Cybersecurity Weekly: Largest ever password dump, DoJ recovers ransom, Chrome bugs
The largest password collection ever was leaked online with 8.4 billion entries. The U.S. DoJ recovers more than half of the ransom paid by Colonial Pipeline. A Chrome browser bug is under active attack. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Largest password collection ever leaked online with 8.4 billion entries
What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100 GB text file that contains 8.4 billion entries of passwords. According to the post author, all passwords included in the leak are 6-20 characters long, with non-ASCII characters and white spaces removed.
2. U.S. DoJ recovers more than half ransom paid by Colonial Pipeline
Last week, the DoJ recovered $2.3 million worth of the $4.4 million in bitcoin paid by Colonial Pipeline. In this case, the DOJ's actions were encouraging, said Keatron Evans, principal security researcher at Infosec. "But it should be pointed out that this result is not typical and probably won't be.”
3. Chrome browser bug under active attack
A bug in the Chrome web browser is actively under attack, and Google is urging users to upgrade to the latest version to mitigate the issue. That exploit is identified as a type confusion bug within Google’s V8 open-source JavaScript and WebAssembly engine.
4. U.S. authorities shut down largest marketplace for stolen logins
Last week, the U.S. Department of Justice disrupted and took down the infrastructure of an underground marketplace known as Slilpp. Slipp specialized in trading stolen login credentials as part of an international law enforcement operation. The DoJ said the stolen login credentials sold over Slilpp have been used to siphon more than $200 million in the U.S.
5. McDonald's suffers cyberattack in US, South Korea and Taiwan
The fast food chain hired external investigators to analyze unauthorized activity on an internal security system after suffering a breach earlier this year. Keatron Evans, principal security researcher at Infosec, explained that McDonald's cited recent investments into cybersecurity as one of the reasons the company responded and reported the incident so quickly.
6. Linux system service bug lets you get root on most modern distros
Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. Even though many Linux distributions haven't shipped with the vulnerable polkit version until recently, any Linux system shipping with polkit 0.113 or later installed is exposed to attacks.
7. CD Projekt data stolen in ransomware attack now circulating online
In February, CD Projekt suffered a ransomware attack that allowed threat actors to steal source code and business data before encrypting devices. In a new statement published last week, CD Projekt announced that this stolen data is now being circulated and may include employee and contractor details.
8. Mozilla says Google's new ad tech doesn't protect user privacy
Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. Because of this, security researchers at Mozilla are skeptical about the privacy of this new system.
9. Hackers can exploit Samsung pre-installed apps to spy on users
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could allow adversaries access to personal data without users' consent and to take control of the devices. Samsung device owners are recommended to apply the latest firmware updates from the company to avoid any potential security risks.
10. Nameless malware attacks 1.2 TB database in the cloud
Last week, researchers said a so-called nameless, undetected malware stole a database in the cloud that contained some 1.2 terabytes of files, cookies and credentials that came from 3.2 million Windows-based computers. The hacker group disclosed the database location accidently and the cloud provider hosting the data was able to eventually take it down.
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
In this Series
- Cybersecurity Weekly: Largest ever password dump, DoJ recovers ransom, Chrome bugs
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
