10B Passwords Pop Up on Dark Web 'RockYou2024' Release
Source: Dark Reading
The passwords, dumped on a cyber-underground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches. A user has leaked nearly 10 billion unique plaintext passwords on a popular hacking forum, seemingly obtained through several past breaches.
Advance Auto Parts data breach impacts 2.3 million people
Source: Bleeping Computer
Advance Auto Parts is sending data breach notifications to over 2.3 million people whose personal data was stolen in recent Snowflake data theft attacks. On June 5, 2024, a threat actor known as 'Sp1d3r' began selling a massive 3TB database allegedly containing 380 million Advance customer records.
Evolve Discloses That Hackers Stole Data of 7.6M Individuals
Source: Data Breach Today
Evolve Bank & Trust disclosed that hackers stole the data of more than 7.6 million individuals in an incident detected in May. The Arkansas firm has been in incident disclosure mode for weeks now, following Evolve's listing on the leak site of the Russian-speaking ransomware-as-a-service operation LockBit in late June.
Widely Used RADIUS Authentication Flaw Enables MITM Attacks
Source: Info Risk Today
Security researchers identified an attack method against a commonly used network authentication protocol that dates back the dial-up internet and relies on an obsolete hashing function.
Ransomware Surges Annually Despite Law Enforcement Takedowns
Source: Infosecurity Magazine
The number of successful ransomware attacks advertised on leak sites increased 9% year-on-year (YoY) in the first quarter of 2024 despite high-profile law enforcement disruption of major groups, Symantec has claimed.