1Hacker

1 month ago

More Than 22 Billion Records Revealed in Data Leaks in 2020

A new record has been set with regards to the data breach, ‘more than 22 billion records were revealed globally amid 730 publicly leaked data violations in 2020’, as stated in a report published on Friday. A major chunk of data breaches was linked to ransomware attacks which are nearly thirty-five percent.

Cyber exposure company Tenable’s Security Response Team (SRT) analyzed that 14 percent of data leaks were the outcome of email compromises in the period of January 2020 to October 2020. The main tactics used by threat actors was the dependency on unpatched susceptibilities in their strikes, meanwhile, encompassing multiple other vulnerabilities.

While giving insights, Satnam Narang, a Staff Research Engineer at Tenable stated “every day, cybersecurity professionals in India and the rest of the world are faced with new challenges and vulnerabilities that can put their organizations at risk. The 18,358 vulnerabilities disclosed in 2020 alone reflects a new normal and a clear sign that the job of a cyber defender is only getting more difficult as they navigate the ever-expanding attack surface”.

The growth rate of common vulnerabilities and exposures (CVEs) increased at an average of 36.6 percent from 2015 to 2020. In 2020 it shot up to 183 percent as compared to 2015; 18,358 CVES were reported in 2020 as compared to 6,487 in 2015.

“Pre-existing vulnerabilities in virtual private network (VPN) solutions – many of which were initially disclosed in 2019 or earlier – continue to remain a favorite target for cybercriminals,” Narang told.

Search engines such as Mozilla Firefox, Google Chrome, Microsoft Edge, and Internet Explorer resulted in 35 percent of all zero-day susceptibilities abused in wild by the threat actors.

“In 2021, we must have the tools, awareness, and intelligence to effectively reduce and eliminate blind spots” Narang concluded. …

1Hacker

2 months ago

Security Expert listed the largest data leaks of Russian residents in 2020

Founder of DLBI data leak intelligence service Ashot Hovhannisyan spoke about the most large-scale database leaks in the Russian Federation in the past year.

According to him, one of the most high-profile cases of data leakage in Russia occurred at the end of 2020. In December, a database of more than 100 thousand lines containing personal data of Moscow residents who had recovered from COVID-19 was made publicly available.

In November more than 1.3 million lines of data of Russian Railways Bonus customers appeared on the black market, containing the e-mail address and user ID, an encrypted password, the date of registration and last login, as well as service data.

"In June, there were data leaks from clients of the SuperJob.ru portal and the Skyeng online school of English, each of which was about 5 million lines and contained the full name, gender, date of birth, phone number, email address and other data," said Mr. Hovhannisyan.

He also recalled that in April there were leaks of 12 million records of Russians who issued microloans in various microfinance organizations in 2017-2019. At the same time, “almost a million lines of data of clients of the loyalty program of the retail chains K-Ruoka and K-Rauta appeared on the Internet, containing their full name, e-mail address, mobile and home phone numbers, gender, date of birth, date of filling out the questionnaire, numbers loyalty cards".

“Finally, the largest leak of nearly 600 million lines of data of customers of the Premium Bonus service, which was discovered in March 2020, containing personal data of customers of the service, was the largest leak this year. It provides loyalty programs to popular cafes and restaurants, for example, Mu-Mu, Jean Jacques, Pizza Empire”, concluded the expert. …

1Hacker

2 months ago

Kaspersky has reported hacker attacks on COVID-19 researchers

The hacker group Lazarus attacked the developers of the coronavirus vaccine: the Ministry of Health and a pharmaceutical company in one of the Asian countries

Kaspersky Lab reported that the hacker group Lazarus has launched two attacks on organizations involved in coronavirus research. The targets of the hackers, whose activities were discovered by the company, were the Ministry of Health in one of the Asian countries and a pharmaceutical company.

According to Kaspersky Lab, the attack occurred on September 25. Hackers used the Bookcode virus, as well as phishing techniques and compromising sites. A month later, on October 27, the Ministry of Health servers running on the Windows operating system was attacked. In the attack on the Ministry, according to the IT company, the wAgent virus was used. Similarly, Lazarus previously infected the networks of cryptocurrency companies.

"Two Windows servers of a government agency were compromised on October 27 by a sophisticated malware known to Kaspersky Lab as wAgent. The infection was carried out in the same way that was previously used by the Lazarus group to penetrate the networks of cryptocurrency companies," said Kaspersky Lab.

Both types of malware allow attackers to gain control over an infected device. Kaspersky Lab continues its investigation.

"All companies involved in the development and implementation of the vaccine should be as ready as possible to repel cyber attacks," added Kaspersky Lab.

The Lazarus group is also known as APT38. The US Federal Bureau of Investigation (FBI) reported that their activities are sponsored by the DPRK authorities.

Recall that in July, the National Cyber Security Centre (NCSC) and similar departments of the United States and Canada accused the hacker group APT29, allegedly associated with the Russian special services, in an attempt to steal information about the coronavirus vaccine. Dmitry Peskov, press secretary of the Russian President, denied the Kremlin’s involvement in the break-ins. …

1Hacker

2 months ago

Data Breach: Stolen User Records from 26 Companies Being Sold Online

A data broker has been allegedly selling stolen user data of twenty-six companies on a hacker forum. Reportedly, the hacker who has put on sale the stolen data for certain companies at a particular price – is yet to decide the pricing for the rest of the stolen databases.

The hacker behind the sale has stolen a whopping total of 368.8 million user records majorly from companies that previously reported ‘Data Breach’, however, seven new companies that joined the list were – Sitepoint.com, Anyvan.com, MyON.com, Teespring.com, Eventials.com, ClickIndia.com, and Wahoofitness.com.

Dark Web and Hacking Forums keep making headlines for their notorious relationship with data brokers and hackers who extensively use these platforms to leak or sell databases containing user information/credentials/records acquired during data breaches of various companies worldwide who later confirm the breaches. However, in the aforementioned case, only MyON and Chqbook have confirmed the data breaches, the other six companies have not given any statement confirming that they have experienced a data breach.

In a conversation with BleepingComputer, while confirming that their networks were compromised, MyON.com said, "In July 2020 we were made aware of a bad actor trying to sell portions of our data on the dark web. We immediately began investigating to shut down any continued threats to our data or the data of our customers. We were then able to confirm that according to federal and state privacy laws, no confidential student or customer data was compromised, and this incident did not rise to the level of an actual breach of student private data."

Whereas, while denying the claims of a data breach, Chqbook.com emailed BleepingComputer, saying, "There has been no data breach and no information belonging to our customers has been compromised. Data security is a key priority area for us and we conduct periodic security audits to ensure the safety of our customers’ information,"

The companies that fell prey to the data breach are as follows: MyON.com (13 million), Singlesnet.com (16 million), Teespring.com (8.2 million), ModaOperandi.com (1.2 million), Chqbook.com (1 million), Pizap.com (60 million), Anyvan.com (4.1 million), Fotolog.com (33 million), Eventials.com (1.4 million), Wahoofitness.com (1.7 million), Reverbnation.com (7.8 million), Sitepoint.com (1 million), Netlog.com (53 million), Clickindia.com (8 million), Cermati.com (2.9 million), Juspay.in (100 million), Everything5pounds.com (2.9 million), Knockcrm.com (6 million), Accuradio.com (2.2 million), Mindful.org (1.7 million), Geekie.com.br (8.1 million), Bigbasket.com (20 million), Wognai.com (4.3 million), Reddoorz.com (5.8 million), Wedmegood.com (1.3 million), Hybris.com (4 million).

Users who happen to be a part of any of the abovementioned websites are strongly advised to update their passwords, preferably something unusual and strong enough to thwart a brute-force attack. …