On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value because it contains real-world passwords. This means if an attacker tried this list of passwords in a brute force attack they'd be more likely to get in. READ MORE...
HubSpot is responding to a series of intrusions impacting dozens of customers' accounts, the company said Friday in a disclosure on its investor relations site. The customer relationship management firm said it identified a security incident involving unauthorized access to HubSpot customers' accounts on June 22. "While our investigation is still underway, we believe [...] that the bad actors were able to gain unauthorized access to less than 50 HubSpot accounts," the company said. READ MORE...
Alabama's education superintendent said Wednesday that some data was "breached" during a hacking attempt at the Alabama State Department of Education. Superintendent Eric Mackey said the June 17 attack was stopped while it was in progress. He said they are working to determine exactly what information might have been compromised. Mackey said "there is a possibility" that some student and employee data might have been compromised in the attack and urged people to monitor their credit. READ MORE...
The cybercriminals who claimed responsibility for the Ticketmaster data breach say they've stolen 440,000 tickets for Taylor Swift's Eras Tour. As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k barcodes for free for Taylor Swift's ERAS Tour. Sp1d3rHunters is offering many thousands of tickets for upcoming Taylor Swift concerts in three cities in the US. READ MORE...
With the Euro 2024 football tournament - soccer, to our US readers - reaching the final eight teams in the quarterfinals, cybercriminal activity has ramped up around the tournament and is posing risks for fans and their employers. In a report published last month, threat intelligence firm Cyberint found that more than 15,000 credentials belonging to Union of European Football Associations (UEFA) customers have already been exposed on underground forums. READ MORE...
Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. During a single week in late June, law enforcement identified known IP addresses associated with criminal activity and domain names that were part of attack infrastructure used by criminal groups. READ MORE...
Hackers are targeting older versions of the HTTP File Server (HFS) from Rejetto to drop malware and cryptocurrency mining software. Threat researchers at security company AhnLab believe that the threat actors are exploiting CVE-2024-23692, a critical-severity security issue that allows executing arbitrary commands without the need to authenticate. READ MORE...
The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks - and even governments - have begun requiring live images over Zoom or similar in order to participate in the modern economy. The question must be asked, though: is it cyber smart? Just last Monday the Southeast Asian nation of Vietnam began requiring face scans on phone banking apps as proof of identity. READ MORE...
More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren't natively supported. By linking to cdn.polyfill[.]io, websites could ensure that devices using legacy browsers could render content in newer formats. READ MORE...
OpenAI announced its Mac desktop app for ChatGPT with a lot of fanfare a few weeks ago, but it turns out it had a rather serious security issue: user chats were stored in plain text, where any bad actor could find them if they gained access to your machine. As Threads user Pedro José Pereira Vieito noted earlier this week, "the OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in plain-text in a non-protected location." READ MORE...
Infosec circles are awash with chatter about a vulnerability in Ghostscript some experts believe could be the cause of several major breaches in the coming months. Ghostscript is a Postscript and Adobe PDF interpreter that lets users of *nix, Windows, MacOS, and various embedded OSes and platforms view, print, and convert PDFs and image files. It is a default installation in many distros, as well as being used indirectly by other packages to support printing or conversion operations. READ MORE...