Cyber Security Today, August 16, 2023 – Discord.io database of 760,000 up for sale, LinkedIn under attack and more MOVEit victims

Share post:

A Discord.io database of 760,000 users is up for sale, LinkedIn users under attack and more MOVEit victims.

Welcome to Cyber Security Today. It’s Wednesday, August 16th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The operators of the independent Discord.io platform, which allows users to create custom invites to the Discord instant messaging service, have confirmed its member database was stolen. This comes after someone posted the data of 760,000 Discord.io users for sale on a darknet forum. In response Discord revoked the authentication tokens of Discord.io users. They will have to re-authenticate with new passwords and enable multifactor authentication. Discord.io says it believes the breach was caused by a vulnerability in its website code, allowing an attacker to copy the database. The data includes subscribers’ Discord user names and email addresses. Discord.io is overhauling its website code and security practices. Meanwhile, it is offline.

Recently locked out of your LinkedIn account? You’re not alone. According to researchers at Cyberint, a threat actor is successfully compromising and taking over LinkedIn accounts around the world. Some victims are being pressured into paying a fee to get their access back. The report doesn’t say exactly how accounts are compromised. Likely they are using brute-force password attacks. If they try to get around two-factor authentication the account is frozen until the real owner can verify their identity. However, if the attacker takes control over the account the real owner can’t do anything. The report notes that compromised accounts can be used for phishing or scams. If you still have access to your account make sure contact information hasn’t been changed and your password is long and unique. And for heaven’s sake if you haven’t enabled two-factor authentication do it now.

More American organizations indirectly hit by the vulnerability in MOVEit file transfer servers are emerging. VNS Health Plans, which offers home, behavioural and hospice healthcare services in New York state, has admitted that data on over 103,000 patients was copied when the MOVEit server of a claims processor it uses called TMG Health was hacked. TMG Health is owned by the professional IT services company Cognizant. Files copied included people’s names, addresses, date of birth, social security number, medical claims information and more.

Banco Popular de Puerto Rico says over 82,000 of its customers had their data copied when the MOVEit server of accounting firm PwC was compromised. Information included names, social security numbers and mortgage information.

Milliman Inc., which provides administrative services for employee benefit and pension plans, says data on over 44,000 of its customers was copied when the MOVEit servers of Pension Benefit Information was hacked. I’ve mentioned before that several organizations using PBI for data processing have admitted been victimized when that company’s MOVEit server was compromised.

One of them is New York Live Insurance, which last week said data on over 25,000 customers was copied as part of the PBI hack.

Information about the hackers on your network may be closer than you think. Researchers at Hudson Rock analyzed 14.5 million computers infected with information-stealing malware and found 120,000 of them had credentials associated with cybercrime forums. That could help identify the real identities of hackers. It also means many of the computers used by hackers are also infected with information-stealing malware. This type of malware looks for saved credentials, data used to auto-complete forms and credit card information. The most common information-stealing malware are Redline, Raccoon and Azorult [AZ-O-ROOLT].

Speaking of the Raccoon stealer, after the person responsible for the malware’s infrastructure was arrested in October the gang decided to rebuild their operation. According to researchers at VX-Underground and Cyberint, after a six-month hiatus they are back. New features for the threat actor customers using this malware-as-a-service have been added, including the ability to block IP addresses used by security pros to monitor Raccoon traffic.

Network administrators with Citrix Netscaler application delivery controllers on their networks are urged to install a security update if they haven’t done so already. The patch has been available for almost a month. According to researchers at NCC Group, as of Monday just over 1,800 devices around the world were still compromised.

Finally, on Monday’s podcast I complained that there were no details on an announced Canadian government consultation to develop a voluntary code of practice for companies in this country using generative artificial intelligence applications. Yesterday I heard back from the Innovation department with a few things: There will be a roundtable discussion process before September 14th. It will hear from experts, academics, Canadian AI research institutes and public groups. Details on how to participate will be released shortly.

Separately, at some point witnesses will be invited to testify about the government’s proposed Artificial Intelligence Data Act.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, August 16, 2023 – Discord.io database of 760,000 up for sale, LinkedIn under attack and more MOVEit victims first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Times up for TikTok. Or is it? Hashtag Trending for Thursday April 25, 2024

Times up for TikTok – or is it? A whirlwind of news in AI this week. And an...

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Pushing back against rising cloud costs: Hashtag Trending for Wednesday, April 24, 2024

Pushing back against rising cloud costs – one CEO make big savings, Microsoft makes it clear that it...

Digital humans make inroads into customer service: Hashtag Trending for Tuesday, April 23, 2024

Before we get to our stories, coincidentally leading with one on digital humans used in customer service, we...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways