Collection #1 breach shows that the internet truly never forgets
A shocking revelation from the founder of “Have I Been Pwned” showed that over 772 million email addresses and over 21 million passwords were available on the dark web.
Dubbed “Collection #1”, the massive breach was reportedly a project that’s spanned over a decade, and over 2,000 malicious actors helped author the database.
This is a stark reminder that the internet never forgets. Once your passwords and email addresses are compromised, these credentials will always live on in one hacker’s database or another.
Government shutdown puts US cybersecurity at risk
The US government, now in its fourth week of a shutdown, is reportedly putting itself in danger thanks to a lack of resources.
With only minimal crews working out of the new Cybersecurity and Infrastructure Agency, some experts worry that hackers could take the chance to compromise smaller federal agencies and use them to infiltrate the larger ones in the future.
The fears are not unreasonable, especially when you consider the fact that malicious organizations will not take a break just because the US government is.
Fortnite exploit exposes player accounts
A now-patched security flaw allowed hackers to take over Fortnite players’ accounts, which then gave them the ability to purchase V-Bucks (their in-game currency) and then gift them to other accounts.
Hackers gained access by sending a link to players that, when clicked, sent them to a webpage that then stole login details.
Source: The Verge
Cryptomining malware evolves scary new ability
There is now malware that gets access to system administrator privileges by uninstalling cloud security protocols.
This tied to the Rocke Threat Group, who specialize in infecting systems with
cryptomining malware. It is speculated that another group, the Iron Cybercrime
Group, developed the original iteration of software.
Source: Threat Post
141 airlines and their customers exposed to security flaw
Airline system security flaws are a huge worry for the industry, and it seems to be for good reason.
The hack, which affected around 141 airlines, took advantage of a flaw in the flight booking system developed by Amadeus.
The relatively simple hack, discovered by Israeli security expert Noam Rotem, would allow one to claim frequent flyer miles, and even change customer emails and phone numbers.
Fortunately, this particular vulnerability was discovered before any major attacks happened. It could potentially have affected around half of all air travelers worldwide.
Source: The Hacker News