Cyware Daily Threat Intelligence, July 13, 2020

Share Blog post

The dark web is, undoubtedly, becoming a cybersecurity nightmare for businesses. In a major finding, researchers have revealed that a hacker named NightLion has put up some 50 databases - belonging to DataViper - for sale. In total, the hacker has breached over 8,200 databases that included data of billions of users and information of companies from past security breaches.

Apart from this, the personal data of more than 45 million tourists visiting Thailand and Malaysia has made its way into the dark web. The leaked information includes passenger ID, full names, phone numbers, passport details, gender, and flight details of travelers. Additionally, personally identifiable information of over 45,000 U.S. citizens was published on the dark web.

Top Breaches Reported in the Last 24 Hours

Over 45 million travelers data breached
Personal data of over 45 million tourists who visited Thailand and Malaysia have been found on the dark web. The leaked records include passenger ID, full names, phone numbers, passport details, gender, and flight details of travelers.

NighLion breaches 8225 databases
A hacker named NightLion has claimed to have breached Vinny Toria’s ‘DataViper’ data monitoring service on July 9, 2020. In this attempt, the hacker has stolen data belonging to billions of users from over 8,225 databases, which also contained data of other companies from past security breaches. Currently, 50 of these stolen databases are put for sale on a popular dark web marketplace, Empire.

Data of over 40,000 citizens leaked
A threat actor has published information of more than 40,000 U.S. citizens, along with their social security numbers on the dark web. The breached data included first and last names, addresses, dates of birth, state, and zip code.

Top Malware Reported in the Last 24 Hours

Malicious scripts
Malicious PowerShell scripts that include a new evasion module to evade Any.Run sandbox service are being used to download and install malware onto a computer. One of the malicious scripts makes an attempt to execute Azorult trojan.

Top Vulnerabilities Reported in the Last 24 Hours

Kasa camera flaw
A flaw discovered in a popular outdoor home security camera, Kasa, can be exploited to spy on a user’s home and change the camera’s settings. Identified as an account takeover issue, the vulnerability can also be exploited to change passwords, modify camera settings, or view private security footage. Researchers had reported the flaw to the TP-Link on June 15 and a patch for the same is still awaited.

 Tags

account takeover issue
nightlion
kasa camera
dataviper

Posted on: July 13, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!