对韩国九龙集团的网络攻击和Instagram窃听器暴露了数百万人钓鱼,凸显了亚太身份安全薄弱。 A cyberattack on South Korea's Kyowon Group and an Instagram bug exposed millions to phishing, underscoring weak identity security in Asia-Pacific.

对韩国九文集团的网络攻击破坏了其教育、招待和生活方式活动,暴露了相互联系系统中的脆弱性。 A cyberattack on South Korea’s Kyowon Group disrupted its education, hospitality, and lifestyle operations, exposing vulnerabilities in interconnected systems. 专家说,攻击者利用了薄弱的准入控制、重新使用证书和不良的特权账户监测。 Experts say attackers exploited weak access controls, reused credentials, and poor privileged account monitoring. 另外,Instagram在网上钓鱼运动中使用了来自1700多万个账户的数据,威胁行为体利用这些数据对电子邮件进行重设。 Separately, Instagram fixed a bug enabling mass password reset emails, with threat actors using data from over 17 million accounts in phishing campaigns. Meta证实没有主动违反规定,但专家警告说,再利用数据加上AI驱动的战术会带来长期欺骗风险。 Meta confirmed no active breach, but experts warn reused data combined with AI-driven tactics poses long-term deception risks. 这两起事件都突出表明,迫切需要在整个亚太区域加强身份安全。 Both incidents highlight the urgent need for stronger identity security across the Asia-Pacific region.