• Magazine
  • NEWS
    • GOVERNANCE
    • STARTUPS
    • BUDGET
    • WORKFORCE
    • PARTNERSHIPS
    • THREATS
    • DATA PRIVACY
    • Regulations & Compliance
  • FEATURES
  • PODCASTS
  • Get Featured
    • INTERVIEWS
    • INFOGRAPHICS
    • MARKET TRENDS REPORT
      • DATA SECURITY
      • ENDPOINT SECURITY
    • INNOVATOR’S CORNER
    • HOTSPOT
    • SPECIAL FEATURES
  • Videos
    • EVENT VIDEOS
    • WEEKLY NEWS
  • WEBINARS
  • EVENTS
    • Upcoming Events
    • Endorsed Events
    • E-Events
    • Masterclass
  • Advertise with us
Search
Thursday, February 25, 2021
  • About us
  • Advisory Board
  • Careers
  • Write for CISO MAG
  • Editorial Calendar 2021
  • Login
  • SUBSCRIBE
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG | Cyber Security Magazine
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG  - News and Updates| Cyber Security Magazine
  • Magazine
  • NEWS
    • GOVERNANCE
    • STARTUPS
    • BUDGET
    • WORKFORCE
    • PARTNERSHIPS
    • THREATS
    • DATA PRIVACY
    • Regulations & Compliance
  • FEATURES
    • Research Says Misconfiguration as the Primary Cloud Security Threat

      Dancing with the Elephants

      Insider Threats

      Insiders Threats: The Achilles Heel of Organizations

      DDoS Attacks

      DDoS Attacks Intensify in 2020 — Driven in Part by COVID-19 and 5G

      Cybersecurity is standard business practice for most large companies: Survey

      Rethinking Penetration Test Requirements in Cybersecurity Compliance

      Data breach

      How HR and IT Teams Can Streamline to Reduce Risk and Data Theft

  • PODCASTS
  • Get Featured
    • INTERVIEWS
    • INFOGRAPHICS
    • MARKET TRENDS REPORT
      • DATA SECURITY
      • ENDPOINT SECURITY
    • INNOVATOR’S CORNER
    • HOTSPOT
    • SPECIAL FEATURES
  • Videos
    • EVENT VIDEOS
    • WEEKLY NEWS
  • WEBINARS
  • EVENTS
    • Upcoming Events
    • Endorsed Events
    • E-Events
    • Masterclass
  • Advertise with us
Home News OpenWRT Administrator Account Breached
  • News
  • Threats

OpenWRT Administrator Account Breached

OpenWRT suffered a data breach after unknown hackers illicitly gained access to its administrator’s account. Though the account had a strong password, 2FA had not been enabled.

By
CISOMAG
-
January 22, 2021
SHARE
Facebook
Twitter
Unprotected Server Exposes Facebook Scraped Data of 12 Mn Users in Vietnam

OpenWRT, an open-source project that offers free firmware for home routers, is the latest victim of a data breach. OpenWRT’s administrator forum has been reportedly accessed and breached, and the attackers have downloaded a copy of the users’ list that contained email addresses, handles, and other statistical information of the forum users.

Strong Password but no 2FA

While it is unknown how the attackers compromised the account, the forum administrators stated that the account had a strong password but did not have two-factor authentication (2FA). “Although we do not believe the intruder could download the database, from an abundance of caution, we are following the advice of the Discourse community and have reset all passwords on the Forum, and flushed any API keys,” the OpenWRT’s administrators said.

OpenWRT admins warned community users and impacted users to be vigilant of various phishing attacks.  Besides, the admins suggested security measures, which include:

  • Reset your password by manually typing the following link without spaces on https://forum. openwrt.org. Enter your username and follow the “get a new password”
  • Assume that your email address and handle have been disclosed. That means you may get phishing emails that include your name. Don’t click links, but instead manually type the URL of the forum as above.
  • If you use the Github login/OAuth key, you should reset/refresh it.
  • OpenWrt forum credentials are entirely independent of the OpenWrt Wiki (https://openwrt.org). There is no reason to believe there has been any compromise to the Wiki credentials.

 Knowledge, Possession, Identity

  • With the surge in security breaches and digital fraud, data protection has never been more crucial. 2FA is gaining momentum, but it is more common than you think. It plays on three factors:
  • Knowledge (something you know): A pin, password, or username.
  • Possession (something you have): An ATM or debit card, phone, token, etc.
  • Identity (something you are): Facial recognition, voice note, or fingerprint.

Take some time and make it harder for identity thieves!

  • TAGS
  • Cybercriminals
  • data breach
  • forum administrator account
  • hackers
  • open-source project
  • OpenWRT forum
  • Passwords
  • two-factor authentication
SHARE
Facebook
Twitter
Previous articleShinyHunters Leak 1.9 Mn Pixlr Users’ Records Online
Next articleEU Regulators Imposed over €272.5 Mn in GDPR Fines to Date
CISOMAG
https://cisomag.eccouncil.org/

RELATED ARTICLESMORE FROM AUTHOR

Vietnam
News

APT32 Hackers Target Vietnamese Human Rights Defenders in Spyware Attacks

News

IBM Fixes Critical Vulnerabilities in Java Runtime, Planning Analytics Workspace

Ukraine accused Russia for Cyberattacks
News

Russian Networks Accused of Carrying Out Massive Cyberattack on Ukraine



EXCLUSIVE

CISO MAG Market Trends Report on Endpoint Security - 2020, endpoint security market trends, endpoint security 2020, endpoint security, endpoint security report,

CISO MAG Market Trends Report on Endpoint Security – 2020

CISOMAG - January 24, 2021
0
SecTalks

FOLLOW US FOR MORE UPDATES

Latest Issue is Out!

Evolution of Ransomware

Cyber security editorial calendar 2021

Listen to Our Latest Podcast

CYBER SHOTS
Quick, punchy updates on Cyber trends, news and links to free resources. Only via Telegram and Signal. Join the groups now!
Click Here Click Here

MOST POPULAR

Research Finds Increase in Botnet and Exploit Activity in Q2 2020

45% companies don’t have cybersecurity leader: Study

CISOMAG - December 11, 2017
s3 bucket security, Unacademy Suffers a Data Breach

Nearly half of companies have suffered a data breach in the past year: Survey

November 15, 2017
Messaging

Mobile messaging apps new hideout of Dark Web activities: Study

October 27, 2017
Kaspersky

NSA hacking code lifted from a personal computer in U.S.: Kaspersky

October 30, 2017

Instagram data breach! 49 million users’ sensitive data exposed online

May 23, 2019

RECENT POSTS

Research Says Misconfiguration as the Primary Cloud Security Threat

Dancing with the Elephants

February 25, 2021
Vietnam

APT32 Hackers Target Vietnamese Human Rights Defenders in Spyware Attacks

February 24, 2021

IBM Fixes Critical Vulnerabilities in Java Runtime, Planning Analytics Workspace

February 24, 2021
Ukraine accused Russia for Cyberattacks

Russian Networks Accused of Carrying Out Massive Cyberattack on Ukraine

February 24, 2021
Lazarus Hackers North Korea

In Action: Lazarus Group Develops New AppleJeus Malware for Cryptocurrency Theft

February 24, 2021
Cybersecurity News and Updates, Magazine
CISOMAG is the handbook for Chief Information Security Officer (CISO)s, CXOs, and every stakeholder of safe internet.
Contact us: [email protected]

EVEN MORE NEWS

Research Says Misconfiguration as the Primary Cloud Security Threat

Dancing with the Elephants

February 25, 2021
Vietnam

APT32 Hackers Target Vietnamese Human Rights Defenders in Spyware Attacks

February 24, 2021

IBM Fixes Critical Vulnerabilities in Java Runtime, Planning Analytics Workspace

February 24, 2021

POPULAR CATEGORY

  • News1985
  • Threats1139
  • Features337
  • Partnerships212
  • Governance173
  • Startups160
  • Interviews75
  • Terms of Use
  • Privacy Policy
  • Advertise with us
  • Contact Us
  • MASTERCLASS
© CISOMAG 2020
MORE STORIES
Research Says Misconfiguration as the Primary Cloud Security Threat
Features

Dancing with the Elephants

CISOMAG - February 25, 2021
0
Undoubtedly, the year 2020 has been an inflection point for propelling increasingly more data to the cloud for superior management, predictive analysis, and secure...
Edit with Live CSS
Save
Write CSS OR LESS and hit save. CTRL + SPACE for auto-complete.