A total of 36 breaches were found and analysed resulting in 10,069,922 leaked accounts containing a total of 33 different data types. The breaches found publicly and freely available included Stealer Log 0498, Amazon, diet.com, My Sex Shop and The Real World - Hustlers University. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

Europol and Eurojust have announced the success of a major operation dismantling a massive IPTV (Internet Protocol Television) service run by an organised online gang. The investigation spanned 10 countries, including the UK, and targeted over 100 individuals. Law enforcement seized 29 servers, took down 100 domains, and arrested at least 11 individuals. In addition, authorities confiscated €1.6 million, as well as weapons and drugs. Although the name of the IPTV service has not been disclosed, it was found to have been distributing online streaming services and over 2,500 television channels, including premium sports broadcasters. Cases like these often see strong support from Hollywood studios, news corporations, and telecom licensing agencies, which view unauthorised IPTV services as a serious threat to their revenue. Ironically, some observers argue that running a dark web marketplace might be less risky than infringing on these high-powered industries.

A significant data breach has exposed sensitive information from a U.S. law enforcement agency, raising serious concerns. While the agency's name is being withheld for security reasons, the leaked data has surfaced on the dark web and is available for free. The breach includes over 9,000 photos of officers, as well as their names, mobile numbers, and physical addresses. Alarmingly, the leak also contains information about undercover officers, including photographs. This exposure poses a grave threat to those infiltrating criminal organisations like cartels and gangs. With cartels increasingly leveraging the dark web for illicit activities, it is likely they are also monitoring police data online, further endangering exposed officers.

In Russia, a man linked to ransomware operations has been arrested in Kaliningrad. The individual is associated with high-profile ransomware groups such as Conti, LockBit, and BABUK, and previously had a $10 million FBI bounty on his head. Historically, Russian authorities have turned a blind eye to cybercriminals who target Western companies. However, recent trends suggest a shift, with multiple ransomware-related arrests occurring in Russia over the past year. This could signify a crackdown by Russia's intelligence agencies or a response to cases where cybercriminals inadvertently disrupted businesses tied to Russian interests. Notably, most Russian ransomware programs are designed to self-destruct if they detect a computer with a Russian keyboard, but this safeguard may no longer guarantee immunity from domestic prosecution.

VULNERABILITY CHAT

ESET researchers have uncovered a previously unknown vulnerability in Mozilla products, actively exploited in the wild by the Russia-aligned group RomCom. This flaw allows adversaries to execute arbitrary code on a victim’s computer without any user interaction if the victim visits a malicious web page. In reported cases, the exploit was used to install the RomCom backdoor on affected systems.

A critical security vulnerability has been identified in Windows Server 2012 and Server 2012 R2, allowing attackers to bypass essential security checks enforced by the Mark of the Web (MotW) feature. Discovered by 0patch security researchers, the flaw affects specific file types and could expose servers to malicious attacks. The researchers promptly reported the issue to Microsoft.

A series of security vulnerabilities have been found in MediaTek chipsets, affecting several Android versions and related software platforms. These vulnerabilities pose significant risks, including privilege escalation and denial-of-service (DoS) attacks, according to a recent security bulletin.

Trellix has patched a critical vulnerability in its Enterprise Security Manager (ESM) software that exposed the internal Snowservice API to unauthorised access. Trellix researchers noted that the flaw could have been exploited by malicious actors to access sensitive information or compromise the system’s integrity.

Hewlett Packard Enterprise (HPE) has disclosed multiple high-severity vulnerabilities in its Insight Remote Support (IRS) software. These flaws could allow attackers to execute remote code, perform directory traversal, and access sensitive data.

Attackers are exploiting public-facing instances of ProjectSend, an open-source file-sharing web application, according to VulnCheck. The application has been vulnerable to an improper authentication flaw since at least January 2024, when it was first reported to maintainers by cybersecurity firm Synactiv.

A critical vulnerability has been discovered in Kemp's LoadMaster Load Balancer, allowing full system compromise through a command injection attack. Security researchers at Insinuator identified that inadequate input sanitisation in the login functionality enables attackers to inject and execute arbitrary commands.

Zabbix, an open-source enterprise network and application monitoring provider, has issued a warning about a new critical vulnerability that could lead to full system compromise. With thousands of customers worldwide, including major enterprises, this flaw presents a significant global attack surface.

IBM has released fixes for numerous vulnerabilities in its products, including two high-severity remote code execution (RCE) bugs affecting its Data Visualisation Manager and Security SOAR offerings. These issues represent the most serious among the disclosed vulnerabilities.

1 Common Vulnerability and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including Array Networks (AG/vxAG ArrayOS). See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 494 vulnerabilities last week, making the 2024 total 36,623. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

From the FIA’s conference on data protection, a startling statistic emerged: 4 out of 5 vehicles retain personal data from previous owners after resale. This violation of GDPR regulations poses significant risks, including stalking, theft, and home invasions. Millions of users face personal data breaches as unauthorised parties can access sensitive information such as contacts, locations, search histories, passwords, and home addresses stored within vehicles.

India’s telecommunications regulator has introduced new rules aimed at protecting critical infrastructure networks from cyber threats. However, experts have flagged concerns over inadequate safeguards for users' privacy rights. The rules mandate the sharing of user data with state authorities, raising alarms among privacy advocates about potential misuse and erosion of fundamental rights.

Softonic released its list of the most downloaded security applications, showcasing the prominence of VPNs in the cybersecurity space. Leading the pack is Hamachi, with 748,102 downloads, marking a 7.9% increase from 2023.

Zoom has proposed an $18 million settlement to resolve a four-year-long investigation by the US Securities and Exchange Commission (SEC). The probe, which began in 2020, scrutinised Zoom’s privacy policies, encryption practices, and methods for calculating usage metrics.

In a significant legal challenge, WhatsApp has taken its case to Europe’s highest court to contest a €225 million fine imposed by Ireland’s privacy watchdog. The penalty, backed by the European Data Protection Board (EDPB), was related to GDPR violations. WhatsApp argues it should have the right to challenge the board's ruling directly.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan