A post on the English-language cybercriminal forum RaidForums has leaked about 3.27 billion stolen user credentials comprising cleartext email addresses and passwords, Threatpost reports. The post was made by user Singularity0x01 and was titled “Compilation of Many Breaches (COMB) 3.8Billion (Public),” according to Digital Shadows cyberthreat intelligence analyst Ivan Righi. Dustin Warren, a researcher at SpyCloud, said that a check of the data revealed most of it had already been accessible on the Dark Web for some time, and appears to include parts of information leaked in previous collections from 2016 and 2019, with some modifications for ease of use. However, threat actors may still use those old credentials to mount brute-force or credential-stuffing attacks, Warren notes. The leak was not received positively because of its poor quality and corruption of some files, and Singularity0x01 took a negative hit in popularity before being banned from the forums for “leaking hidden content,” Righi reports.
Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.
Brunei, Indonesia, and Vietnam had their education, government, and military organizations targeted by the advanced persistent threat group Dark Pink, which has been ramping up attacks this year, BleepingComputer reports.
Officials, journalists, and activists across Armenia were reported by Access Now, Citizen Lab, Amnesty International, CyberHUB-AM, and independent researcher Ruben Muradyan to have been targeted in at least 12 instances with the NSO Group's Pegasus spyware, Reuters reports.