Someone is combining information on Chinese citizens leaked in different data breaches into a single database, and has so far made more than 1.2 billion records.
This compilation of many breaches (COMB) contains plenty of sensitive user information, including phone numbers, postal addresses, ID card numbers, and more. Researchers claim they spotted an unprotected database on Elasticsearch, which was first set up in the final days of April 2024. By the end of next week, the database held 1,230,703,487 records, and continued to grow since.
Read more…
Source: MSN News
Related:
- Classified Japanese diplomatic info leaked after Chinese cyberattacks in 2020
February 5, 2024
Classified Japanese diplomatic information was leaked following Chinese cyberattacks on the Foreign Ministry in 2020, a government source said Monday, exposing the nation’s digital vulnerability. Japan detected the large-scale attack and release of diplomatic telegrams during a period of government under then Prime Minister Shinzo Abe, the source said, but the nature of the leaked information ...
- Philippines: Cyber attack on Overseas Workers Welfare Administration website foiled
February 3, 2024
The Department of Information and Communications Technology (DICT) has prevented a cyber attack aimed at taking down the website of the Overseas Workers Welfare Administration (OWWA). At the Saturday News Forum, DICT Undersecretary for Cybersecurity Jeff Ian Dy said the DICT was able to “defend” various web applications related to OWWA from cyber attacks. The DICT ...
- Volt Typhoon Actors Exploiting Insecure SOHO Routers
January 31, 2024
Threat actors—particularly the People’s Republic of China (PRC)—sponsored Volt Typhoon group—are compromising small office/home office (SOHO) routers by exploiting software defects that manufacturers must eliminate through secure software design and development. Specifically, Volt Typhoon actors are exploiting security defects in SOHO routers to use them as launching pads to further compromise U.S. critical infrastructure entities. CISA ...
- Blackwood APT Group Has a New DLL Loader
January 29, 2024
This week, the SonicWall Capture Labs threat research team analyzed a sample tied to the Blackwood APT group. This is a DLL that, when loaded onto a victim’s computer, will escalate privileges and attempt to install a backdoor for communications monitoring and diversion. It has evasive capabilities and, as of this writing, is targeting companies and ...
- Malicious ads for restricted messaging applications target Chinese users
January 25, 2024
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram or LINE with the intent of dropping malware. Interestingly, software like Telegram is heavily restricted and was previously banned in China. Many Google services, including Google search, are also either restricted or heavily censored in mainland ...
- Seoul’s spy agency accuses China of major cyber attacks
January 24, 2024
South Korean spy agency on Wednesday reported a significant uptick in attempts of cyber attacks by foreign sources last year, waged mainly by North Korea and China. Chinese attacks tended to inflict more severe damage than North Korean ones, despite the latter being more frequent. The National Intelligence Service said cyber attacks against the public sector ...