Duolingo data leak and the Met Police IT hack
Duolingo data leak exposes data of 2.6 million users, Met Police IT hack puts officers’ data at risk and Jupiter X Core vulnerabilities. Catch all this and more in this week’s edition of Cybersecurity Weekly.
Top Security Awareness Posters
1. Duolingo hackers post scraped data of 2.6 million users on a hacking forum
Language learning platform Duolingo recently suffered a breach that exposed the sensitive data of 2.6 million users. Hackers scraped and sold this data on a hacking forum, which includes public login names, real names and non-public email addresses. Despite knowing about the exposed API that allowed the breach, Duolingo has not taken it down. The incident poses a risk for targeted phishing attacks and calls the company's data protection measures into question.
2. Met Police on high alert after IT breach exposes details of staff and officers
The London Metropolitan Police are on high alert after a breach involving one of its IT suppliers. This supplier had access to sensitive information like names, ranks and vetting levels of officers. The force is working closely with the company to assess the scope of the exposure. Yet, they remain uncertain about when the breach occurred or how many personnel are at risk. The incident has been escalated to the National Crime Agency and could lead to significant damage if not rapidly contained.
3. Jupiter X Core WordPress plugin flaws could facilitate site hijacking
WordPress security analyst Rafie Muhammad uncovered two serious vulnerabilities in Jupiter X Core, a plugin used in over 172,000 WordPress and WooCommerce websites. The first flaw allowed unauthorized users to upload files, leading to potential code execution on the server. The second enabled account hijacking if the attacker knew the user's email address. Even though the plugin's developer has resolved these issues, users are advised to update to the latest version for optimal security.
4. Danish cloud host loses all customer data in a ransomware campaign
CloudNordic, a Denmark-based cloud hosting company, recently suffered a ransomware attack that compromised all customer data and backups. The attack encrypted the company's internal network, making data restoration impossible. While there's no evidence of data exfiltration, the company won't pay the hackers' ransom. CloudNordic and affiliate Azero are now rebuilding web and email systems without the lost data. So far, no ransomware group has claimed responsibility for the attack.
5. New Whiffy Recon malware leverages Wi-Fi to triangulate victims’ location
Secureworks researchers have discovered that the Smoke Loader botnet is deploying a new malware called Whiffy Recon. This malware leverages Google's geolocation API and Wi-Fi scanning to triangulate the locations of infected devices. The pinpoint accuracy—ranging between 20-50 meters—enables more focused attacks and the intimidation of victims. Whiffy Recon updates its location data every minute, which could apply real-time pressure on victims.
See Infosec IQ in action