Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Share this analysis
US Army Breach Exposure Monitoring

Hacker boasts it took “10–15 minutes” to steal data that included US armed forces.

13 May 2024
BREACHAWARE HQ

A total of 35 breaches were found and analysed resulting in 4,063,408 leaked accounts containing a total of 26 different data types. The breaches found publicly and freely available included ESN, Stealer Log 0456, SVR Labs, Kuchenland and Stealer Log 0455. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A breach impacting several American government agencies, including the US armed forces, has surfaced on various dark web platforms, courtesy of the notorious threat actor IntelBroker. This actor, renowned in the cybercrime underworld for his hacking prowess, claimed to have accessed sensitive data from the site in just "10–15 minutes." The breached company was established as a response to the evolving landscape of maritime domain awareness.

Meanwhile, LockbitSupp, the administrator associated with the infamous Lockbit 3.0 ransomware, seems to be facing dire circumstances. Following the takedown of the Lockbit 3.0 dark web site by federal authorities in February, the site was repurposed to showcase law enforcement successes in combating cybercrime, instead of the typical victim count pages seen on ransomware sites. Recently, the site was rebooted with a countdown titled "Who is Lockbit Supp?" This time, however, the National Crime Agency, purportedly managing the site, posted the dox of LockbitSupp, revealing his real identity as Dmitry Yuryevich Khoroshev, a 32-year-old Russian residing in Voronezh, Russia.

This revelation comes after Lockbit's administrative staff previously offered a substantial reward for anyone who could uncover LockbitSupp's real identity, pledging to pay $20 million for the information. It appears that they now owe the National Crime Agency $20 million, as OSINT enthusiasts and analysts have uncovered significant details about LockbitSupp since the publication of his dox on the US sanctions page and the seized Lockbit dark web site.

VULNERABILITY CHAT

Apple has confirmed the existence of a critical security vulnerability in the iTunes application for Windows 10 and Windows 11 users. This vulnerability could potentially allow malicious attackers to remotely execute arbitrary code. However, Apple typically refrains from disclosing or discussing security issues until they have conducted a thorough investigation and released a fix. Fortunately, a fix for this vulnerability is now available, although specific details about the nature of the vulnerability remain scarce.

Citrix has also issued a security bulletin regarding a critical vulnerability (CVE-2024-31497) affecting certain versions of their Citrix Hypervisor virtualisation platform. The vulnerability originates from the inclusion of a vulnerable version of the PuTTY SSH client in XenCenter, the management console for Citrix Hypervisor.

In addition, Samsung has released an urgent update addressing "critical security vulnerabilities" that users are encouraged to install promptly. The tech giant has provided details for its May security patch for flagship Galaxy smartphones and tablets, with some fixes labeled as "critical."

Furthermore, the US Cybersecurity and Infrastructure Agency (CISA) has introduced a new project called "Vulnrichment." This initiative aims to address the CVE enrichment gap resulting from the recent slowdown in the NIST National Vulnerability Database. Vulnrichment seeks to enhance vulnerability data enrichment processes, ensuring more comprehensive and timely information for cybersecurity professionals.

0 Common Vulnerabilities and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week. See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 268 vulnerabilities last week, making the 2024 total 14,227. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

At the FT's Future of the Car conference, BYD CEO Michael Shu reassured European customers that their connected car data will remain within the region, ensuring it receives the same protections under GDPR regulations. Shu emphasised the importance of managing customer data and complying with GDPR for the success of BYD's brand in Europe. This announcement follows the launch of the BYD Seal in Europe earlier this year.

In China, Tesla's handling of personal biometric data has received approval from the China Association of Automobile Manufacturers (CAAM), a government-backed industry consortium. The Model 3 and Model Y have been cleared in compliance tests with Beijing's data security rules, as reported by the South China Morning Post.

The upcoming 2024 Paris Olympic Games are expected to set a new record for video surveillance levels across 41 venues and their surroundings. The French government views this extensive surveillance as essential for preventing terrorist attacks, although the plans have sparked controversy. Privacy advocates have raised concerns about data usage and AI-driven analysis, fearing potential misuse. The outcome of these plans may set a precedent for future events, with Germany considering similar measures for Euro 2024.

Furthermore, California-based online mental health provider BetterHelp has begun distributing refunds as part of a $7.8 million settlement for alleged data privacy violations, as reported by The Associated Press. Nearly 800,000 individuals are expected to receive refunds following the Federal Trade Commission's investigation into BetterHelp's practices.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan

DATA CATEGORIES DISCOVERED

Contact Data, Technical Data, Socia-Demographic Data, Financial Data, Locational Data, Usage Data, Documentary Data, Social Relationships Data, Transactional Data, National Identifiers.

  • Key Statistics
  • Breaches Discovered
    0
  • ACCOUNTS DISCOVERED
    0
  • DATA TYPES DISCOVERED
    0