How to check if your info was exposed in the Facebook data leak

Bleeping Computer

Data breach notification service Have I Been Pwned can now be used to check if your personal information was exposed in yesterday’s Facebook data leak that contains the phone numbers and information for over 500 million users.

Yesterday, a threat actor released the personal information for 533,313,128 Facebook users on a hacking forum, including mobile numbers, name, gender, location, relationship status, occupation, date of birth, and email addresses.

This data was originally sold in private sales after being collected in 2019 using a bug in the ‘Add Friend’ feature on Facebook. Facebook had closed this vulnerability soon after it was discovered, but threat actors continued to circulate the data until it was finally released practically for free ($2.19) yesterday. 

Since then, Troy Hunt has added the leaked data to his Have I Been Pwned data breach notification service to help users determine if a Facebook member’s data was exposed in the leak.

Full article

Google: North Korean hackers target security researchers again

Bleeping Computer

Google’s Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts.

The hackers also created a website for a fake company named SecuriElite (located in Turkey) and supposedly offering offensive security services as the Google security team focused on hunting down state-backed hackers discovered on March 17.

All LinkedIn and Twitter accounts created by the North Korean hackers and associated with this new campaign were reported by Google and are now disabled.

Just as in the attacks detected during January 2021, this site was also hosting the attackers’ PGP public key, which was used as bait to infect security researchers with malware after triggering a browser exploit on opening the page.

Full article

New Android malware spies on you while posing as a System Update

Bleeping Computer

New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated.

The spyware can only be installed as a ‘System Update’ app available via third-party Android app stores as it was never available on Google’s Play Store.

This drastically limits the number of devices it can infect, given that most experienced users will most likely avoid installing it in the first place.

The malware also lacks a method to infect other Android devices on its own, adding to its limited spreading capabilities.

Full article

German Parliament targeted again by Russian state hackers

Bleeping Computer

Email accounts of multiple German Parliament members were targeted in a spearphishing attack. It is not yet known if any data was stolen during the incident.

The attack was carried out by sending phishing emails sent to the German politicians’ private emails, as Der Spiegel reported on Friday.

It is believed that the attackers were able to gain access to the email accounts of seven members of the German federal parliament (Bundestag) and 31 members of German regional parliaments.

Most parliament members targeted in this attack are part of the CDU/CSU and SPD governing parties.

A Bundestag spokesperson said that the attackers didn’t target the Bundestag’s network. After the attack was detected, all targeted parliament members were immediately notified.

Full article

Facebook blocks Chinese state hackers targeting Uyghur activists

Bleeping Computer

Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China.

They targeted activists, journalists, and dissidents, predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada, and other countries, Facebook’s Head of Cyber Espionage Investigations Mike Dvilyanski and Head of Security Policy Nathaniel Gleicher said.

This group used various cyber-espionage tactics to identify its targets and infect their devices with malware to enable surveillance.

Full article

Mozilla Firefox adopts new privacy-enhancing Referrer Policy

Bleeping Computer

Mozilla has announced that it will introduce a more privacy-focused default Referrer Policy to protect Firefox users’ privacy, starting with the web browser’s next version.

The new user privacy protection feature against accidental leaking of sensitive user data will be introduced in Firefox 87.

Once updated, the web browser will automatically trim user-sensitive information like path and query string information accessible from the Referrer URL.

This URL is sent together with the HTTP Referrer header between websites during subresources requests and navigating between sites by clicking on links.

Full article

DDoS booters now abuse DTLS servers to amplify attacks

Bleeping Computer

DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks.

DTLS is a UDP-based version of the Transport Layer Security (TLS) protocol that prevents eavesdropping and tampering in delay-sensitive apps and services.

Full article

Hacking group used 11 zero-days to attack Windows, iOS, Android users

Bleeping Computer

Project Zero, Google’s zero-day bug-hunting team, discovered a group of hackers that used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year.

The Project Zero team revealed that the hacking group behind these attacks ran two separate campaigns, in February and October 2020.

This month’s report showcases the use of seven zero-days after a previous one published in January showed how four zero-days were used together with n-day exploits to hack potential targets.

Just as before, the attackers used a couple of dozen websites hosting two exploit servers, each of them targeting iOS and Windows or Android users.

Full article

Facebook outage affecting WhatsApp, Messenger and Instagram

Bleeping Computer

Facebook services are currently experiencing issues around the world, with users unable to access Facebook, Messenger, WhatsApp, and Instagram.

When attempting to access Facebook services, users worldwide have stated that the application will display a continuous “Connecting” message. In BleepingComputer tests here in the USA and India, we confirmed the outage and are unable to connect to the messaging platforms.

According to reports, Messenger fails to connect with internet connection errors. On the other hand, WhatsApp is displaying a continuous “Connecting…” message.

According to DownDetector, Facebook services are currently experiencing an outage in the U.S, Asia, and other parts of the world.

It is not known if this is a planned maintenance activity or a problem with their servers.

Update: Facebook services are back online.

Full article