A total of 25 breaches were found and analysed resulting in 3,151,505 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included mSpy, Stealer Log 0468, Kladzdor, Facebook [3] and Fit5. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

The FBI has arrested the two administrators responsible for running the infamous Dark Web Market, Empire Market. This market, which shut down over four years ago in an exit scam, saw the admins abscond with $30 million in stolen user funds. Empire Market, operational for just over two years, was popular in the community and offered products such as drugs, stolen goods like jewelry and gold, and credit card information. Before starting Empire Market, the admins had run a counterfeit money printing business as vendors on a previous dark web market.

It is surprising that, after stealing $30 million in bitcoin, the admins stayed in the U.S. instead of fleeing to a country without extradition agreements with the U.S. Their arrest likely stems from a link the FBI found connecting them to Empire Market. They now face life in prison due to the numerous laws they violated. At its peak, Empire Market processed 4 million transactions, amounting to $430 million in sales.

In other news, a small cybercrime forum has been breached. The admin, who previously ran Black Forums, criticised Shiny Hunters' management of Breach Forums on Telegram two weeks ago. Shortly after, the forum was hacked, although no one has claimed responsibility. The panicked admin has since shut down the forum and is planning to launch a new one focused more on community than profit.

Europol’s "End Game" operation, their largest ever against botnets, has resulted in the arrest of four individuals—one from Armenia and three from Ukraine. Law enforcement now controls 2,000 domains and 100 servers across Europe and the Americas. This operation has led to a noticeable dip in the number of stealer logs available in the market, although they are still plentiful. One of the main suspects is estimated to have earned over 69 million euros in cryptocurrency.

VULNERABILITY CHAT

A newly discovered security vulnerability allows attackers to impersonate Microsoft corporate email accounts, significantly increasing the risk of phishing attacks. Security researcher Vsevolod Kokorin, also known as Slonser, found this bug, which Microsoft has not yet patched. The implications are severe, as it allows threat actors to send phishing emails that appear to come from legitimate Microsoft corporate accounts, making them more convincing and potentially more harmful.

Atlassian has announced the release of software updates that resolve multiple high-severity vulnerabilities in Confluence, Crucible, and Jira. The Confluence Data Center and Server update addresses six security defects in various dependencies, the most severe being a broken access control issue in the Spring Framework, which could allow unauthenticated attackers to expose assets they should not have access to.

A combined team of security experts from Seoul National University and Samsung Research has found a vulnerability in memory tagging extensions (MTEs) employed by ARM processors to protect against memory leaks. The research team found they could extract MTE tags in 95% of their attempts, potentially leading to exploitation. They proposed multiple solutions to fix the problem, which they have sent to Arm, Ltd.

Cybersecurity firm Eclypsium reports the discovery of a serious bug in UEFI that could affect hundreds of Intel-powered PC models. Eclypsium says the flaw is present in the Phoenix SecureCore UEFI Trusted Platform Module (TPM). The TPM is supposed to verify the integrity of the system at boot, making it a valuable security measure. However, the "UEFIcanhazbufferoverflow" bug undermines this security feature.

0 Common Vulnerability and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week. See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 699 vulnerabilities last week, making the 2024 total 19,892. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

If you use Facebook, WhatsApp, or Instagram to send direct messages, you might have noticed Meta’s new AI assistant (Meta AI). It offers recommendations for things like restaurants, home renovations, help with public speaking, coding advice for beginners, and can even generate images. Meta claims the assistant is designed to “get things done, learn, create, and connect with the things that matter to you.”

Currently, its AI models primarily consist of information scraped from the web and licensed data. But, beginning June 26, user data from posts and AI chatbot interactions across all Meta platforms (Facebook, Instagram, Threads, Messenger, and WhatsApp) will be used, per an update to its privacy policy. Even if you’re not on these platforms, Meta can still scrape data from posts you’re tagged in or images posted by someone else.

Generative AI fraud will cost the economy $40 billion a year by 2027, according to Deloitte. A heist of $11 million from an OKX crypto exchange account using deepfakes to defeat face biometric checks shows the extent of the problem today.

An agreement between Five Eyes nations that originally limited data sharing to 3,000 annual fingerprint biometric searches each has ballooned to 400,000. New Zealand, Australia, the U.S., Canada, and the UK have shared little information publicly about how the program works, and oversight appears to be scant.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan