U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Tv5Monde revealed his own passwords in an interview

A TV5Monde staffer accidentally revealed a password used to access the social media account of the broadcaster in an interview. Following the successful attack against the network of the TV French Channel TV5Monde, law enforcement and French Intelligence started to investigate the attach chain. Investigators speculate that one of the possible way hackers obtained credentials for systems […]

Tv5Monde revealed his own passwords in an interview

A TV5Monde staffer accidentally revealed a password used to access the social media account of the broadcaster in an interview.

Following the successful attack against the network of the TV French Channel TV5Monde, law enforcement and French Intelligence started to investigate the attach chain.

Investigators speculate that one of the possible way hackers obtained credentials for systems at TV French Channel TV5Monde is the view of an interview that accidentally revealed the precious information.

While a TV5Monde reporter was filming David Delos in front of a staffer’s desk, it was visible in the background a paper reporting a list of usernames and passwords.

“In an interview with French news program 13 Heures, TV5Monde reporter David Delos unwittingly revealed at least one password for the station’s social media presence. That’s because he was filmed in front of a staffer’s desk—which was smothered in sticky notes and taped index cards that were covered in account usernames and passwords.” reported ArsTechnica.

TV5Monde hacking password revealed

The passwords visible in the video interview are related to Twitter, Instagram and YouTube accounts. The  YouTube password was very easy to read, it was “lemotdepassedeyoutube” (Its translation is “the password of YouTube”).

In a different video it is visible a Post-it attached in front a monitor that reports the password “azerty12345” used on the main server hosting the website and other data of the TV5monde broadcaster.

TV5Monde hacking password revealed 2

TV5monde managers are talking about a prepared, powerful and coordinated attack, but honestly, this type of password doesn’t require any specific expertise to crack it, being easily crackable also by an amateur.

There is a moral lesson to take from this story, and the message is that even if you heavily invest in security measures to protect your assets, you continue vulnerable to human error, with social engineering.

Humans are the weakest link in the security chain.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini

(Security Affairs –  Tv5Monde, hacking)