dropbox | Breaking Cybersecurity News | The Hacker News

Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind . The activity, detected between July and October 2023, has been  attributed  by Proofpoint to a threat actor it tracks under the name  TA402 , which is also known as Molerats, Gaza Cyber Gang, and shares  tactical overlaps  with a pro-Hamas hacking crew known as  APT-C-23  (aka Arid Viper). "When it comes to state-aligned threat actors, North Korea, Russia, China, and Iran generally reap the lion's share of attention," Joshua Miller, senior threat researcher at Proofpoint, said in a statement shared with The Hacker News. "But TA402, a Middle Eastern advanced persistent threat (APT) group that historically has operated in the interests of the Palestinian Territories, has consistently proven to be an intriguing threat actor capable of highly sophisticated cyber espionage with a focus on intelligence collection

A recently discovered cyber espionage group dubbed  Worok  has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to facilitate information theft. "What is noteworthy is data collection from victims' machines using Dropbox repository, as well as attackers using Dropbox API for communication with the final stage," the company  said . The development comes a little over two months after ESET disclosed details of attacks carried out by  Worok  against high-profile companies and local governments located in Asia and Africa. Worok is believed to share tactical overlaps with a Chinese threat actor tracked as  TA428 . The Slovak cybersecurity company also documented Worok's compromise sequence, which makes use of a C++-based loader called CLRLoad to pave the way for an unknown PowerS

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub. "These repositories included our own copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team," the company  revealed  in an advisory. The breach resulted in the access of some API keys used by Dropbox developers as well as "a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors." It, however, stressed that the repositories did not contain source code related to its core apps or infrastructure. Dropbox, which offers cloud storage, data backup, and document signing services, among others, has over 17.37 million paying users and 700 million registered users as of  August 2022 . The di

The Russian state-sponsored hacking collective known as APT29 has been attributed to a new phishing campaign that takes advantage of legitimate cloud services like Google Drive and Dropbox to deliver malicious payloads on compromised systems. "These campaigns are believed to have targeted several Western diplomatic missions between May and June 2022," Palo Alto Networks Unit 42  said  in a Tuesday report. "The lures included in these campaigns suggest targeting of a foreign embassy in Portugal as well as a foreign embassy in Brazil." APT29, also tracked under the monikers Cozy Bear, Cloaked Ursa, or The Dukes, has been characterized as an organized cyberespionage group working to collect intelligence that aligns with Russia's strategic objectives. Some aspects of the advanced persistent threat's activities, including the infamous  SolarWinds supply chain attack  of 2020, are separately tracked by Microsoft under the name Nobelium, with Mandiant calling i

Earlier this week Dropbox team unveiled details of three critical vulnerabilities in Apple macOS operating system, which altogether could allow a remote attacker to execute malicious code on a targeted Mac computer just by convincing a victim into visiting a malicious web page. The reported vulnerabilities were originally discovered by Syndis , a cybersecurity firm hired by Dropbox to conduct simulated penetration testing attacks as Red Team on the company's IT infrastructure, including Apple software used by Dropbox . The vulnerabilities were discovered and disclosed to Apple security team in February this year, which were then patched by Apple just over one month later with the release of its  March security updates . DropBox applauded Apple for its quick response to its bug report. According to DropBox, the vulnerabilities discovered by Syndis didn't just affect its macOS fleet, but also affected all Safari users running the latest version of the web browser and op

Over a month ago, The Hacker News reported about the Dropbox Hack , where hackers had managed to steal more than 68 Million Dropbox accounts in a data breach that was initially disclosed by the online cloud storage platform in 2012. Although the initial announcement failed to reveal the true scale of the data breach, it was in late August when the breach notification service LeakBase obtained files containing details on over 68 million accounts, which contains email addresses and hashed passwords for Dropbox users. Last month, a hacker was selling this Dropbox data dump on a Dark Web marketplace known as TheRealDeal for around $1200 . However, Motherboard recently discovered that a researcher has just uploaded the full dump of hacked Dropbox database online. Download DropBox Data Dump Here: Thomas White, known online as The Cthulhu, uploaded Monday the full Dropbox data dump onto his website in a move, as he claims, to help security researchers examine the data breach.

Hackers have obtained credentials for more than 68 Million accounts for online cloud storage platform Dropbox from a known 2012 data breach. Dropbox has confirmed the breach and already notified its customers of a potential forced password resets, though the initial announcement failed to specify the exact number of affected users. However, in a selection of files obtained through sources in the database trading community and breach notification service Leakbase , Motherboard found around 5GB of files containing details on 68,680,741 accounts, which includes email addresses and hashed (and salted) passwords for Dropbox users. An unnamed Dropbox employee verified the legitimacy of the data. Out of 68 Million, almost 32 Million passwords are secured using the strong hashing function " BCrypt , " making difficult for hackers to obtain users' actual passwords, while the rest of the passwords are hashed with the SHA-1 hashing algorithm . These password hashes als

Internet users have faced a number of major privacy breaches in last two months. Major in the list are The Fappening , The Snappening and now the latest privacy breach in Dropbox security has gained everybody's attention across the world. Dropbox , the popular online locker service, appears to have been hacked by an unnamed hacker group. It is still unclear how the account details of so many users were accessed and, indeed, if they are actually legitimate or not. However, the group claims to have accessed details from nearly 7 million individual accounts and are threatening to release users' photos, videos and other files. HACKERS CLAIMED TO RELEASE 7 MILLION USERS' PERSONAL DATA A thread surfaced on Reddit today that include links to files containing hundreds of usernames and passwords for Dropbox accounts in plain text. Also a series of posts with hundreds of alleged usernames and passwords for Dropbox accounts have been made to Pastebin, an anonymous information-sha

The 31-year-old former US National Security Agency (NSA) contractor Edward Snowden has warned that during surveillance, among other things, NSA system administrators also intercepted and routinely passed the photos of people in "sexually compromising" situations among other NSA employees. In a video interview, NSA whistleblower speaks with the Guardian editor-in-chief Alan Rusbridger and reporter Ewen MacAskill in Moscow, which was then published by the Guardian on Thursday. WOOOH!! ATTRACTIVE NUDIE PICS - PASS IT ON TO BILL TOO " You've got young enlisted guys, 18 to 22 years old. They've suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records, " he said in the video interview. " During the course of their daily work they stumble upon something that is completely unrelated to their work in any sort of necessary sense – for example, an intimate photo of someone o

Italian Researcher Michele Spagnuolo recently revealed a serious vulnerability in the popular Mailbox iPhone app . Mailbox is a tidy iOS the email app recently purchased by Dropbox , has a pretty wide-open hole that could allow bad actors to hijack your device. The flaw occurs in the latest version of Mailbox (1.6.2) currently available from the App Store, that  executes any Javascript which is present in the body of HTML emails. With exploitation of this vulnerability, users could be subject to account hijacking, spam and phishing attacks by simply opening an HTML email containing embedded javascript. You can see a video demonstration below: The good news is that the problem is probably not as bad as it looks, because iOS is tightly sandboxed, its security features are built with this functionality in mind and normally do not allow any potentially harmful operation to take place without the user's permission. Mailbox's statement on this issue, &quo

Q-CERT team found a critical vulnerability that allows the attacker to bypass the two-factor authentication in the most popular file sharing service ' DropBox '. Two Factor Authentication is an extra layer of security that is known as " multi factor authentication " that requires not only a password and username but also a unique code that only user can get via SMS or Call. Zouheir Abdallah demonstrated , if an attacker already knows the username and password of the victim's Dropbox account, which is protected by two-factor authentication, it is still possible to hack that Dropbox account using following explained technique. DropBox does not verify the authenticity of the email addresses used to Sign up a new account, so to exploit this flaw hacker just need to create a new fake account similar to the target's account and append a dot (.) anywhere in the email address. In Next step, enable 2-factor authentication for the fake account, and save the emerg

A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you're using. Whether you're using a PC, laptop, tablet, smartphone, television, or video game console, everything now connected to Cloud Storage and always in sync. But there is a limitation, that smartphones can essentially remember deleted information, which poses a huge risk to organizations that issue smartphones to employees and to organizations that don't explicitly disable the use of personal devices for work-related computing. Researchers at the University of Glasgow found that cloud storage apps that say they send files to the cloud also leave retrievable versions of files on the devices. They  tested some cloud-based file storage systems tested included Box, Dropbox and SugarSync on HTC Desire, running Android 2.1, and an iPhone 3S running iOS 3. They found tha