Over 500 Million Facebook Users' Personal Data Dumped on Hacker Forum
FBI and CISA warn of Fortinet FortiOS VPN critical flaws, Applus attack prevents vehicle inspections in eight states, Criminals attacked Github cloud infrastructure for crypto-mining, much more
Start the week right and consider supporting Metacurity through a subscription. You’ll gain access to our archives and special premium subscriber content!
Facebook admits that data on 533 million of its users published in a hacker forum on Saturday morning came from a breach it experienced in 2019.
The exposed data includes phone numbers, Facebook IDs, full names, locations, birthdates, bios, and in some cases, email addresses for its users spanning 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.
The data was first discovered by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock. (Aaron Holmes / Insider)
Related: CyberNews, Cybersecurity Insiders, Reuters: World News, Reddit - cybersecurity, The Hacker News, Associated Press Technology, The Guardian, News.com , South China Morning Post, PogoWasRight.org, TWCN Tech News, PogoWasRight.org, HackRead, India Today Latest Stories, DataBreaches.net, Bleeping Computer, iClarified, PhoneArena, DAILYSABAH, Deutsche Welle, NDTV Gadgets360.com, Slashdot, ZDNet, Gizmodo, Asia One World, Business Standard, IB Times, The Hill, ZDNet, Tech Xplore, Security News | Tech Times, Yle News | Tuoreimmat uutiset, Security Affairs, BGR, ZDNet, The Record by Recorded Future, DataBreachToday.com, Japan Today, Capital Gazette, RT News, AppleInsider, NY Post, Tom's Guide, Gulf News Technology, SecureReading, Infosecurity.US, Hong Kong Free Press HKFP, Startups News | Tech News, Cyber Kendra, 9to5Mac, Security Affairs, The Hacker News, Slashdot, TechDator, CNN
Alon Gal (Under the Breach) @UnderTheBreachIn early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries. It was severely under-reported and today the database became much more worrisome 1/2 https://t.co/ryQ5HuF1Cm
In a joint advisory, the FBI and the Cybersecurity and Infrastructure Security Agency warned that advanced hackers are likely exploiting critical vulnerabilities in the Fortinet FortiOS VPN in an attempt to lay the groundwork for breaching medium and large-sized businesses in later attacks.
CISA encourages users and administrators to review Joint CSA AA21-092A: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks and implement the recommended mitigations. (Dan Goodin / Ars Technica)
Related: CRN, Threatpost, The Record by Recorded Future, US-CERT Current Activity, isssource.com, Cyberscoop, Security Affairs, Bleeping Computer, Dark Reading: Vulnerabilities / Threats, SC Magazine, Tenable
The FBI used a wealth of surveillance technologies to track down and identify the rioters who stormed the U.S. Capitol on January 6, including social media posts, license plate scanners, facial recognition software, and cameras worn by police, according to more than 1,000 pages of arrest records, FBI affidavits and search warrants reviewed by The Washington Post.
The documents provide insight into how far-reaching the digital fingerprints nearly everyone leaves behind in the digital era are. Government agents across the FBI’s 56 field offices have executed at least 900 search warrants in all 50 states and D.C., many of them for data held by the telecommunications and technology giants who maintain vast reservoirs of data on virtually all Americans. (Drew Harwell and Craig Timberg / Washington Post).
A March 30 malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin.
Applus Technologies can’t say when it will restore service because state governments require them to undergo a rigorous mitigation and testing process. (Lawrence Abrams / Bleeping Computer)
Code-hosting service GitHub is actively investigating a series of attacks that started in the fall of 2020 against its cloud infrastructure. The attacks allowed cybercriminals to implant and abuse the company’s servers for illicit crypto-mining operations.
The attacks have abused a GitHub feature called GitHub Actions, which allows users to automatically execute tasks and workflows once a certain event happens inside one of their GitHub repositories. Dutch security engineer Justin Perdok says that at least one threat actor is targeting GitHub repositories where GitHub Actions might be enabled. (Catalin Cimpanu / The Record)
Yann Esposito @yogsotothCrypto-mining attack in my GitHub actions through Pull Request https://t.co/UyOAlQTdvZ #security
Prompted by new findings while analyzing data stolen in a data breach announced in 2019, Capital One notified additional customers that their Social Security numbers were exposed in the breach.
Capital One says it is notifying customers of this additional exposed personal information even though there is no evidence that it was disseminated or used for fraud. (Sergiu Gatlan / Bleeping Computer)
The latest victim of hacker attacks on Accellion’s file sharing service, The University of California at Berkeley, warned students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies, and companies nationwide.
In a statement, UC Berkeley said that the hacker or hackers also have been sending threatening mass emails threatening to publish data “in an attempt to scare people into giving them money.” The university also said that 300 organizations, including many other universities, have also been similarly breached through a vulnerability in the service. (Robert Jablon / Associated Press)