CyberWeekly 12' Oct | Issue #9
Internet Archive breach exposed 31M users' data, Microsoft Patch Tuesday fixed critical flaws, Firefox zero-day patched, OpenAI blocked AI misuse, education cyber threats rise.
Internet Archive’s Wayback Machine Breach: 31 Million Records Exposed
The Internet Archive's Wayback Machine has suffered a major data breach, exposing the personal details of 31 million registered users.
The breach was discovered when a threat actor compromised the website and stole an SQL authentication database containing sensitive user data, including email addresses, usernames, Bcrypt-hashed passwords, password change timestamps, and internal metadata.
The stolen database, named "ia_users.sql" and totaling 6.4GB, was shared with Troy Hunt, the creator of the Have I Been Pwned (HIBP) data breach notification service.
Hunt verified the authenticity of the stolen data by contacting affected users, including cybersecurity expert Scott Helme.
The breach includes records as recent as September 28, 2024, likely marking the date of the attack. The data is set to be added to HIBP, where users can check if their email address was involved in the breach.
In addition to the breach, the Internet Archive faced a DDoS attack orchestrated by the hacktivist group BlackMeta. This group has claimed responsibility for the ongoing disruptions and hinted at further attacks targeting the Internet Archive.
With the compromised data now confirmed, users are advised to immediately change their passwords, especially if they reused them across other services. Although Bcrypt is a robust hashing algorithm, weak passwords may still be at risk of being cracked. Additionally, users can visit HIBP to check whether their data was compromised in the breach.
Despite the breach and Hunt’s efforts to reach out, there has been no formal response from the Internet Archive about the incident, nor any notifications to affected users.
OpenAI Observes and Bans Threat Actors
In a recent report, OpenAI outlined its efforts to detect and block malicious use of its AI models by threat actors, including state-affiliated hackers. The report describes how attackers used ChatGPT for various illicit activities—from debugging malware to creating phishing lures targeting government employees.
In some cases, hackers used AI to generate disinformation for fake social media personas, and even sought information on vulnerabilities within the infrastructure of major companies, including a prominent car manufacturer.
OpenAI’s response included banning bad actors, monitoring policy violations, and refining its models to block harmful prompts. The company noted that while its models don't introduce new hacking capabilities, they can provide "shortcuts" for bad actors.
OpenAI stressed the importance of building "multi-layered defenses" and collaborating with the wider security community to prevent AI abuse.
Microsoft Patch Tuesday: October 2024
This month's Patch Tuesday from Microsoft addressed nearly 120 security vulnerabilities, including two that are already being actively exploited.
The most severe is a remote code execution flaw (CVE-2024-43572) in Microsoft Management Console, which could allow attackers to execute malicious code remotely.
The other is a spoofing vulnerability in Windows MSHTML (CVE-2024-43573), affecting how certain web content is displayed and allowing attackers to potentially deceive users with spoofed information.
Aside from these, Microsoft also rolled out patches for Office, Azure, .Net, Visual Studio, and Windows Hyper-V, among others.
Chrome/Chromium and macOS 15.0.1 users should also update to address other significant security flaws.
This month’s updates span across widely used services, so it’s essential to patch these systems promptly to minimize the risk of exploitation.
Firefox Patch Blocks Actively Exploited Zero-Day
Mozilla rolled out emergency patches for Firefox and Firefox ESR to fix a critical use-after-free vulnerability (CVE-2024-9680) in animation timelines, which is already being exploited in the wild.
This flaw, with a CVSS score of 9.8, could allow attackers to crash or take control of affected systems. The update impacts Firefox 131.0.2 and multiple ESR versions, prompting cybersecurity agencies in Canada, Italy, and the Netherlands to issue advisories.
If you’re using Firefox, a simple restart will apply the necessary updates. Enterprise environments using Firefox ESR need to push the latest versions (ESR 115.16.1 and ESR 128.3.1). Consider upgrading to ESR 128 as older versions may soon lose support, which increases exposure to potential threats.
Education Sector Faces Growing Cyber Threats
Educational institutions are increasingly vulnerable to cyberattacks, ranking as the third most-targeted industry, according to a new Microsoft Threat Intelligence report.
The report highlights several factors making the sector an easy target: massive user diversity, widespread BYOD (bring your own device) policies, and unsecured personal networks. These environments also handle valuable intellectual property and sensitive data, making them attractive to attackers.
Additionally, QR code phishing and unsecured email systems further compound risks. Higher education institutions are especially vulnerable, acting as de facto CEOs of organizations that span healthcare, housing, and financial services, while also overseeing critical research connected to government and defense.
Microsoft’s report stresses that defense against these threats requires more than just better technology—cyber hygiene, user awareness, and strong authentication practices are essential.
Some universities are turning the tide by developing their own Security Operations Centers (SOCs), often staffed by students, providing both real-world cybersecurity experience and bolstering institutional defenses.
Sponsored
How To Learn Malware Analysis For Beginners
#1 Learn Scripting Languages (1-2 months)
#2 Learn Basics Of Reverse Engineering (2-4 months)
#3 Setup Your Virtual Machine (3 days)
#4 Learn Basics Of Malware Analysis Tools (1 months)
#5 Study Malware Detection and Evasion Techniques (1 month)
#6 Use Online Analysis Tools (few days)
#7 Learn Malware Analysis by Practicing (2 months)
#8 Become a Malware Analysis Expert (2-3 years full time)
Link: https://guidedhacking.com/forums/malware-analysis-tutorials.525/
Without the sponsors and partners, hacklido wouldn't be where it is now, So we would like to thank them.
Sponsors:
Community Partners:
If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via email@hacklido.com to discuss with us!