March 3, 2021 So glad I came across this now just after going through the scheme as a victim. Having had an Atomic wallet for my cryptos for years was a very comforting thing. But once I had a problem with balances that showed as pending transactions but were indicated as confirmed in the History tab of my Atomic wallet phone app for a week, I still had enough confidence that all was okay as usual. I emailed the Support team on the matter wanting to inform them of the existence of such anomaly but their responses were very dull - almost out of context.
A cloud misconfig by SocialArks exposed 318 million records gleaned from Facebook, Instagram and LinkedIn.
More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.
The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.
The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.
minute read
Share this article:
More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.
Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products.
Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware (CVE-2020-29583) and released patches to address the issue. Zyxel devices are generally utilized by small businesses as firewalls and VPN gateways.
Fast forward to this week, several security researchers have spotted “opportunistic exploitation” of Zyxel devices that have not yet received updates addressing the vulnerability.
Those buying German Shepherd puppies for Bitcoin online are in for a ruff ride.
Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning.
The scam was discovered by an intrepid researcher at Anomali, who got wind of the fake puppy offer and decided to investigate.
“When one of our researchers heard about this con, he dug deeper into it,” Gage Mele, researcher with Anomali, told Threatpost. “Because consumers are last-minute shopping ahead of the holidays and continuing to buy pets at a higher rate due to COVID-19 shelter-at-home restrictions, we issued a consumer alert.”
Underground marketplace pricing on RDP server access, compromised payment card data and DDoS-For-Hire services are surging.
Cybercriminals are vying for Remote Desktop Protocol (RDP) access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing.
During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the disruption,” said researchers and this has also been reflected on underground markets, where new services like targeted ransomware and advanced SIM swapping are popping up.
“As a result of COVID-19 and associated global trends, demand for malicious and illicit goods, services and data have reached new peak highs across dark web marketplaces (DWMs),” said researchers in a Friday analysis. “Flashpoint has also observed what can only be described as impressive, shrewd innovation throughout the cybercrime ecosystem.”