Today’s Top Security Roundup includes:
· Facebook and LinkedIn’s data breaches of 500+ million users
· Decrypting messages leads to a $1.7 billion cocaine bust
· A Zoom vulnerability could enable hackers to take over your computer
· 600k+ payment cards were stolen from a cybercrime forum
Only last week, a data breach bombshell dropped: Facebook leaked the data of 533 million users. The data breach included sensitive information, such as the user’s full name, phone numbers, and location.
While cybersecurity experts argue that Facebook had plenty of time and resources to fix the issue, Facebook claims that it fixed the problem in August 2019.
Signal Integrating MobileCoin
Cryptocurrencies are integrating our lives faster than anything else ever witnessed before. As such, the messaging app lauded for its privacy, Signal, is integrating the new cryptocurrency MobileCoin. Although this will enable Signal to compete with rival apps, many question if the app will maintain its reputation of offering privacy and simplicity.
Slack and Discord Flooded with Malware
As VoIP services surged during the pandemic attracting millions of daily users, hackers see a great opportunity. It has come to light that hackers are spreading malware via Slack and Discord. If you use the apps, be careful of suspicious messages and links coming from outside your workspace.
Data of 500 Million LinkedIn Users Posted for Sale Online
Just a few days ago it came to light that Facebook’s data leak of 533 million users dating back to 2019 is publically available on a hacking forum. Now, LinkedIn is under the same hot waters as Facebook with a massive data breach of 500 million of its own users.
Hackers posted the leaked data on a popular hacking forum that includes LinkedIn IDs, full names, professional titles, email addresses, phone numbers, and other personally identifiable information (PII).
Decrypting Messages Leads to a $1.7 Billion Cocaine Bust
Belgian authorities decrypted half a billion messages sent using Sky ECC, a subscription-based encrypted messaging company. Since then, the company has been shut down and its equipment has been seized by the FBI. The decrypted messages led to valuable information and the arrests of 48 people in Belgium and 73 in the Netherlands allegedly linked to the drug trade.
Sky ECC argues that their service had been hacked or cracked, instead claiming that a fake version of the app had been illegally distributed and subsequently used to phish users.
A Zoom Vulnerability Enables Hackers to Control Your PC or Mac
Ever since Zoom gained popularity and an increase in its user base, its security issues are increasing on a day-to-day basis. This week, two Dutch researchers, Daan Keuper, and Thijs Alkemade, unveiled that they could remotely control a PC running Zoom with no user interaction.
The exploit requires no user interaction other than the Zoom app running in the background. The vulnerability only affects the Zoom app’s desktop version, and the browser version of the Zoom meeting client is not affected.
Swarmshop Breach: 600K+ Payment Card Records Leaked
Swarmshop is a store for stolen personal and payment records. The leaked database was posted on an underground forum containing 12,344 records of the card shop admins, sellers, and buyers, including their nicknames, hashed passwords, contact details, history of activity, and the individual’s current balance.
The compromised data traded on the website, including 623,036 payment card records issued by the banks from the USA, Canada, the UK, China, Singapore, France, Brazil, Saudi Arabia, Mexico; 498 sets of online banking account credentials and 69,592 sets of US Social Security Numbers and Canadian Social Insurance Numbers.