A total of 28 breaches were found and analysed resulting in 17,207,079 leaked accounts containing a total of 24 different data types. The breaches found publicly and freely available included Mathway [2], Huntstand, Dennis Kirk, Farmapatria and SIAPE. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A significant legal victory was achieved against one of the largest darknet marketplaces as Hydra-Market's admin, Stanislav Moiseyev, and 15 of his staff were sentenced in Russia. Hydra-Market, founded in 2015, became the most robust and well-organised darknet marketplace in Russia and Belarus. Its encryption technology was so advanced that it took law enforcement seven years to shut it down. The operation involved multiple three-letter agencies and the German police, which seized $25 million worth of bitcoin from a server located in Germany.

At its peak, Hydra-Market boasted 17 million customers and 19,000 vendors, primarily selling drugs. The marketplace also expanded into hacking tools, money laundering, and other illicit services. One standout feature was its dead-drop service, where vendors avoided mailing drugs by hiding parcels in public locations near customers.

A former Hydra-Market customer revealed how vendors' runners would conceal packages under benches or other spots in a well-organised system. The dead-drop method wasn't limited to drugs; vendors offered money laundering services, bitcoin mixers, and even physical cash. For example, customers could convert crypto to cash, which vendors would bury and then share the coordinates with buyers.

The raids on Hydra-Market uncovered 1 tonne of drugs, seized cars, and properties. Towards the end of its operation, Hydra had cornered the market not only by facilitating transactions but by manufacturing illegal drugs itself. Sentences for the Hydra-Market staff range from 8 to 23 years.

In the crypto world, a high-profile scandal unfolded involving Hailey Welch, better known as Hawk Tuah Girl, the US’s third-biggest podcaster. Welch has been implicated in a $500 million rug pull that devastated thousands of fans who invested in her meme coin. With a 17% transaction cost, the scheme generated millions within 24 hours but used dubious insider trading and manipulation techniques that sparked outrage in the crypto community.

The respected investigator Coffeezilla uncovered transactions linked to insider wallets and bots—referred to as snipers—that artificially inflated the coin's value. When the market cap hit nearly $500 million, large investors offloaded their holdings, causing the coin to crash. Legal experts predict someone may face prison time for what could be one of the most professionally executed—or absurd—crypto scams in recent history.

In a separate incident, Vilebin, a pastebin site infamous for doxing individuals, has itself been breached. The site was previously run by an Italian neo-Nazi active on Breach Forums before his arrest. The breach exposed nearly 2,000 unique email addresses alongside other user data. Considering the nature of Vilebin, the hope is that users didn’t use identifiable work email addresses.

VULNERABILITY CHAT

Experts have warned that the North Korean state-linked hacking group ScarCruft recently conducted a large-scale cyber-espionage campaign. The group exploited an Internet Explorer zero-day flaw to deploy RokRAT malware. Their latest operation, dubbed Code on Toast, was detailed in a joint report by South Korea's National Cyber Security Center (NCSC) and AhnLab (ASEC). Notably, the campaign used a unique technique involving toast pop-up ads to deliver zero-click malware infections.

Cisco has alerted customers to an actively exploited security vulnerability affecting its Adaptive Security Appliance (ASA). This decade-old flaw stems from insufficient input validation on ASA's WebVPN login page. It allows unauthenticated remote attackers to perform cross-site scripting (XSS) attacks.

Nozomi Networks Labs has identified multiple security vulnerabilities in the Wago PLC, a programmable logic controller widely used in industrial automation. When combined, these vulnerabilities enable a low-privileged user with access to the PLC’s web interface to escalate privileges and take full control of the device.

A zero-day vulnerability in Mitel MiCollab, reported three months ago, remains unpatched. This flaw allows attackers to access unauthorised files. Researchers at watchTowr stumbled upon it while investigating a different vulnerability, discovering that it permits access to sensitive system account information.

Security researchers have disclosed a newly discovered critical vulnerability affecting all versions of Windows Workstation and Server. This flaw enables attackers to steal a user’s NTLM credentials simply by tricking them into viewing a malicious file in Windows Explorer.

A recently revealed vulnerability in HCL Software’s DevOps Deploy and Launch platforms allows attackers to inject arbitrary HTML tags into the web user interface (UI). This flaw arises from insufficient input sanitisation, potentially leading to the disclosure of sensitive information.

A critical vulnerability has also been identified in SailPoint's IdentityIQ identity and access management (IAM) software. This flaw permits unauthorised access to files stored within the application directory due to improper handling of virtual resource file names. Attackers could exploit this vulnerability to access otherwise restricted files.

4 Common Vulnerability and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including CyberPersons (CyberPanel). See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 736 vulnerabilities last week, making the 2024 total 37,359. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

The Hong Kong Office of the Privacy Commissioner for Personal Data has revealed a significant data breach involving the Electrical and Mechanical Services Department (EMSD). The breach has impacted over 17,000 individuals who underwent compulsory testing during the pandemic.

Plans to digitise and publish the largest Dutch archive of World War II documents have been temporarily halted due to privacy concerns for individuals still alive. The files, covering 425,000 people who either collaborated with the Nazis or were suspected of doing so, were scheduled to go online on January 2, marking 80 years since the end of World War II in the Netherlands.

The Philippines' Insurance Commission (IC) and National Privacy Commission (NPC) have signed an agreement to advance the use of Privacy-Enhancing Technologies (PETs) in various sectors. These include pre-need companies and health maintenance organisations, aiming to bolster privacy protections across industries.

Vietnam's Law on Personal Data Protection (PDP Law) will take effect in the second half of 2025. This legislation aims to establish comprehensive frameworks to ensure the secure management, processing, and utilisation of personal data.

The Saudi Data & AI Authority (SDAIA) has introduced new regulations for appointing Personal Data Protection Officers (DPOs). Organisations now have the flexibility to hire DPOs as either employees or external contractors, allowing them to select the arrangement that best suits their needs.

Ireland's Data Protection Commission (DPC) has issued its final ruling following an investigation into a personal data breach at Maynooth University. The breach compromised up to six employee email accounts, granting unauthorised access to sensitive information. The DPC reprimanded the university, imposed administrative fines of €40,000, and instructed it to comply with GDPR security standards.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan