Forever 21 Data Breach Alert!

Sep 01 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that wishes judges would throw the book at cyber criminals like they did the nutters who stormed the U.S Capitol ๐Ÿ˜ฒ #17years #ProudBoys #Jan6

Itโ€™s Friday, folks, which can only mean one thingโ€ฆ Itโ€™s time for our weekly segment!!!

It goes by many names. Patch of the Week, Tweak of the week. Okay, thatโ€™s it.

Congrats, the cybercriminals are no matchโ€ฆ for your patch! Check out these freshly hatched patches!! ๐Ÿฉน๐Ÿฉน๐Ÿฉน

๐Ÿ“ฃ Netgear Releases Patches for High-Sev Vulnerabilities! ๐Ÿš€

Netgear, the network hardware giant, has just unveiled crucial updates to address two high-severity vulnerabilities ๐Ÿ›ก๏ธ affecting their router model and network management software. Here's the scoop:

1๏ธโƒฃ CVE-2023-41183: This vulnerability allows hackers to access Netgearโ€™s Orbi 760 routers without authentication. ๐Ÿ˜ฑ The issue lies in the Simple Object Access Protocol (SOAP) API settings, lacking proper identity confirmation. It scores 8.8 on the CVSS scale, but don't fret โ€“ Netgear has already released a patch! ๐Ÿ™Œ They strongly advise downloading the latest firmware ASAP for your safety.

2๏ธโƒฃ CVE-2023-41182: This vulnerability affects Netgearโ€™s network management system ProSAFE. While it requires authentication, crafty hackers can bypass it to run their own code. It has a CVSS score of 7.2, but, guess what? Netgear patched it in the latest ProSAFE version! ๐ŸŽ‰

The good news? No reports of these vulnerabilities being exploited in the wild. Phew! ๐ŸŒ

Netgear, known for its top-notch networking equipment, wants you to stay secure. So, heed their advice and update your devices pronto! ๐Ÿ”’

Fun fact: As of 2023, Netgear boasts over 800,000 paid subscribers! ๐ŸŒ

Remember, staying updated keeps the cyber baddies at bay. ๐Ÿฆนโ€โ™‚๏ธ๐Ÿ’ป Stay safe, techies! โœจ

Now, on to todayโ€™s hottest cybersecurity stories:

  • ๐Ÿช Forever 21 breach leaks the personal details of 1/2 million plus customers ๐Ÿ‘ค

  • ๐Ÿ›๏ธ National SAFETY Council leaks 1000s of logins, passwords from NASA, Tesla ๐Ÿš€

  • ๐Ÿ’Ž Introducing SapphireStealer malware: a ransomware & espionage extravaganza ๐ŸŽ‰

Hackers: I got Forever 21 records to go, I got 21 seconds to go ๐ŸŽถ๐Ÿ˜‚

๐Ÿšจ Forever 21 Data Breach Alert! ๐Ÿ“ข

On August 29, 2023, Forever 21 reported a significant data breach to the Attorney General of Maine, affecting a staggering 539,000 individuals. ๐Ÿ˜จ This breach exposed sensitive information, including names and Social Security numbers, to unauthorised parties. ๐Ÿ˜ฑ

If you've received a breach notification from Forever 21, it's crucial to grasp the risks and take action. Cybercriminals often target Social Security numbers for identity theft and fraud. Consult a data breach lawyer to explore how to protect yourself and your legal options following this incident. Check out our recent article for more details. ๐Ÿ›ก๏ธ

๐Ÿ” What Caused the Breach?

The breach came to light on August 4, 2023, when Forever 21 identified a cybersecurity concern. An investigation revealed unauthorised access to confidential data from January 5, 2023, to March 21, 2023. ๐Ÿ˜“

Forever 21 has notified affected individuals with data breach letters, outlining the compromised information. If you're unsure about what data was exposed, these letters should provide clarity. ๐Ÿ’Œ

โ„น๏ธ About Forever 21

Founded in 1984, Forever 21 is a prominent fashion retailer headquartered in Los Angeles, California. With 540+ stores in the US and abroad, it generates approximately $6.9 billion in annual revenue and employs over 32,800 people. ๐Ÿ›๏ธ

Stay vigilant and protect your identity! ๐Ÿ”’

I came across ZZZ money club during the crypto market bull run when everyoneโ€™s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

Safety first! ๐Ÿ™ƒ๐Ÿ™ˆ๐Ÿ’€

๐Ÿšจ National Safety Council Data Leak Alert! ๐Ÿ“ข

In an ironic twist of fate, the National Safety Council (NSC) accidentally spilled the beans on nearly 10,000 emails and passwords of their members, unveiling a whopping 2000 companies, including big shots like NASA and Tesla! ๐Ÿ˜ฑ

๐Ÿ”’ What Went Down?

The NSC, a US non-profit dedicated to safety training, left their website vulnerable for five whole months. ๐Ÿ˜ฌ Cybernews investigators uncovered public access to directories, laying bare thousands of credentials.

๐Ÿข Who's Affected?

The fallout reaches far and wide, touching major players across industries:

๐Ÿ’ก Fossil Fuel Giants: Shell, BP, Exxon, Chevron

๐Ÿ“ฑ Electronics Manufacturers: Siemens, Intel, HP, Dell, IBM, AMD

โœˆ๏ธ Aerospace Companies: Boeing, FAA

๐Ÿ’Š Pharmaceutical Companies: Pfizer, Eli Lilly

๐Ÿš— Car Manufacturers: Ford, Toyota, Volkswagen, Tesla

๐Ÿ›๏ธ Government Entities: DOJ, US Navy, FBI, NASA, OSHA

๐ŸŒ Internet Service Providers: Verizon, ATT, Comcast

๐Ÿ“ฆ Others: Amazon, Home Depot, Coca-Cola, UPS

These firms likely used NSC for training or events, but their info was exposed! ๐Ÿ˜ฎ

๐Ÿ›ก๏ธ The Risks?

This breach endangered not just NSC but also the companies they served. Leaked data could fuel "credential stuffing" attacks, infiltrating corporate networks and potentially unleashing ransomware or data theft! ๐Ÿ˜จ

๐Ÿ” How It Happened

The flaw was discovered on March 7th when the Cybernews team spotted an NSC subdomain used for development. It publicly showcased web directories, even a database backup with user emails and hashed passwords! ๐Ÿ˜ฌ The leak existed for five months before discovery.

๐Ÿ”’ Take Action!

With your email potentially out there, stay vigilant! Expect a rise in spam and phishing emails. Verify emails externally, and be cautious with links and attachments. ๐Ÿ“ง

๐Ÿ‘จโ€๐Ÿ’ป Learn from the Mistake

Developers: keep dev environments separate, and never host user data publicly. Basic security, folks! ๐Ÿ›ก๏ธ

Stay safe online, folks! ๐ŸŒ

๐Ÿ—ž๏ธ Extra, Extra! Read all about it! ๐Ÿ—ž๏ธ

Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ’ฐThe Crypto Nutshell: Crypto News & Expert Predictions all in a nutshell ๐Ÿ’ช

  • ๐Ÿ“ˆThe Breakthrough: Receive one idea, one question, and one exercise each week that could spark your next breakthrough.

  • โœˆ๏ธViaTravelers: Get exclusive travel tips, news, and insider deals right in your inbox.

Let us know what you think!

Forget RubyRobber & EmeraldExcavator, heres:

๐Ÿšจ SapphireStealer: The Information Stealer Malware You Need to Know About! ๐Ÿ•ต๏ธโ€โ™‚๏ธ

A new player in the cybercrime arena, SapphireStealer, is making waves. This open-source .NET-based malware is causing quite a stir, and here's what you need to know. ๐Ÿ”

๐ŸŒ The Threat Landscape

SapphireStealer is an information-stealing malware that's all the rage among various entities. It's a game-changer, capable of snatching sensitive info, especially corporate credentials. Cyber baddies can then use this stolen data for espionage, ransomware attacks, or other nefarious deeds. ๐Ÿ˜ˆ

๐Ÿ”„ The Cybercrime Ecosystem

SapphireStealer isn't alone in the world of cybercrime. A whole ecosystem has emerged, allowing both money-driven and nation-state actors to exploit stealer malware services. These tools not only bolster the cybercrime-as-a-service (CaaS) model but also provide opportunities to monetize stolen data through ransomware and other malicious activities. ๐Ÿ’ฐ

๐Ÿ” Stealing the Goods

SapphireStealer works like other sneaky stealer malware, snatching host info, browser data, files, screenshots, and then packaging it into a ZIP file sent via email. Crafty, right? ๐Ÿ˜ฑ

๐Ÿงฉ Source Code Free-for-All

What makes SapphireStealer particularly troubling is that its source code was released for free late last year. This means miscreants can tinker with it, making it tough to detect. They've even added new data exfiltration methods using Discord and Telegram. ๐Ÿ‘พ

๐Ÿ“ˆ Evolving Threat

This malware isn't static; it's evolving. Multiple variants are out there in the wild, getting better with time. ๐Ÿ˜ฎ Thereโ€™s the likes FUD-Loader and Agniane Stealer to contend with too. But those are stories for another day lolโ€ฆ

Thatโ€™s all for this week, folks. Have a good weekend and see you on Monday. Peace out โœŒ๏ธ

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles