Massive data breaches can wreak financial and logistical havoc on the companies that experience them and it is the valuable customers who often pay the price for trusting them. Researchers at Lucy Security have recently spotted a 150 GB data trove that contains stolen data from 945 websites and impacts around 14 million individuals worldwide. Meanwhile, another cybercriminal was also found selling around 133 million user records pertaining to 14 companies in a diverse price range on the dark web. With this, let’s go through the top cybersecurity highlights from the past 24 hours.
01
Lucy Security discovered two leaked databases, containing approximately 150 GB of stolen data from 945 websites, put up for sale on the dark web. It is estimated to affect around 14 million people around the world.
02
An imfamous data breach broker is reportedly selling around 133 million user records belonging to 14 companies, in the price range from $100 to $1,100. The broker has claimed that the data on sale was acquired by hackers this year.
03
A hacker exploited a loophole at Balancer Pool, a Decentralized Finance (DeFi) liquidity provider, to pilfer $500,000 worth of Ethereum and other cryptocurrency coins.
04
Group-IB researchers reported a multi-stage bitcoin scam that lured close to 250,000 people into enlisting on an untrustworthy investment site. The attackers leveraged Personally Identifiable Information (PII) to mislead individuals.
05
Bitdefender researchers exposed attacks by the StrongPity APT group to selectively infect targets in the Kurdish community of Syria and Turkey for surveillance and intelligence exfiltration purposes.
06
The University of California San Francisco (UCSF) disclosed that it paid roughly $1.14 million to ransomware operators to get access to encrypted data.
07
Researchers spotted a new phishing campaign using iCalendar invitations through an already compromised email account belonging to a school district.
08
With 99% accuracy, researchers at the University of Texas formulated a tool to determine whether an Android game or other kind of mobile app complies with the federal Children’s Online Privacy Protection Act (COPPA) or not.
09
Cynet, an Israel-based autonomous breach protection firm, raised $18 million in Series B+ funding round led by Telekom Innovation Pool (TIP), with participation from new investors BlueRed Partners and Merlin International, along with existing investors.
10
Hunters, a Tel Aviv-based threat hunting company, raised $15 million in Series A funding round from Microsoft’s M12 and U.S. Venture Partners with the participation of previous investors.
