While the world was preoccupied with the Yahoo hack and the cyberattacks revolving around the US elections as well as their possible connection to Russian interference, cyberspace experienced many onslaughts.
Amid WikiLeaks' much publicised Podesta email dumps and the White House officially pointing the finger at Russia, a nuclear plant was hacked, several undisclosed zero days were attacked and patched and more such noteworthy incidences took place.
Here are the Top 5 cybersecurity news that you may have missed in recent weeks:-
Over 58 million customer records stolen in what may be the 9th largest data breach
A hacker going by the pseudonym 0x2Taylor claimed responsibility of having hacked into an unsecured database run by US-based data storage firm Modern Business Systems (MBS). Over 58 million customer records were leaked online, however security researchers speculate that the hacker may be in possession of more data, which could be released in the future.
According to breach notification site, haveibeenpwned.com, this may be the 9th largest data breach, however there has been no confirmation from MBS as of yet and the data leaked is yet to be verified by researchers, especially since the MongoDB operated database has since been secured by the firm.
A nuclear power plant was disrupted by a malicious hack
The director of the International Atomic Energy Agency, Yukiya Amano, revealed that an unnamed nuclear power plant was targeted with a malicious cyberattack in the past two or three years. Declining to provide further information about the incident, the head of the UN nuclear watchdog told Reutersthat while the hack resulted in the nuclear plant being disrupted, it did not completely shut down the facility.
"This actually happened and it caused some problems," Amano said. "This issue of cyber attacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything or if it's the tip of the iceberg."
Hacktivist group RedHack beat Turkey at its censorship game
Turkey imposed a nationwide blockon prominent technology and cloud service providers such as Google, Microsoft and Dropbox, among others, in efforts to restrict the spread of leaked emails from high-ranking government officials. The leaked emails allegedly originated from Turkey's minister of energy and natural resources, Berat Albayrak, who is also the son-in-law of Turkey's president, Recep Tayyip Erdogan.
However, according to a report by the Daily Dot, RedHack anticipated just such a move and uploaded the torrent file of the stolen data to GitHub. Despite Turkey's 18-hour long block on GitHub, the content uploaded by RedHack remained virtually undisturbed. Additionally, throughout the block, RedHat continued sharing the torrent file.
Five undisclosed zero day vulnerabilities were patched by Microsoft
Microsoft successfully patched five previously undisclosed zero day vulnerabilities, four of which were found being actively exploited in the wild by malicious entities. The zero days were found affecting Internet Explorer, Edge, Windows and Office products. Microsoft's latest security update also marked the first time that the tech giant issued out security updates for older Windows versions, including Windows 7 and 8, and Windows Server 2008 and 2012, as a comprehensive security and feature update.
Botnet that facilitated the largest DDoS attack ever now freely available
The Mirai botnet, which was responsible to facilitating the largest recorded DDoS attack and which took down security investigator Brian Krebs' website for weeks is now available freely for anyone to exploit. The source code to the Mirai botnet was released by a hacker going by the pseudonym 'Anna-senpai'. The hacker even posted a tutorial no how to set up the botnet on the popular online hacker community HackForums.net.