Cyber Weekly Digest - Week #15


In this week's digest read about the latest cyber security stories, including how 533 million Facebook users' personal information was posted on a hacker forum, and attackers exploiting unpatched Fortinet devices with a new ransomware strain named Cring. Keep reading to get all the information you need.


1. 533 million Facebook users' phone numbers leaked on a hacker forum.

Perhaps the biggest story of 2021 is Facebook's data leak of 533 million Facebook users on a hacker forum. The data leaked is now accessible to anyone for under $3, or essentially free, and includes Facebook user mobile phone numbers, Facebook ID, name and gender information. Facebook has since released a public statement confirming what they believe to be the cause of the incident; the company states that the leak resulted from the bulk scraping of profiles using a large set of phone numbers linked to these profiles, rather than hacking the platform. Facebook still faces an investigation by some regulators in the European Union and could face fines over the incident. Ireland's Data Protection Commission (IDPC) is the first watchdog group to say it's looking into the matter because of its possible infringement of GDPR. It states that companies must disclose data breaches within a certain period of time or face penalties.


2. A wormable Android malware has been discovered in an app that disguises itself as a legitimate Netflix application.

Researchers have found a fraudulent app that promises global "unlimited entertainment" and two months of a premium Netflix subscription for free due to the pandemic. According to the researchers, the malware can propagate further via malicious links, steal WhatsApp conversation data, and spread false information or harmful content through the messaging service when installed on Android devices. Approximately 500 victims were claimed by FlixOnline before detection, over a period of roughly two months, and it is likely the malware will appear again.


3. Attackers are exploiting unpatched Fortinet VPN devices with a new ransomware strain named Cring.

Researchers say the attackers exploit an unpatched path-reversal flaw, tracked as CVE-2018-13379, in Fortinet's FortiOS. The goal is to gain access to victims enterprise networks and ultimately deliver ransomware. Industrial enterprises in Europe are the campaign's target, which forced a shutdown of industrial processes in at least one of its victims' networks. Cring is relatively new to the ransomwa