘪𝘯𝘨 𝘷𝘦𝘳𝘴𝘪𝘰𝘯𝘴 2.0.7 𝘵𝘩𝘳𝘰𝘶𝘨𝘩 3.0.3, 𝘢𝘵𝘵𝘢𝘤𝘬𝘦𝘳𝘴 𝘤𝘢𝘯 𝘮𝘢𝘯𝘪𝘱𝘶𝘭𝘢𝘵𝘦 𝘮𝘦𝘮𝘰𝘳𝘺 𝘵𝘩𝘳𝘰𝘶𝘨𝘩 𝘤𝘳𝘢𝘧𝘵𝘦𝘥 𝘳𝘦𝘲𝘶𝘦𝘴𝘵𝘴, 𝘱𝘰𝘵𝘦𝘯𝘵𝘪𝘢𝘭𝘭𝘺 𝘭𝘦𝘢𝘥𝘪𝘯𝘨 𝘵𝘰 𝘋𝘰𝘚 𝘢𝘵𝘵𝘢𝘤𝘬𝘴 𝘰𝘳 𝘳𝘦𝘮𝘰𝘵𝘦 𝘤𝘰𝘥𝘦 𝘦𝘹𝘦𝘤𝘶𝘵𝘪𝘰𝘯, 𝘦𝘯𝘥𝘢𝘯𝘨𝘦𝘳𝘪𝘯𝘨 𝘥𝘢𝘵𝘢 𝘪𝘯𝘵𝘦𝘨𝘳𝘪𝘵𝘺. 💬 Engagement: Share your thoughts and stay protected with Cyber Himalayas #Cybersecurity #FluentBit #Vulnerability #LinguisticLumberjack #CVE20244323 #DoS #RemoteCodeExecution #StayProtected

𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun 𝐃𝐢𝐝 𝐲𝐨𝐮 𝐤𝐧𝐨𝐰? Microsoft is about to revolutionize the digital world with its innovative underwater data centers, promising greater reliability, energy efficiency, and sustainability. Dive into this article to explore how Project Natick is set to transform data infrastructure by leveraging the unique environment of the ocean. Check out the full article and share your thoughts in the comments! ⬇ ✍ #cybersecurity #informationsecurity #dataprivacy #securityawareness #infosec #cyberhimalayas #learnwithus #PrivacyProtection #SecurityMeasures #datacentre #microsoft

𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun 𝐍𝐞𝐰 𝐖𝐢-𝐅𝐢 (𝐖𝐢𝐫𝐞𝐥𝐞𝐬𝐬 𝐅𝐢𝐝𝐞𝐥𝐢𝐭𝐲) 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐄𝐧𝐚𝐛𝐥𝐞𝐬 𝐍𝐞𝐭𝐰𝐨𝐫𝐤 𝐄𝐚𝐯𝐞𝐬𝐝𝐫𝐨𝐩𝐩𝐢𝐧𝐠 𝐯𝐢𝐚 𝐃𝐨𝐰𝐧𝐠𝐫𝐚𝐝𝐞 𝐀𝐭𝐭𝐚𝐜𝐤𝐬 The ubiquity of Wi-fi deployment and rapid growth in the volume and diversity of Wi-Fi devices represents an attractive surface for hackers to exploit. This era of technology is aligned with the aggressive usage of Wi-Fi devices in the form IoT devices and due to its pervasive nature, it becomes the attractive target for hackers. • Wi-Fi uses radio waves to transmit data between devices and the internet. Wireless adapter in the device translates digital data into radio signals and it receives by router after decoding this radio signals into original digital data. Now to ensure that this data wouldn’t be altered or susceptible to any attack like Man in the middle attack etc., some set of security measure in the form of security protocol like WPA (Wi-fi protected Access), WPA2, WPA3 are established. • This protocol ensures the scrambling of data or encryption and maintain confidentiality of data. Unauthorize access to system will help the attacker to downgrade the security level and leads to Downgrade attack.    ‣ Researchers have discovered a new security vulnerability arise from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims to connect with less secure wireless network and eavesdrop on their network traffic. These design flaws are Overly trusting. ‣ SSID (Service set identifier/ network name) and lack of robust authentication.  Some Wi-Fi devices prioritize networks based on SSID (network name) recognition. This means they favor connecting to network with SSID they are connected before and poor authentication process will amplify such SSID trusting flaws. The Impact of this flaws results in SSID Confusion Attack.  ‣ SSID Confusion Attack- Attacker exploit the system by setting up a malicious network with the SSID of a trusted network that have connected before (e.g.  home Wi-Fi name or a familiar coffee shop). ‣ The device, recognizing the familiar SSID and might automatically connect to the attacker’s network leading downgrading of security protocol of the device i.e. WPA3 TO WAP/WEP, make it more vulnerable and susceptible to data breach. • Mitigation strategies includes robust authentication of network, manual network selection or disable automatic Wi-Fi connection on devices and manually select the network SSID before connecting, especially in public places, adopting best practices like software updates that includes devices and router firmware updates.  #cybersecurity #informationsecurity #dataprivacy #securityawareness #infosec #cyberhimalayas #learnwithus #PrivacyProtection #SecurityMeasures 🛡️ #wifi #WPA #vulnerability

𝐌𝐮𝐥𝐭𝐢𝐩𝐥𝐞 𝐄𝐧𝐭𝐞𝐫𝐩𝐫𝐢𝐬𝐞𝐬 𝐚𝐫𝐞 𝐛𝐨𝐦𝐛𝐚𝐫𝐝𝐞𝐝 𝐰𝐢𝐭𝐡 𝐒𝐩𝐚𝐦 𝐦𝐚𝐢𝐥𝐬 & 𝐏𝐡𝐨𝐧𝐞 𝐜𝐚𝐥𝐥𝐬 𝐢𝐧 𝐚𝐧 𝐨𝐧𝐠𝐨𝐢𝐧𝐠 𝐜𝐚𝐦𝐩𝐚𝐢𝐠𝐧     𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun A new threat has emerged in this cyber world where the multiple enterprises users are flooded with Spam emails and Phone calls in order to gain access to the network to steal confidential information and use it for personal gains. Cyber security experts have unveiled an ongoing social engineering campaign wherein the threat actor bombards enterprise with spam mails with a goal to gain the initial access to the network.   • These threat actors then make the impacted user to download and install various remote monitoring or screen sharing apps like AnyDesk, Splashtop, TeamViewer etc.  • This campaign was underway from late April 2024, with the mails primarily consisting of newsletters, videos and articles sign up confirmation messages or Cookies acceptance from legitimate organization in order to sneak into database by invading the email protection solutions. • Further the personal information is used to is used to contact the person and make him to install the remote desktop software under the pretext of resolving the email issue.   • The adversary sneaks & uses the ability to control a computer from far away by downloading harmful payloads. • This payload further helps them to steal credentials and stay connected to the computers they've targeted. Study revealed that these threat actors are working in the groups.  One such instance is that where in the threat actors attempted to deploy a payload called Cobalt Strike Beacon to other assets within the compromised network space. Since there was no demand of ransomware and Rapid7 stated that the activity overlaps with the similar previous attack associated with the Black Basta ransomware operators.  #cybersecurity #informationsecurity #dataprivacy #securityawareness #infosec #cyberhimalayas #spam #spammails #learnwithus #PrivacyProtection #SecurityMeasures 🛡️

“𝐇𝐚𝐯𝐞 𝐲𝐨𝐮 𝐔𝐩𝐠𝐫𝐚𝐝𝐞𝐝 𝐲𝐨𝐮𝐫 𝐜𝐡𝐫𝐨𝐦𝐞 𝐲𝐞𝐭?”: 𝐂𝐡𝐫𝐨𝐦𝐞 𝐙𝐞𝐫𝐨 - 𝐃𝐚𝐲 𝐀𝐥𝐞𝐫𝐭 𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun Technology Giant Google has released its new update for chrome on 𝐌𝐚𝐲 07,2024 𝐭𝐨 𝐚𝐝𝐝𝐫𝐞𝐬𝐬 𝐚 𝐳𝐞𝐫𝐨-𝐝𝐚𝐲 𝐟𝐥𝐚𝐰 𝐢𝐧 𝐂𝐡𝐫𝐨𝐦𝐞 that it said has been actively exploited in the wild. s CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher.  But this sudden & unannounced upgradation has left everyone wondering to what limit they have been exposed!!! Well, you need to hold your nerves. It was a classic case of “Use after free bugs”, which arise when a program references a memory location after it has been deallocated.   The identified vulnerability has the potential to result in various outcomes, spanning from system crashes to the execution of arbitrary code.   - 𝐓𝐨𝐩 𝐨𝐟 𝐅𝐨𝐫𝐦 - 𝐆𝐨𝐨𝐠𝐥𝐞 𝐡𝐚𝐝 𝐚𝐥𝐬𝐨 𝐫𝐞𝐜𝐞𝐧𝐭𝐥𝐲 𝐭𝐚𝐜𝐤𝐥𝐞𝐝 𝐭𝐡𝐫𝐞𝐞 𝐦𝐨𝐫𝐞 𝐙𝐞𝐫𝐨-𝐝𝐚𝐲 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐭𝐡𝐚𝐭 𝐰𝐞𝐫𝐞 𝐮𝐧𝐯𝐞𝐢𝐥𝐞𝐝 𝐝𝐮𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐏𝐰𝐧2𝐎𝐰𝐧 𝐡𝐚𝐜𝐤𝐢𝐧𝐠 𝐜𝐨𝐦𝐩𝐞𝐭𝐢𝐭𝐢𝐨𝐧 𝐡𝐞𝐥𝐝 𝐭𝐡𝐢𝐬 𝐲𝐞𝐚𝐫 𝐢𝐧 𝐌𝐚𝐫𝐜𝐡 𝐚𝐭 𝐕𝐚𝐧𝐜𝐨𝐮𝐯𝐞𝐫.  i) CVE-2024-2886 - Use-after-free in WebCodecs  ii) CVE-2024-2887 - Type confusion in WebAssembly  iii) CVE-2024-3159 - Out-of-bounds memory access in V8    "Google is aware that an exploit for CVE-2024-4671 exists in the wild," the company said in an advisory without commenting on specifications of threat in real-world attacks or the identity of the villain behind them.  All Mac, Windows & Linux Users are hereby advised to upgrade to latest version of Chrome to safeguard yourself from threat.  Stay informed, stay protected.   #cybersecurity #informationsecurity #dataprivacy #securityawareness #cybersecuritytips #infosec #cyberhimalayas #learnwithus #PrivacyProtection #SecurityMeasures 🛡️ #google #zeroday #attack #chrome  

In an era of digitalization, safeguarding our health data is paramount. 🏥 💊 𝐒𝐭𝐚𝐲 𝐓𝐮𝐧𝐞𝐝 - Cyber Himalayas 🔔 | Technology | Education | Fun 🌐 From robust encryption to strict access controls, we delve into strategies for ensuring privacy and security in healthcare. Let's empower individuals with control over their sensitive information while advancing healthcare innovation! Check out the full article and share your thoughts in the comments! ⬇ ✍ #cybersecurity #informationsecurity #dataprivacy #securityawareness #cybersecuritytips #infosec #cyberhimalayas #learnwithus #HealthDataSecurity #IndiaHealthcare #PrivacyProtection #DigitalHealth #SecurityMeasures 🛡️"

🔔 𝑺𝒕𝒂𝒚 𝑻𝒖𝒏𝒆𝒅 𝒘𝒊𝒕𝒉 - Cyber Himalayas 🔔 𝐑𝐞𝐦𝐞𝐦𝐛𝐞𝐫 𝐘𝐚𝐡𝐨𝐨𝐨𝐨𝐨!!! 🤔 𝐈𝐧 2016, 𝐘𝐚𝐡𝐨𝐨 𝐚𝐧𝐧𝐨𝐮𝐧𝐜𝐞𝐝 𝐭𝐡𝐚𝐭 𝐢𝐭 𝐡𝐚𝐝 𝐛𝐞𝐞𝐧 𝐚𝐟𝐟𝐞𝐜𝐭𝐞𝐝 𝐛𝐲 𝐚 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐛𝐫𝐞𝐚𝐜𝐡 𝐰𝐡𝐢𝐥𝐞 𝐭𝐫𝐲𝐢𝐧𝐠 𝐭𝐨 𝐬𝐞𝐥𝐥 𝐢𝐭𝐬𝐞𝐥𝐟 𝐭𝐨 𝐕𝐞𝐫𝐢𝐳𝐨𝐧. This breach, which started in 2013, compromised the personal information of 500 million Yahoo users, including real names, email IDs, dates of birth, and telephone numbers. To protect user passwords, Yahoo had utilized the bcrypt algorithm, which hashes passwords with a unique value called a salt. The purpose of the salt is to add randomness to the hashing process, making it harder for hackers to crack the passwords. However, despite the use of bcrypt, the hackers were able to gain access to the passwords due to weak authentication and access control measures, as well as insufficient encryption. The hackers employed a technique called forged cookies to carry out the breach. Cookies are small pieces of code stored in web browsers that enhance our browsing experience by allowing websites to remember our preferences and login information. They eliminate the need to log in every time we visit a website. In this case, the hackers manipulated the code of these cookies, creating forged versions that mimicked real cookies. By doing so, they were able to gain unauthorized access to user accounts without requiring a login at every visit. This made it easier for them to carry out malicious activities. The breach impacted Yahoo's entire user base at the time, including users of Yahoo Mail, Yahoo Finance, Yahoo Sports, and other Yahoo services. In response, Yahoo initiated procedures to contain the breach, investigate the extent of the damage, and mitigate further risks. One of the first steps taken was notifying affected users about the breach and advising them to change their passwords and review their account security settings. To prevent similar incidents in the future, Yahoo implemented various security enhancements. This included improving encryption protocols to ensure stronger protection of user data. The Yahoo security breach serves as a reminder of the importance of strong authentication measures and robust encryption protocols. As users, it is crucial to regularly update passwords and review security settings to safeguard our personal information. Furthermore, it is essential to be cautious when interacting with websites and to report any suspicious activities promptly. For infosec beginners, this incident highlights the need to stay informed about the latest security practices and to remain vigilant in the face of potential threats. By adopting a proactive approach to cybersecurity, individuals can better protect themselves and their sensitive information from falling into the wrong hands. #Yahoo #incident #databreach #cybersecurity #dataprotection #security #cyberhimalayas #technews #hackers

🔔 𝑺𝒕𝒂𝒚 𝑻𝒖𝒏𝒆𝒅 𝒘𝒊𝒕𝒉 - Cyber Himalayas 🔔 🤔 Ever used QUORA? Let's dive into the Quora's data breaches! 💻 𝐐𝐮𝐨𝐫𝐚 𝐁𝐞𝐢𝐧𝐠 𝐨𝐧𝐞 𝐨𝐟 𝐭𝐡𝐞 𝐩𝐨𝐩𝐮𝐥𝐚𝐫 𝐩𝐥𝐚𝐭𝐟𝐨𝐫𝐦𝐬 𝐟𝐨𝐫 𝐚𝐬𝐤𝐢𝐧𝐠 𝐫𝐞𝐥𝐞𝐯𝐚𝐧𝐭 𝐪𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬 𝐚𝐧𝐝 𝐫𝐞𝐜𝐞𝐢𝐯𝐢𝐧𝐠 𝐚𝐩𝐭 𝐚𝐧𝐬𝐰𝐞𝐫𝐬. 𝐈𝐭 𝐰𝐚𝐬 𝐟𝐨𝐮𝐧𝐝𝐞𝐝 𝐢𝐧 2009 𝐛𝐲 𝐀𝐝𝐚𝐦 𝐃’𝐀𝐧𝐠𝐞𝐥𝐨 𝐚𝐧𝐝 𝐂𝐡𝐚𝐫𝐥𝐢𝐞 𝐂𝐡𝐞𝐞𝐯𝐞𝐫. 𝐈𝐧 2018 𝐐𝐮𝐨𝐫𝐚 𝐝𝐚𝐭𝐚 𝐛𝐫𝐞𝐚𝐜𝐡 𝐭𝐨𝐨𝐤 𝐩𝐥𝐚𝐜𝐞 𝐰𝐡𝐞𝐫𝐞 𝐮𝐧𝐚𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐞𝐝 𝐚𝐜𝐜𝐞𝐬𝐬 𝐭𝐨 𝐬𝐞𝐧𝐬𝐢𝐭𝐢𝐯𝐞 𝐮𝐬𝐞𝐫 𝐝𝐚𝐭𝐚 𝐝𝐮𝐞 𝐭𝐨 𝐚 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐢𝐧 𝐨𝐧𝐞 𝐨𝐟 𝐐𝐮𝐨𝐫𝐚’𝐬 𝐬𝐲𝐬𝐭𝐞𝐦𝐬.  Hackers took unauthorized access to Quora’s system, allowing them to retrieve sensitive user information. Approx 100 million Quora users was compromised, including the names Email addresses, encrypted passwords & other accounts related data. 🔐 𝑻𝒉𝒆 𝑺𝒑𝒆𝒄𝒊𝒇𝒊𝒄 𝒅𝒆𝒕𝒂𝒊𝒍𝒔 𝒓𝒆𝒈𝒂𝒓𝒅𝒊𝒏𝒈 𝒕𝒉𝒆 𝒗𝒖𝒍𝒏𝒆𝒓𝒂𝒃𝒊𝒍𝒊𝒕𝒊𝒆𝒔 𝒘𝒆𝒓𝒆 𝒏𝒐𝒕 𝒑𝒖𝒃𝒍𝒊𝒔𝒉𝒆𝒅 𝒃𝒚 𝒕𝒉𝒆 𝒄𝒐𝒎𝒑𝒂𝒏𝒚 𝒉𝒐𝒘𝒆𝒗𝒆𝒓 𝒊𝒕𝒔 𝒄𝒐𝒎𝒎𝒐𝒏 𝒊𝒏 𝒅𝒂𝒕𝒂 𝒃𝒓𝒆𝒂𝒄𝒉𝒆𝒔 𝒇𝒐𝒓 𝒂𝒕𝒕𝒂𝒄𝒌𝒆𝒓𝒔 𝒕𝒐 𝒆𝒙𝒑𝒍𝒐𝒊𝒕𝒔 𝒗𝒂𝒓𝒊𝒐𝒖𝒔 𝒗𝒖𝒍𝒏𝒆𝒓𝒂𝒃𝒊𝒍𝒊𝒕𝒊𝒆𝒔 𝒊𝒏 𝒂 𝒄𝒐𝒎𝒑𝒂𝒏𝒚 𝒔𝒚𝒔𝒕𝒆𝒎. ~𝐖𝐞𝐚𝐤𝐧𝐞𝐬𝐬𝐞𝐬 𝐢𝐧 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐬𝐲𝐬𝐭𝐞𝐦 – It includes inadequate access controls, week password policies or insufficient encryption of sensitive data.  Software vulnerabilities – Attackers exploit vulnerabilities in software applications or systems such as outdated software versions with known security flaws or zero-day vulnerabilities  ~𝐒𝐨𝐜𝐢𝐚𝐥 𝐞𝐧𝐠𝐢𝐧𝐞𝐞𝐫𝐢𝐧𝐠 – Attackers use social engineering techniques to trick employees for sensitive information or credentials, which they then use to gain unauthorised access to system.     This breach affected all versions of Quora’s platform that were operational that the time of breach.  𝘛𝘩𝘦 𝘮𝘪𝘯𝘥 𝘣𝘦𝘩𝘪𝘯𝘥 𝘵𝘩𝘦 𝘣𝘳𝘦𝘢𝘤𝘩 𝘸𝘦𝘳𝘦 𝘤𝘺𝘣𝘦𝘳𝘤𝘳𝘪𝘮𝘪𝘯𝘢𝘭𝘴 𝘴𝘦𝘦𝘬𝘪𝘯𝘨 𝘵𝘰 𝘦𝘹𝘱𝘭𝘰𝘪𝘵 𝘵𝘩𝘦 𝘤𝘰𝘮𝘱𝘳𝘰𝘮𝘪𝘴𝘦𝘥 𝘥𝘢𝘵𝘢 𝘧𝘰𝘳 𝘮𝘢𝘭𝘪𝘤𝘪𝘰𝘶𝘴 𝘱𝘶𝘳𝘱𝘰𝘴𝘦𝘴, 𝘴𝘶𝘤𝘩 𝘢𝘴 𝘪𝘥𝘦𝘯𝘵𝘪𝘵𝘺 𝘵𝘩𝘦𝘧𝘵, 𝘱𝘩𝘪𝘴𝘩𝘪𝘯𝘨 𝘢𝘵𝘵𝘢𝘤𝘬𝘴 𝘰𝘳 𝘴𝘢𝘭𝘦 𝘰𝘯 𝘵𝘩𝘦 𝘥𝘢𝘳𝘬 𝘸𝘦𝘣.  ~ Once the attack took place Quora notified affected users about the breach and reset their passwords as a immediate measure.  ~ It implemented increased versions of security measures to strengthen its system and prevent similar breaches in future involving improved access control, implementing stricter authentication protocols and enhancing monitoring for suspicious activities. The Quora data breach highlights the importance of strong and unique password for each online account. It also outlines the importance of implementing strong and robust security measures to protect users’ personal information.  🛡️ #CyberSecurity #DataBreach #StaySecure #OnlineSafety 🚀 #cyberhimalays #quora #databreach #informationsecurity #technews