Cybersecurity Weekly: Largest ever password dump, DoJ recovers ransom, Chrome bugs
The largest password collection ever was leaked online with 8.4 billion entries. The U.S. DoJ recovers more than half of the ransom paid by Colonial Pipeline. A Chrome browser bug is under active attack. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Largest password collection ever leaked online with 8.4 billion entries
What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100 GB text file that contains 8.4 billion entries of passwords. According to the post author, all passwords included in the leak are 6-20 characters long, with non-ASCII characters and white spaces removed.
2. U.S. DoJ recovers more than half ransom paid by Colonial Pipeline
Last week, the DoJ recovered $2.3 million worth of the $4.4 million in bitcoin paid by Colonial Pipeline. In this case, the DOJ's actions were encouraging, said Keatron Evans, principal security researcher at Infosec. "But it should be pointed out that this result is not typical and probably won't be.”
3. Chrome browser bug under active attack
A bug in the Chrome web browser is actively under attack, and Google is urging users to upgrade to the latest version to mitigate the issue. That exploit is identified as a type confusion bug within Google’s V8 open-source JavaScript and WebAssembly engine.
4. U.S. authorities shut down largest marketplace for stolen logins
Last week, the U.S. Department of Justice disrupted and took down the infrastructure of an underground marketplace known as Slilpp. Slipp specialized in trading stolen login credentials as part of an international law enforcement operation. The DoJ said the stolen login credentials sold over Slilpp have been used to siphon more than $200 million in the U.S.
5. McDonald's suffers cyberattack in US, South Korea and Taiwan
The fast food chain hired external investigators to analyze unauthorized activity on an internal security system after suffering a breach earlier this year. Keatron Evans, principal security researcher at Infosec, explained that McDonald's cited recent investments into cybersecurity as one of the reasons the company responded and reported the incident so quickly.
6. Linux system service bug lets you get root on most modern distros
Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. Even though many Linux distributions haven't shipped with the vulnerable polkit version until recently, any Linux system shipping with polkit 0.113 or later installed is exposed to attacks.
7. CD Projekt data stolen in ransomware attack now circulating online
In February, CD Projekt suffered a ransomware attack that allowed threat actors to steal source code and business data before encrypting devices. In a new statement published last week, CD Projekt announced that this stolen data is now being circulated and may include employee and contractor details.
8. Mozilla says Google's new ad tech doesn't protect user privacy
Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. Because of this, security researchers at Mozilla are skeptical about the privacy of this new system.
9. Hackers can exploit Samsung pre-installed apps to spy on users
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could allow adversaries access to personal data without users' consent and to take control of the devices. Samsung device owners are recommended to apply the latest firmware updates from the company to avoid any potential security risks.
10. Nameless malware attacks 1.2 TB database in the cloud
Last week, researchers said a so-called nameless, undetected malware stole a database in the cloud that contained some 1.2 terabytes of files, cookies and credentials that came from 3.2 million Windows-based computers. The hacker group disclosed the database location accidently and the cloud provider hosting the data was able to eventually take it down.