Cyberattackers Attempt to Poison Entire Town (and other February 2021 IT threats)

Cyberattacks keep CEOs, governments and IT professionals up at night.  But the latest attack in Florida is especially hard to swallow.

 Hackers (Briefly) Poison Water Supply Remotely

A worst-case scenario cyberattack was nearly executed earlier this month when a hacker gained access to a small Florida town’s water supply system and increased the lye concentration by over 10,000%.   The login for a TeamViewer account was all it took to carry out this attack.

The lye contamination was quickly reversed, but only because backup alarms detected the high lye concentration in the water.  In addition to terrifying IT employees in towns and cities across the nation, this also demonstrates how one lost password at a company providing physical infrastructure services can have fatal consequences.

 A New Way for Hackers to Steal Credentials Using Chrome Extensions

Criminals have been uploading malware disguised as helpful extensions to the Chrome Web Store for years – and Google has been finding and deleting the malware for just as long.  But an attacker recently found a way to install a malicious extension while bypassing the Chrome Web Store entirely.

After gaining access to a corporate PC, the hacker installed a malicious Chrome extension directly to the PC.  The malicious extension used the logo and name of a legitimate corporate cybersecurity product to avoid drawing scrutiny from the user.

The malware uses built-in Chrome features to communicate with other Chrome extensions, intercepting and storing credentials like email and OAuth tokens to the user’s Chrome account.  Google helpfully stores this information in their cloud, allowing the hackers to log in and steal it at a later point. [Read More at SecurityWeek]

Spotify Credential Stuffing Attack Provides List of Password Recyclers

A criminal group with hundreds of thousands of stolen of usernames and passwords has tested all of them against Spotify recently in a credential stuffing attack.  In the process, they identified 100,000 users who used the same username and password on Spotify that they used on another website.

It’s not that big of a deal if someone’s Spotify account gets taken over.  What is a big deal is if one of these people is an employee at your company, and they’re using the same password at work, too.  Make sure your employees aren’t reusing the same password for everything! [Read more at Threatpost]