Skip to content
Get weekly news collection
Metafinanz Security News Collections

Latest Security News Collection

Security news collection - current edition

01

Candy Crush, Tinder, MyFitnessPal: Thousands of Apps Hijacked to Spy on Your Location

#CandyCrush #Tinder #MyFitnessPal #LocationData #GravyAnalytics #DataBreach #Privacy #RTB #MobileSurveillance #DataHarvesting #AdEcosystem #cybercrime #cybersecurity

A hack of location data company Gravy Analytics has exposed how some of the world’s most popular apps, including Candy Crush, Tinder, and MyFitnessPal, are being used to collect sensitive location data without users’ knowledge. The hacked files reveal that thousands of apps across both Android and iOS are involved, with data ending up at a location data company whose subsidiary has previously sold global location data to US law enforcement.

This data collection occurs through the advertising ecosystem, not the app developers’ code, making it likely that neither users nor developers are aware of the surveillance. The data provides insight into real-time bidding (RTB), where companies bid to place ads inside apps, allowing data brokers to harvest location information from mobile phones.

→ Read more on wired.com

02

Hackers Breach Hewlett Packard Enterprise, List Data for Sale

#HPEBreach #IntelBroker #DataLeak #CyberSecurity #Monero #Hackread #DataBreach #TechSolutions #CyberAttack #StolenData #Hacking #DataProtection #cybercrime #cybersecurity

The notorious hacker IntelBroker and their associates have claimed responsibility for breaching Hewlett Packard Enterprise (HPE), a global technology solutions provider based in Houston, TX. The hacker, previously linked to several high-profile data breaches, is now selling the allegedly stolen data, demanding payment in Monero (XML) cryptocurrency to remain anonymous and untraceable. IntelBroker revealed to Hackread.com that the breach was a direct attack on HPE’s infrastructure, not involving third-party access.

The stolen data includes source code, private GitHub repositories, Docker builds, certificates, product source code for Zerto and iLO, old PII related to deliveries, and access to APIs, WePay, and self-hosted GitHub repositories. The hacker shared a data tree and screenshots allegedly taken from HPE’s internal infrastructure, highlighting the severity of the breach.

→ Read more on hackread.com

03

Star Blizzard Targets WhatsApp in New Campaign

#StarBlizzard #WhatsApp #CyberEspionage #SocialEngineering #MicrosoftThreatIntelligence #FSB #CyberSecurity #SpearPhishing #DataBreach #InternationalRelations #NCSC #CyberThreats #cybercrime #cybersecurity

The Russian nation-state group Star Blizzard has shifted its focus to targeting WhatsApp accounts following a law enforcement takedown of its infrastructure. Microsoft Threat Intelligence observed the group conducting a social engineering campaign in mid-November 2024, aiming to compromise the WhatsApp accounts of individuals in government and policy-related positions, particularly those involved in international relations and Russia. This marks the first significant change in the group’s longstanding tactics, techniques, and procedures (TTPs).

The shift to WhatsApp targeting likely resulted from the takedown of over 100 websites used by Star Blizzard in coordination with the US government in October 2024. Despite the campaign’s termination at the end of November, it highlights the group’s persistence in spear-phishing campaigns to access sensitive information. Star Blizzard, also known as Coldriver, is linked to Russia’s FSB and has previously targeted high-profile NGOs, former intelligence and military officers, and NATO governments.

→ Read more on infosecurity-magazine.com

04

Consumers Growing Apathetic to Cyber Incidents, Research Finds

#CyberIncidents #ConsumerTrust #DataBreach #CyberSecurity #VercaraSurvey #BusinessImpact #GenerationalDifferences #BabyBoomers #GenZ #OnlineShopping #SecurityResponse #DataProtection #cybercrime cybersecurity

Despite a rise in cyber incidents, a Vercara survey found that breaches had less impact on consumer trust in 2024. While consumers are becoming accustomed to the risks of personal information on the internet, business leaders should not settle for this apathy. According to Morales, it’s not an increase in confidence but a decrease in worry. Breaches still affect a business’s bottom line, with 7 in 10 consumers saying they would stop shopping with a brand after a security incident.

The report also highlighted generational differences, with baby boomers being the most likely to change their shopping habits. Morales noted that baby boomers are less trusting than Gen Z, who are more accustomed to online shopping. A company’s response to a security incident can be as impactful as the incident itself.

→ Read more on cybersecuritydive.com

05

Major Data Leak Exposes 1.5 Billion Records from Weibo, DiDi, and More

#DataLeak #CyberSecurity #Weibo #DiDi #JDcom #ChineseBanks #IdentityTheft #Phishing #CyberAttacks #DataProtection #Cybernews #Elasticsearch #CERTChina #CyberCrime #cybersecurity

A massive data leak has exposed 1.5 billion records, including full names and government ID numbers, primarily affecting Chinese nationals. The dataset, uncovered by the Cybernews research team, includes information from Weibo, various Chinese banks, mobile carriers, and other sectors. The unprotected server, which housed data from major brands like JD.com, Weibo, and DiDi, was exposed for several months before being closed. Researchers believe the dataset is a mix of known and new data leaks collated on a single Elasticsearch server.

The lack of clear ownership hints at malicious intent, with threat actors likely to exploit the data for identity theft, phishing schemes, and targeted cyberattacks. This incident underscores the need for robust cybersecurity measures to protect sensitive information.

→ Read more on cybernews.com

06

Germany: 54% of Companies Affected by Network Attacks

#NetworkAttacks #CyberSecurity #KasperskyReport #HumanSecurityGap #DataLeaks #ITSecurity #EmployeeAwareness #SmallBusinesses #MediumEnterprises #SecurityIncidents #DigitalThreats #ComprehensiveSecurity #cybercrime #cybersecurity

The latest IT Security Economics Report by Kaspersky highlights a concerning situation in German companies: over half (54%) have experienced network attacks, with malicious code executed within the network in 42% of cases. Alarmingly, employees were identified as the weak link in 31% of incidents.

This “human security gap” includes both intentional and unintentional actions or omissions by staff. Comparatively, small businesses (43%) and medium-sized enterprises (33%) are more affected than large companies (16%). Poor IT system handling, negligence, and lack of awareness are major causes of security incidents and data leaks. The threat landscape for German companies remains high, necessitating comprehensive security strategies that address both technical and human vulnerabilities to thrive in the digital world.

→ Read more on it-daily.net

07

Data From 15,000 Fortinet Firewalls Leaked by Hackers

#FortinetLeak #DataBreach #CyberSecurity #CVE202240684 #BelsenGroup #FirewallConfigurations #KevinBeaumont #Shodan #ZeroDayExploit #DataProtection #CyberAttack #SecurityBreach #cybercrime #cybersecurity

Hackers have leaked data from 15,000 Fortinet firewalls, exploiting the CVE-2022-40684 vulnerability. The hacker group, Belsen Group, claims this is their “first official operation” and announced on January 14 that the data, including IPs, passwords, and configurations, is available for free. Security researcher Kevin Beaumont confirmed the data’s authenticity after mapping it to internet-exposed Fortinet devices visible on the Shodan search engine.

The leaked information, classified by country of origin, includes usernames, passwords, device management certificates, and firewall rules. Beaumont’s analysis suggests the data was collected in October 2022. The CVE-2022-40684 vulnerability was first acknowledged by Fortinet in October 2022, admitting it had been exploited in at least one attack.

→ Read more on securityweek.com

08

Enzo Biochem Settles $7.5M Lawsuit Over 2023 Ransomware Attack

#EnzoBiochem #RansomwareAttack #DataBreach #CyberSecurity #LegalSettlement #DataProtection #HealthcareSecurity #LetitiaJames #CredentialHygiene #MultiFactorAuthentication #PatientSafety #CyberAttackResponse #cybercrime #cybersecurity

Enzo Biochem has settled a class-action lawsuit for $7.5 million related to a 2023 ransomware attack. The agreement, reached on January 13 and disclosed via a Form 8-K with the SEC, also required Enzo to upgrade its data protection systems. This follows a $4.5 million fine paid to three state attorneys general five months ago for the same incident. The attack compromised the data of 2.47 million people, with an investigation led by New York attorney general Letitia James revealing significant security failings.

These included outdated credentials, lack of multi-factor authentication, and ineffective data encryption. Enzo has since invested in a comprehensive 15-point security refurbishment.

→ Read more on theregister.com

09

Online Crime in Lower Saxony Causes Millions in Damages in 2024

#OnlineCrime #LowerSaxony #Ransomware #OnlineBanking #DDoSAttacks #LKA #DataProtection #CyberThreats #FinancialImpact #SecurityMeasures #CrimeStatistics #cybercrime #cybersecurity

The LKA Niedersachsen has reported initial figures for online crime in 2024, revealing millions in damages. While some areas saw a decline in crime rates, the overall financial impact remains significant. Ransomware incidents shifted from institutions to private individuals, with a mid-double-digit number of cases reported in 2024. Online banking attacks continued to be a major issue, with cases in the low four-digit range and damages in the low tens of millions. DDoS attacks on servers also decreased significantly in 2024. Despite these trends, the threat landscape for online crime in Lower Saxony remains high, necessitating comprehensive security measures.

→ Read more on heise.de

10

Costa Rica Refinery Cyberattack Tests New US Response Program

#CostaRica #Cyberattack #Ransomware #FALCON #USStateDepartment #RECOPE #CyberSecurity #DigitalDefenses #InternationalCollaboration #CyberThreats #BidenAdministration #CyberResponseProgram #cybercrime #cybersecurity

A ransomware attack on Costa Rica’s largest oil refinery last year served as the first real-world test for the U.S. State Department’s new rapid response tool, FALCON. This initiative aims to provide swift support for cybersecurity incidents, leveraging private sector capabilities.

The attack on the state-run Refinadora Costarricense de Petróleo (RECOPE) occurred the day before Thanksgiving, impacting its administrative systems. Costa Rica, a frequent target of cyber actors, received assistance from the U.S. to bolster its digital defenses. The Biden administration had previously provided $25 million to strengthen the country’s cybersecurity. The incident underscores the importance of international collaboration in combating cyber threats.

→ Read more on therecord.media

Contact us

+49 89 360 5310 | security-awareness@metafinanz.de

The editors are not responsible for the content of each article.