A total of 24 breaches were found and analysed resulting in 15,864,178 leaked accounts containing a total of 25 different data types. The breaches found publicly and freely available included Fotolog, Stealer Log 0398, Stealer Log 0396, Home Center and Stealer Log 0394. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A captivating update unfolds as a photo blog and entertainment site, previously breached in 2018, witnesses the resurrection of its database. However, a new twist reveals that a determined threat actor has meticulously de-hashed all the previously hashed passwords. This development, seemingly a gift to the hacking community, hints at a strategic move by the threat actor who we presume has exploited high-value targets. In a meticulous and resource-intensive effort, the individual successfully de-hashed a staggering 12 million SHA256 unsalted passwords.

In our recent weekly insight, we revisited the activities of a notable hacking group driven by a sense of 'Justice.' This group has reemerged with a flurry of fresh breaches, exclusively targeting businesses with ties to or operations in Israel. The past week witnessed a relentless onslaught, with at least one data breach reported daily. Amidst this data storm, one breach stands out — an industrial supply distribution leader, operating discreetly yet playing a crucial role in the supply chain, extending into advanced military weapons and security.

The significance of this target becomes apparent given its involvement in critical sectors. As of now, the affected company has not communicated the breach to its clientele; a message on their website attributes the unavailability to "unforeseen technical difficulties," redirecting inquiries to phone communication. The hacking group, citing the company's alleged involvement in weapons manufacturing, forewarns of more revelations to come. The potential repercussions on the supply chain are ominous, with the gang promising further disclosures in the upcoming second part of their campaign.

VULNERABILITY CHAT

In the realm of vulnerability discussions, Forescout Technologies has unveiled a report spotlighting 21 high-risk vulnerabilities in Sierra Wireless Airline routers and associated open-source software elements, posing a threat to over 86,000 devices. An estimated 245,000 networks worldwide, including those in police vehicles, manufacturing surveillance, healthcare facilities, and electric vehicle charging points, rely on Sierra Wireless applications.

8 Common Vulnerabilities and Exposures (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including Multiple Products (Apple), multiple Chipsets (Qualcomm) and Sense (Qlik)

See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

INFORMATION PRIVACY HEADLINES

The Information Media Association (AMI) has initiated legal action on behalf of 83 Spanish outlets against Meta. The lawsuit demands a staggering 550 million Euros, citing Meta's "systematic and massive" disregard for EU privacy regulations, placing the outlets at substantial risk of collapse. This legal battle underscores the growing importance of privacy and regulatory compliance in the digital landscape.