A total of 15 breaches were found and analysed resulting in 1,263,339 leaked accounts containing a total of 25 different data types. The breaches found publicly and freely available included Stealer Log 0253, Uteka, Stealer Log 0252, Ultra Trade and Bmobile. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

The number of credentials unearthed from Stealer Logs, analysed in just the first two months of the year, continues to skyrocket. The rise of infostealers or stealer logs as prominent threats in the cyber landscape presents significant challenges for individuals and organisations alike. These malicious tools are adept at extracting sensitive data from infected devices, including passwords, credit card numbers, and other valuable information. Their prevalence underscores the evolving tactics of cybercriminals, who are constantly refining their methods to bypass defences and exploit vulnerabilities.

The continued surge reflects the growing demand for stolen credentials in cybercriminal markets and their pivotal role in facilitating further attacks, including ransomware incidents. According to SpyCloud, infostealer infections preceded nearly a third of ransomware events in North America and Europe last year, highlighting their role as precursors to more damaging cyber threats.

VULNERABILITY CHAT

In response to emerging threats, the Cybersecurity and Infrastructure Security Agency (CISA) and its international partners have issued a joint advisory warning about the exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways by cyber threat actors. These actors have demonstrated the ability to deceive Ivanti's internal and external Integrity Checker Tool (ICT), compromising user and service account credentials stored within affected VPN appliances. Network defenders are urged to assume compromise, hunt for malicious activity using provided detection methods and indicators of compromise (IOCs), run the latest external ICT, and apply available patching guidance.

CISA's partners include the Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), United Kingdom National Cyber Security Centre (NCSC-UK), Canadian Centre for Cyber Security (Cyber Centre), a part of the Communications Security Establishment, New Zealand National Cyber Security Centre (NCSC-NZ), CERT-New Zealand (CERT NZ).

1 Common Vulnerabilities and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including Microsoft (Streaming Service). See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 1,002 vulnerabilities last week, making the 2024 total 5,647, so far. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

The Information Commissioner’s Office (ICO) has issued an enforcement notice and a warning to the Home Office for failing to sufficiently assess the privacy risks posed by the electronic monitoring of people arriving in the UK via unauthorised means. Throughout the ICO’s enquiries, the Home Office was unable to explain sufficiently why it was necessary or proportionate to collect, access and use people’s information via electronic monitoring for the pilot’s purpose, including failing to evidence that it had considered less intrusive methods.