<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/8/2024

SHARE

Top News

'RockYou2024': Nearly 10 billion passwords leaked online

On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value because it contains real-world passwords. This means if an attacker tried this list of passwords in a brute force attack they'd be more likely to get in. READ MORE...

Breaches

HubSpot reports nearly 50 customer accounts compromised

HubSpot is responding to a series of intrusions impacting dozens of customers' accounts, the company said Friday in a disclosure on its investor relations site. The customer relationship management firm said it identified a security incident involving unauthorized access to HubSpot customers' accounts on June 22. "While our investigation is still underway, we believe [...] that the bad actors were able to gain unauthorized access to less than 50 HubSpot accounts," the company said. READ MORE...


Some Data Is 'Breached' During a Hacking Attack on the Alabama Education Department

Alabama's education superintendent said Wednesday that some data was "breached" during a hacking attempt at the Alabama State Department of Education. Superintendent Eric Mackey said the June 17 attack was stopped while it was in progress. He said they are working to determine exactly what information might have been compromised. Mackey said "there is a possibility" that some student and employee data might have been compromised in the attack and urged people to monitor their credit. READ MORE...

Hacking

Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour

The cybercriminals who claimed responsibility for the Ticketmaster data breach say they've stolen 440,000 tickets for Taylor Swift's Eras Tour. As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k barcodes for free for Taylor Swift's ERAS Tour. Sp1d3rHunters is offering many thousands of tickets for upcoming Taylor Swift concerts in three cities in the US. READ MORE...


Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks

With the Euro 2024 football tournament - soccer, to our US readers - reaching the final eight teams in the quarterfinals, cybercriminal activity has ramped up around the tournament and is posing risks for fans and their employers. In a report published last month, threat intelligence firm Cyberint found that more than 15,000 credentials belonging to Union of European Football Associations (UEFA) customers have already been exposed on underground forums. READ MORE...

Malware

Europol takes down 593 Cobalt Strike servers used by cybercriminals

Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. During a single week in late June, law enforcement identified known IP addresses associated with criminal activity and domain names that were part of attack infrastructure used by criminal groups. READ MORE...


Hackers attack HFS servers to drop malware and Monero miners

Hackers are targeting older versions of the HTTP File Server (HFS) from Rejetto to drop malware and cryptocurrency mining software. Threat researchers at security company AhnLab believe that the threat actors are exploiting CVE-2024-23692, a critical-severity security issue that allows executing arbitrary commands without the need to authenticate. READ MORE...

Information Security

Selfie-based authentication raises eyebrows among infosec experts

The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks - and even governments - have begun requiring live images over Zoom or similar in order to participate in the modern economy. The question must be asked, though: is it cyber smart? Just last Monday the Southeast Asian nation of Vietnam began requiring face scans on phone banking apps as proof of identity. READ MORE...

Exploits/Vulnerabilities

384,000 sites pull code from sketchy code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren't natively supported. By linking to cdn.polyfill[.]io, websites could ensure that devices using legacy browsers could render content in newer formats. READ MORE...


ChatGPT's much-heralded Mac app was storing conversations as plain text

OpenAI announced its Mac desktop app for ChatGPT with a lot of fanfare a few weeks ago, but it turns out it had a rather serious security issue: user chats were stored in plain text, where any bad actor could find them if they gained access to your machine. As Threads user Pedro José Pereira Vieito noted earlier this week, "the OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in plain-text in a non-protected location." READ MORE...


Latest Ghostscript vulnerability haunts experts as the next big breach enabler

Infosec circles are awash with chatter about a vulnerability in Ghostscript some experts believe could be the cause of several major breaches in the coming months. Ghostscript is a Postscript and Adobe PDF interpreter that lets users of *nix, Windows, MacOS, and various embedded OSes and platforms view, print, and convert PDFs and image files. It is a default installation in many distros, as well as being used indirectly by other packages to support printing or conversion operations. READ MORE...

On This Date

  • ...in 1853, Commodore Matthew Perry's diplomatic expedition sails into Japan's Edo Bay, now known as Tokyo Bay.
  • ...in 1950, President Truman appoints Gen. Douglas MacArthur as head of the United Nations Command in the Korean War.
  • ...in 1970, Grammy-winning singer-songwriter Beck Hansen AKA Beck ("Odelay", "Sea Change") is born in Los Angeles.
  • ...in 2011, the Space Shuttle Atlantis is launched on the final mission of the NASA Space Shuttle program.