ICYMI: Dropbox, Minecraft fans, malicious SSL attacks, voter databases breached
This Week: Dropbox data dump, Minecraft fansite data dump, one click iOS exploitation, more encryption means more cyber-attacks and two the voter databases of two separate US states get breached by hackers
Millions affected by Dropbox breach - but is it a scam?
68 million Dropbox customers have had their account details leaked online. The breach happened back in 2012, but at the time the company said that no user accounts were compromised.
This was proven dead wrong when millions of those dropbox accounts resurfaced on the breach notification website Leakbase
The company informed its customers via email earlier this week that those who haven't already changed their passwords should do so.
Three critical vulnerabilities have been found, forming an attack chain that could allow access to iOS with just one click.
The vulnerabilities were discovered when a UAE human rights activist received several suspicious texts and forwarded them on to CitizenLab.
From there, CitizenLab found Pegasus, a highly sophisticated piece of mobile spyware which allows an attacker to exploit iOS using several zero days.
The details of 71,000 members of a Minecraft fan site have been leaked online. The spoils include passwords, emails and IP addresses. Security researcher extraordinaire, Troy Hunt, famous for hacking a nissan leaf from across the world and getting the first look at the infamous VTech hack, announced the leak on the Twitter account for his site, haveibeenpwned.com
A new report from A10 networks and Ponemon has shown that among the greater problems facing IT security professionals these days is that malware now hides itself within encrypted traffic. Nearly as many who voiced fears about that, added that their company was not prepared to deal with malicious SSL traffic.
A massive tranche of voter information may have been stolen by foreign hackers. The voter databases of two separate states were supposedly breached.
The revelation was uncovered by the FBI's cyber-division, following up suspicions that the Russian state was involved in the recent hack of the Democratic National Committee. While the FBI didn't identify the two states, others have reported the states to be Arizona and Illinois.