Kaspersky is being booted out of the USA.
22 July 2024A total of 9 breaches
were found and analysed resulting in 2,948,750 leaked accounts
containing a total of 14 different data types
. The breaches found publicly and freely available included Avito, Lulu Hypermarket, The Cellula, Boutique Curly and NATO Wiki. Sign in to view the full
BreachAware
Breach Index which includes, where available, reference articles relating to
each breach.
SPOTLIGHT
It's been an interesting week in cyberspace, with significant events impacting major IT companies. Kaspersky sent a letter to all its customers, thanking them for their support over the years. The cybersecurity firm, known for its extensive work in combating cyber threats since 1997, has been effectively banned from the USA. Despite Kaspersky's high ratings from independent testing organisations and over 6,000 industry awards, the founder, Eugene Kaspersky, has come under scrutiny due to his past at the KGB espionage academy, leading to the US government's decision to expel the company. This is noteworthy given the prevalence of Chinese software and hardware in Western products, from mobile phones to CCTV, and their significant acquisitions in the microchip industry.
AT&T recently filed an 8K report with the SEC, admitting a compromise by the malware campaign pushed by the threat actor group Shiny Hunters. This breach originated from a data leak involving Snowflake, a cloud-based data platform used for data sharing and analytics. The breach affected over 150 companies and initially became apparent when data from Ticketmaster was posted for sale on a notorious cybercrime forum. Despite the new SEC rules requiring prompt disclosure of such breaches, the FBI and DOJ granted two extensions due to potential risks to national security and public safety.
CrowdStrike also faced significant issues, as a poorly deployed patch disrupted banks, emergency service hotlines, and airlines. The incident, which occurred on a Friday, led to widespread disruption and embarrassment for CrowdStrike. The well-known malware analysis group humorously remarked, “CrowdStrike has performed the largest ransomware attack in history. Accidentally.”
VULNERABILITY CHAT
Cisco disclosed a critical vulnerability in its Smart Software Manager On-Prem devices on Wednesday. This flaw allows remote threat actors to change the passwords of any user, including administrators, without authentication. According to Cisco, the vulnerability stems from an improper implementation of the password-change process. Attackers can exploit this flaw by sending crafted HTTP requests to affected devices, potentially gaining access to the web UI or API with the privileges of the compromised user. Unfortunately, there are no available workarounds to mitigate this threat.
Cybersecurity researchers have identified significant security vulnerabilities in SAP's AI Core cloud-based platform, which is used for creating and deploying predictive AI workflows. These five vulnerabilities, collectively named SAPwned by the cloud security firm Wiz, could be exploited to obtain access tokens and customer data.
Threat actors are actively exploiting a critical security flaw in Apache HugeGraph-Server, potentially leading to remote code execution attacks. Users are advised to upgrade to version 1.3.0 with Java11 and enable the Auth system, which addresses the issue. Additionally, enabling the "Whitelist-IP/port" function can enhance the security of RESTful-API execution.
Atlassian has released security updates for several of its products, including Confluence, Jira, Bitbucket, and Bamboo. These updates address high-severity vulnerabilities that could allow malicious actors to execute arbitrary code on targeted systems. The flaws were discovered through third-party library scans, Atlassian's Bug Bounty program, and penetration testing.
SolarWinds has patched over a dozen vulnerabilities in its Access Rights Manager (ARM) software. Some of these vulnerabilities are classified as critical and could be exploited to steal sensitive information or run malicious code on vulnerable endpoints. Users are strongly advised to apply these fixes immediately to secure their devices.
4 Common Vulnerability and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including VMware (vCenter Server). See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 682 vulnerabilities last week, making the 2024 total 22,573. For more information visit https://nvd.nist.gov/vuln/search/
INFORMATION PRIVACY HEADLINES
The free-to-play open-world survival shooter, **Once Human**, has faced backlash in its first week due to data collection practices. Publisher NetEase's privacy policy has drawn criticism for a clause stating that personal information collected may include "government-issued ID, such as passport information, as required by applicable laws for age verification and correction of personal information."
Meta has suspended its generative AI tools in Brazil following objections from the country’s National Data Protection Authority (ANPD). Earlier in July, the ANPD halted Meta’s new privacy policy, demanding the exclusion of sections related to the processing of personal data for AI training. Meta has paused the AI tools while negotiating with ANPD to resolve the issue.
Privacy campaigners are challenging the UK Labour Government’s proposed **Digital Information & Smart Data Bill**, arguing that certain provisions could undermine consumer data rights and compromise the neutrality of the UK Information Commissioner’s Office. The bill faces significant opposition from privacy advocates.
In the wake of the Supreme Court's decision to overturn Roe v. Wade, reproductive rights and data privacy advocates have launched the Vagina Privacy Network (VPN). This campaign provides a guide on protecting digital privacy for individuals concerned about their data being used against them after having an abortion, especially in the 14 states where the procedure is banned.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
DATA CATEGORIES DISCOVERED
Contact Data, Socia-Demographic Data, Technical Data, Social Relationships Data, Financial Data.