"RockYou2024 compilation containing 10 billion passwords was leaked online."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 09 July 2024, 1538 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed/Security Affairs.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

65K followers23 articles per week#security#tech

16

MOST POPULAR

RockYou2024 compilation containing 10 billion passwords was leaked online

5 TTPs

•

38by Pierluigi Paganini / 16h

•

Massive password leak exposes cybersecurity risks

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. RockYou2024 announcement: Source CyberNews The compilation (“rockyou2024.txt”) contains 9,948,575,739 unique plaintext passwords was posted

Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

Ticketmaster breach exposes Taylor Swift tickets

•

48by Pierluigi Paganini / 4d

The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, New Orleans, and Indianapolis. The threat actor dem

Hackers stole OpenAI secrets in a 2023 security breach

35by Pierluigi Paganini / 3d

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. The American newspaper revealed that the threat actors gained access to the internal discussions among researchers and other employees, but they did not access the source code of

YESTERDAY

Avast released a decryptor for DoNex Ransomware and its predecessors

2 TTPs

•

by Pierluigi Paganini / 6h

•

Avast decrypts DoNex ransomware

Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomware and its predecessors that allowed them to develop a decryptor. The experts revealed the weakness during the Recon 2024 conference . Avast also released a decryptor that allows victims to recover thei

Critical Ghostscript flaw exploited in the wild. Patch it now!

4 TTPs

•

by Pierluigi Paganini / 20h

Threat actors are exploiting Ghostscript vulnerability CVE-2024-29510 to bypass the sandbox and achieve remote code execution. Threat actors are actively exploiting a Ghostscript vulnerability, tracked as CVE-2024-29510, that can allow them to escape the – dSAFER sandbox and achieve remote code execution. Ghostscript is an interpreter for the PostScript language and for PDF files. It is used prim

Apple removed 25 VPN apps from the App Store in Russia following Moscow’s requests

Russia forces Apple remove VPNs

•

by Pierluigi Paganini / 1d

Apple removed several virtual private network (VPN) apps from its App Store in Russia following a request from the Russian Government. Russia is tightening its citizens’ control over Internet access and forced Apple to remove several virtual private network (VPN) apps from its App Store in Russia following a request from Russia’s state communications watchdog Roskomnadzor . “Over the past few yea

JUL 7, 2024

CISA adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog

5 TTPs

•

by Pierluigi Paganini / 1d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco NX-OS Command Injection Vulnerability, tracked as CVE-2024-20399 , to its Known Exploited Vulnerabilities (KEV) catalog . This week, Cisco addressed an NX-OS zero-day, trac

Apache fixed a source code disclosure flaw in Apache HTTP Server

4 TTPs

•

by Pierluigi Paganini / 1d

The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple vulnerabilities in its popular Apache HTTP Server. The vulnerabilities include denial-of-service (DoS), remote code execution, and unauthorized access issues. One of these vulnerabilities is a critical source code dis

Security Affairs Malware Newsletter – Round 1

by Pierluigi Paganini / 2d

Today marks the launch of the Security Affairs newsletter, specializing in Malware. This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best articles and research on malware. CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts Supply Chain Compromise Leads to Trojanized Installers for Notezilla, Rec

JUL 6, 2024

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 2d

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfi

Alabama State Department of Education suffered a data breach following a blocked attack

Alabama State Education cyber attack investigation

•

by Pierluigi Paganini / 2d

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped. Superintendent Eric Mackey, who disclosed the attack, said they are wo

GootLoader is still active and efficient

12 TTPs

•

by Pierluigi Paganini / 2d

•

GootLoader malware active

Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereason researchers warn. The malware has evolved, resulting in several versions, with GootLoader 3 currently in use. Despite updates to the payload, the infection strategies and overall functionality have rem

JUL 5, 2024

Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

IoC > 1 URL

•

by Pierluigi Paganini / 4d

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that adde

New Golang-based Zergeca Botnet appeared in the threat landscape

IoC > 1 IP

•

by Pierluigi Paganini / 4d

•

17 TTPs

•

New Golang-based Zergeca botnet conducts powerful

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusT

JUL 4, 2024

Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus

4 TTPs

•

by Pierluigi Paganini / 4d

Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves exploiting two cus

Hackers compromised Ethereum mailing list and launched a crypto draining attack

Ethereum mailing list breach affects 35

•

by Pierluigi Paganini / 4d

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a malicious site running a crypto drainer. “This w

END OF FEED