Blueliv Intelligence Briefing

Your cybersecurity news summary

Wednesday,   August 12th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Information security training organization falls victim to phishing attack

"We have identified a single phishing e-mail as the vector of the attack. As a result of the e-mail, a single employee's email account was impacted. Aside from the affected user, we currently believe that no other accounts or systems at SANS were compromised," states the SANS data incident notification. The threat actor then proceeded to configure a rule that forwarded all email received in this account to an "unknown external email address" and installed a malicious Office 365 add-on. Learn more >

Customer data breached at Michigan State online store

Hackers have breached Michigan State University’s online store, gaining access to customer credit card numbers and other personal information, the university said. The university on Monday began notifying customers who may have been affected by the hack. Michigan State’s information security team has corrected the site’s vulnerabilities that allowed the intrusion between Oct. 19, 2019 and June 26, officials said. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Friday,   August 7th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Intel leak of 20GB of source code

“Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret,” the developer added. Those browsing firmware source code will find comments referring to backdoors, but that could mean anything and does not necessarily mean they can gain access to your computer. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Tuesday,   August 4th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

LG and Xerox data leaked after Maze Ransomware attack not paid

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. Researchers who analyzed the leaked data confirmed that it included source code for the firmware of various LG products, including phones and laptops. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Tuesday,   July 21st,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

1.2TB of user data exposed in VPNs data leakage

Seven Hong Kong-based VPN providers that include UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Safe VPN, and Rabbit VPN, which appear to have as many as 20 million users worldwide have reportedly leaked their user data online. As per various media reports, the amount of user data from 20 million users can go as high as 1.2 TB of data. The exposure occurred due to the database hosted on an Elasticsearch cluster being left without any password. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Friday,   July 17th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Casting company data leakage of more than 10M records

An open Elasticsearch server was, hosted by Google Cloud, was discovered by some experts in the United States. The database was not secured via any form of authentication and in total, close to 10 million records were exposed. The database was 1GB in size and upon investigation, the team found that over 260,000 users of the website had their profiles leaked, including aspiring actors and potentially members of staff. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Wednesday,   July 15th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Wattpad data breach exposes 270M user records

In an anonymous tip, it was told to some experts that this database was being sold by Shiny Hunters, a group known for selling company databases acquired in data breaches. At the same time, another firm exposed that this database was being sold for ten bitcoins, or almost $100,000 at the time. A few sample records of this database contain user names, names, hashed passwords, email addresses, and general geographic location. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Tuesday,   July 14th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Online auction platform breached more than 3M user records

LiveAuctioneers has confirmed a security incident after a database containing 3.4 million user records was put up for sale on the dark web for $2,500. “As of July 11th, 2020, our cybersecurity team has confirmed that an unauthorized third party accessed certain user data through a security breach at a LiveAuctioneers data processing partner that occurred on June 19,” the company said.   Learn more >  

Blueliv Intelligence Briefing

Your cybersecurity news summary

Monday,   June 29th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

GeoVision access control devices let hackers steal fingerprints

In a new report by Acronis, researchers disclose numerous vulnerabilities in GeoVision surveillance equipment and fingerprinter scanners. Acronis’ security team found four critical vulnerabilities in GeoVision's devices, including a backdoor password with admin privileges, the reuse of cryptographic keys, and the disclosure of private keys to everyone. All of these vulnerabilities could allow state-sponsored attackers to intercept potential traffic. The CVEs made public by Acronis include CVE-2020-3928, CVE-2020-3930, and CVE-2020-3929, and were found in fingerprint scanners, access card scanners, and access management appliances being used around the world.   Learn more >  

Blueliv Intelligence Briefing

Your cybersecurity news summary

Monday,   June 22nd,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collection — nearly 270 gigabytes in total — is the latest release from Distributed Denial of Secrets (DDoSecrets), an alternative to Wikileaks that publishes caches of previously secret data.   Learn more >