Security News
Money Lover is a finance app allowing users to manage their expenses and budgets that has been downloaded five million times on the Play Store, with the app also available for iOS and Windows. Money Lover allows users to create "Shared wallets" with specific users, like family members or coworkers, to log transactions to collaborate in expense logging and monitoring.
Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency's Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33," Qihoo Netlab 360's Alex Turing and Hui Wang said in a technical write-up published last week.
Twitter on Wednesday said that its investigation found "No evidence" that users' data sold online was obtained by exploiting any security vulnerabilities in its systems. "Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems," the company said in a statement.
Twitter finally addressed reports that a dataset of email addresses linked to hundreds of millions of Twitter users was leaked and put up for sale online, saying that it found no evidence the data was obtained by exploiting a vulnerability in its systems. "In response to recent media reports of Twitter users' data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems," the company said.
Since July 22nd, 2022, threat actors and data breach collectors have been selling and circulating large data sets of scraped Twitter user profiles containing both private and public data on various online hacker forums and cybercrime marketplaces. These data sets were created in 2021 by exploiting a Twitter API vulnerability that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID. The threat actors then used another API to scrape the public Twitter data for the ID and combined this public data with private email addresses/phone numbers to create profiles of Twitter users.
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data allegedly stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches.
A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. Ukasz Siewierski, a member of Google's Android Security Team, has a post on the Android Partner Vulnerability Initiative issue tracker detailing leaked platform certificate keys that are actively being used to sign malware.
Australian health insurer Medibank's prognosis following an October data breach keeps getting worse as criminals dumped another batch of stolen customer data on the dark web. Medibank said it's still analyzing the leaked data, which includes six "Sipped files in a folder called 'full' containing the raw data that we believed the criminal stole."
Australian health insurance provider Medibank has confirmed that another batch of the customer data stolen in the recent breach has been leaked. Medibank is making an effort to minimize the bad news, somewhat, by saying that much the data leaked is incomplete and hard to understand.
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Last July, a threat actor began selling the private information of over 5.4 million Twitter users on a hacking forum for $30,000.