Daily Cyber Brief

FBI-Run InfraGard data for sale on Dark Web, FubotTV World cup streaming outage caused by a cyberattack, GitHub to require all users to enable 2FA by end of 2023, and API flaw in Lego marketplace...

Cybersecurity

Stolen Data on 80K+ Members of FBI-Run InfraGard Reportedly for Sale on Dark Web Forum

A hacker using the handle "USDoD" has reportedly stolen contact information on more than 80,000 members of an FBI-run program called InfraGard and put the information up for sale on an English-speaking Dark Web forum. The information the hacker accessed from…

FuboTV says World Cup streaming outage caused by a cyberattack

FuboTV has confirmed that a streaming outage preventing subscribers from watching the World Cup Qatar 2022 semifinal match between France and Morocco was caused by a cyberattack. At approximately 2 PM ET, as users were getting ready to watch the World Cup…

Hackers leak personal info allegedly stolen from 5.7M Gemini users

Gemini crypto exchange announced this week that customers were targeted in phishing campaigns after a threat actor collected their personal information from a third-party vendor. The notification comes after multiple posts on hacker forums seen by BleepingComputer…

GitHub to require all users to enable 2FA by the end of 2023

GitHub will require all users who contribute code on the platform to enable two-factor authentication (2FA) as an additional protection measure on their accounts by the end of 2023. Two-factor authentication increases the security of accounts by introducing an…

API Flaws in Lego Marketplace Put User Accounts, Data at Risk

API flaws in a widely used Lego online marketplace could have allowed attackers to take over user accounts, leak sensitive data stored on the platform, and even gain access to internal production data to compromise corporate services, researchers have found. Researchers from…

Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook

Facebook parent Meta will pay up to $300,000 to security researchers who report exploitable remote code execution (RCE) vulnerabilities in the Android and iOS versions of Facebook, Messenger, Instagram, and WhatsApp. The actual amount will vary depending on the…

NSA, CISA Warn Against Threats to 5G Network Slicing

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have unveiled new guidelines regarding the security risks associated with 5G network slicing and how to mitigate them. According to the document, a network slice is…

Hackers target Japanese politicians with new MirrorStealer malware

A hacking group tracked as MirrorFace has been targeting Japanese politicians for weeks before the House of Councilors election in July 2022, using a previously undocumented credentials stealer named ‘MirrorStealer.’ The campaign was discovered by ESET, whose…

Spyware and surveillance-for-hire industry ‘growing globally’: report

The spyware and surveillance-for-hire industry is “indiscriminately” targeting journalists, activists and political opposition, and growing on a global scale, the social media company Meta warned. In a new report published Thursday, the company said it has “continued to…

Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG

The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG. On Wednesday, the company announced that unauthorized access to a hosted Exchange service…

Daily Cyber Brief

FBI-Run InfraGard data for sale on Dark Web, FubotTV World cup streaming outage caused by a cyberattack, GitHub to require all users to enable 2FA by end of 2023, and API flaw in Lego marketplace...

Cybersecurity

Join the conversation

Overt Operator