A total of 24 breaches were found and analysed resulting in 4,340,106 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Kringle Cash, Stealer Log 0462, Games Nord, Money Man and NOSIS. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A leading provider of large offshore vessels has experienced a data leak where the entire list of corporate employees' personal email addresses was posted on a hacking forum. The leaked information includes job titles and full names, which, although limited in scope, can be quite valuable for threat actors compiling data for future targeted attacks.

Slack, the popular cloud-based team communication platform, has come under scrutiny for using user information to train their new AI model. Initially, users had to email Slack directly to opt out of this data usage. However, following backlash from users on the internet, Slack has introduced an opt-out button in the account settings for easier exclusion.

In a dramatic turn of events on the dark web, the admin of the now-defunct marketplace Incognito, who exit scammed and extorted vendors and users, has been apprehended. Rui Siang Lin, a 23-year-old Taiwanese blockchain engineer and Monero enthusiast, was arrested by law enforcement during a stopover in New York while traveling from St. Lucia to Singapore. Lin made numerous operational security (OpSec) mistakes that led to his capture. These included:

* Posting details of a personally run Monero node on a darknet forum.
* Paying $20,000 for a domain using a Bitcoin wallet linked to the dark market, with the domain registered under his real name on Namecheap.
* Swapping Bitcoin to Monero from a wallet connected to Incognito Market and selling it on a Taiwanese crypto exchange where he had used his real driving license for KYC (Know Your Customer) compliance.
* Publicly discussing the confiscation of his crypto by a swapping service due to its connection to the dark market, including the exact amount and time of confiscation.

Lin is now facing prosecution in the United States, where, upon conviction, he is expected to serve a minimum life sentence.

VULNERABILITY CHAT

Veeam has released an updated version of its Backup & Replication solution, addressing four bugs, including a critical flaw and two high-severity security vulnerabilities that could lead to VBEM account compromise. VBEM is an optional, supplementary application not installed by default, allowing customers to remotely manage multiple Veeam Backup & Replication instances via a web console.

GitHub has patched a critical vulnerability in GitHub Enterprise Server (GHES) that allowed threat actors to bypass authentication protocols and access GHES instances without needing authentication. This flaw affects all versions of GHES prior to 3.13.0.

In March, WhatsApp's security team issued an internal warning about a significant vulnerability related to government surveillance, as revealed by a threat assessment obtained by The Intercept. Although WhatsApp’s encryption keeps conversation contents secure, government agencies have been exploiting "traffic analysis" to monitor which users communicate, the membership of private groups, and potentially their locations. This technique relies on monitoring internet traffic at a national scale.

Ivanti has announced patches for several products, including critical vulnerability fixes in Endpoint Manager (EPM). Among the resolved issues are six critical-severity SQL Injection bugs that could allow an unauthenticated attacker on the network to execute arbitrary code. These patches are crucial for maintaining the security of the affected systems.

3 Common Vulnerabilities and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including NextGen Healthcare (Mirth Connect). See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 964 vulnerabilities last week, making the 2024 total 16,872. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

Hong Kong’s privacy regulator, the Office of the Privacy Commissioner for Personal Data (PCPD), has ordered the Worldcoin Foundation to cease all operations in the region, citing violations of local privacy regulations. The PCPD's statement revealed that Worldcoin had collected facial and iris biometric data from at least 8,302 individuals during its operations in Hong Kong.

Elon Musk, CEO of Tesla and SpaceX, has accused Meta-owned WhatsApp of exporting users’ data every night. This claim followed a post on X by user Mario Nawfal, who alleged that WhatsApp transfers user data daily for analysis and targeted advertising, effectively treating users as products. Musk responded by affirming the claim and expressing disbelief that some still consider WhatsApp secure.

The Police Service of Northern Ireland (PSNI) is facing a potential £750,000 fine following a spreadsheet error that exposed personal information of its entire workforce. The incident involved the publication of a spreadsheet in response to a freedom of information request, which included a hidden tab containing the surname, initials, rank, and role of all 9,483 serving PSNI officers and staff.

In south-east London, Lewisham Council inadvertently published personal details of residents who commented on a planning application on its website for almost a year. The names, addresses, and contact details of 156 people were online for 11 months before being removed. The council stated that the breach did not meet the threshold for notifying the Information Commissioner’s Office (ICO), the UK public body responsible for data privacy.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan