Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Share this analysis
Military Breach Exposure Monitoring

Unsuspecting government, police, and military recipients will be receiving a fresh wave of links to believable phishing sites.

06 November 2023
BREACHAWARE HQ

A total of 17 breaches were found and analysed resulting in 3,775,020 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included Stealer Log 0375, Stealer Log 0372, Stealer Log 0374, Stealer Log 0373 and 585Gold. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A threat actor is selling, via a dark-web forum, sensitive government, police and military email addresses that will more than likely be used to attempt to phish. While this is common, it does show the need for being alert while checking your mail. All a script kiddie needs to do is buy a phishing kit, purchase a set of these sensitive email addresses, and use a web building tool to create a phishing site using the technical know how in the kit. Then send links to unsuspecting government, police, and military to believable phishing sites - it's really that straight forward!

An independent cryptocurrency investigator, ZachXBT, who’s an enthusiast for everything blockchain and is also deep in the fight against malicious individuals in the crypto community, has been receiving some strange videos sent to him anonymously. Zach’s fight for good in the crypto space appears to have made him some enemies. So far, he’s received three videos, all taken in what looks to be a very snazzy nightclub full of playboy bunnies, flashing lights, and champagne bottles. On the walls displayed by big screens, it says f**k ZachXBT. As well as big yellow signs held by more bunnies saying "ZachXBT is watching”. The individual recording the video takes a second to show off his expensive wrist watch.

Now, in an usual move, a ransomware gang has raised eyebrows across the cyber community. The gang, which hasn’t been operating long, has put up their entire operation for sale. The reason given was “personal issues”. As well as comments aimed at journalists “don’t even ask”. The group has compromised over 40 companies and there are many opinions on why they would be selling the operation.

The price has not been advertised; however, the full contents of what one would get if you purchased an entire ransomware operation. A ransomware builder that can bypass an infection virus while automatically infecting all LAN devices inside a network. Unique source code and credentials for all social media accounts (Telegram, etc.) Virtual private network access to 11 companies and 37 breached databases that are not currently in the wild. Lastly, a paid-up-front hosting provider. The announcement was made just several days ago that there is a 20% discount for “someone that can be verified or is already verified as a trusted person”.

VULNERABILITY CHAT

Cisco have addressed a bunch of vulnerabilities including 22 advisories as part of its semi annual bundled publication. According to Security Week, Cisco says its not aware of 'in the wild' attacks targeting any of the vulnerabilities addressed with the latest Adaptive Security Appliance (ASA), Firepower Management Software (FMS) and Firepower Threat Defence (FTD) software updates.

3 Common Vulnerabilities and Exposures (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including BIG-IP configuration Utility (F5) and ActiveMQ (Apache).

See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

INFORMATION PRIVACY HEADLINES

France and Germany are drifting apart on digital sovereignity of data stored in the cloud. Euractive was told by French centrist MP Philippe Latombe "what worries me the most is that the German Federal Office for Information Security (BSI) has endorsed AWS's European sovereign cloud" and fears "the Germans start exerting pressure" against France's highest cloud security certification, SecNumCloud.

AWS announced plans to launch the AWS European Sovereign Cloud, a new, independent cloud for Europe, designed to help public sector organisations and customers in highly regulated industries meet their evolving sovereignty needs.

And finally, in the ongoing proposed Meta subscription service to 'opt out' of consent saga, the European Data Protection Board has issued an urgent binding decision to ban Meta's Facebook and Instagram's data processing for behavioural advertising.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan

DATA CATEGORIES DISCOVERED

Technical Data, Contact Data, Usage Data, Documentary Data, Socia-Demographic Data, Social Relationships Data, National Identifiers, Financial Data, Locational Data.

  • Key Statistics
  • Breaches Discovered
    0
  • ACCOUNTS DISCOVERED
    0
  • DATA TYPES DISCOVERED
    0