Top 2023 Security Affairs cybersecurity stories
January 01, 2024
These are the Top 2023 Security Affairs cybersecurity stories … enjoy it.
CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA
Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported.
1.7 TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE
1.7 TB of data stolen from Cellebrite, a digital intelligence company that provides tools for law enforcement, were leaked online.
LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW
The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data.
FBI HACKER USDOD LEAKS HIGHLY SENSITIVE TRANSUNION DATA
Researchers from vx-underground reported that FBI hacker ‘USDoD‘ leaked sensitive data from consumer credit reporting agency TransUnion.
RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13
Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts.
TWO FLAWS IN LINUX UBUNTU AFFECT 40% OF UBUNTU USERS
Wiz researchers discovered two Linux vulnerabilities in the Ubuntu kernel that can allow an unprivileged local user to gain elevated privileges.
TWO SPYWARE SENDING DATA OF MORE THAN 1.5M USERS TO CHINA WERE FOUND IN GOOGLE PLAY STORE
Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China.
DARKBEAM LEAKS BILLIONS OF EMAIL AND PASSWORD COMBINATIONS
DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches.
PII BELONGING TO INDIAN CITIZENS, INCLUDING THEIR AADHAAR IDS, OFFERED FOR SALE ON THE DARK WEB
Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web.
A FLAW IN SYNOLOGY DISKSTATION MANAGER ALLOWS ADMIN ACCOUNT TAKEOVER
A vulnerability in Synology DiskStation Manager (DSM) could be exploited to decipher an administrator’s password.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories)