An old leaked Facebook database is now freely available. APT scanning for vulnerable FortiOS systems. Emissions tester hacked.
Citing a Business Insider report, the Washington Post writes that 533 million Facebook users’ personal information was dumped over the weekend to a hacking forum. The data are old and the leak isn't new (Facebook detected and fixed it in August 2019) but the concern is that the information is now in the hands of criminal skids who'll be able to make a greater nuisance of themselves than usual.
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI jointly warned Friday that "Advanced Persistent Threat (APT) actors [are] devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks." The vulnerabilities affect Fortinet's FortiOS. Patches are available; so the actors are scanning for unpatched systems still susceptible to exploitation. The Advisory says it's possible that this activity represents staging for future data exfiltration or "data encryption" attempts. "APT actor" commonly refers to a state-directed threat group. The Record points out that Iranian and Chinese threat actors, MuddyWater and APT5 specifically, have a history of pursuing Fortinet bugs.
A cyberattack against vehicle emissions testing provider Applus Technologies, BleepingComputer reports, has disrupted emissions testing in eight US states. The problem is expected to continue through tomorrow at least (and possibly longer). Applus says it's working with law enforcement, but that it's too early to say more about the nature of the attack.
Gloss