Passwords and other credentials have been listed on Have I Been Pwned as attack rumors circulate. A database containing credentials from more than 26 million LiveJournal accounts has been leaked online and is being sold on the Dark Web and hacker forums. The data contained in the files appears to be from a 2014 incident in which 33 million accounts were hacked, according to a published report. Though rumors of that breach have been in circulation for a couple of years – and there is some debate over when it actually occurred – the incident was never officially confirmed by LiveJournal, sources said.
Turla Hacker Group Continues to Innovate and Stun Security Researchers
Turla, which is widely believed to be a Russian state-sponsored hacker group, is known for using innovative methods for developing and distributing malware for its espionage campaigns. Recently, it was observed using common technologies like Gmail and errors in HTTP protocols for controlling its malware.
German Government Urges iOS Users to Patch Critical Mail App Flaws
According to ZecOps, there are two vulnerabilities that were firstly triggered in October 2010 and are still affecting all devices running iOS. Recently, a series of ongoing remote attacks were seen targeting iOS users using these two zero-click security vulnerabilities, affecting iPhone and iPad devices since at least January 2018.
Attackers managed to compromise NTT Communication’s Active Directory server and a construction information management server. Japan-based systems integrator NTT Communications has disclosed a recent data breach that it said impacted hundreds of customers. The total affected comes to as many as 621 customers, the company said, but security experts worry about the impacts of the data breach due to the company’s positioning as a systems integrator, which could create widespread ramifications for its supply-chain partners. NTT Communications is a subsidiary of Fortune 500 company Nippon Telegraph and Telephone Corp., the largest telecommunications company in Japan (and one of the largest worldwide).
The Russia-linked APT group Sandworm has been spotted exploiting a vulnerability in the internet’s top email server software, according to the National Security Agency (NSA). The bug exists in the Exim Mail Transfer Agent (MTA) software, an open-source offering used on Linux and Unix-like systems. It essentially receives, routes and delivers email messages from local users and remote hosts. Exim is the default MTA included on some Linux distros like Debian and Red Hat, and Exim-based mail servers in general run almost 57 percent of the internet’s email servers, according to a survey last year.