The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I\u2019m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any questions? Just ask.<\/p>\n
Recently, researchers found a WordPress plugin containing a backdoor<\/a> that could allow criminals to easily access any device on which the plugin is installed (at least 300,000 machines, in this case). Even more worrisome: the backdoor wasn\u2019t discovered until the plugin\u2019s author was cited in a copyright claim over the use of the \u201cWordPress\u201d brand. The WordPress security team quickly updated the plugin and began force-installing it on all compromised sites.<\/p>\n In a recent data dump on the Dark Web, researchers have discovered a trove of credentials for at least 1.4 billion users<\/a>, all of which was stored in plain text and was easily searchable. While some of the data had already been released in a previous data dump, it appears most of the credentials were new and verified as authentic. Unsurprisingly, the dump has also revealed that the majority of users still have incredibly weak passwords. The most common is still \u201c123456\u201d.<\/p>\n Earlier this year, researchers discovered yet another AWS S3 database left misconfigured and freely available<\/a> to anyone with AWS credentials. The database belongs to Alteryx, a marketing analytics company, and revealed financial information for at least 123 million<\/em> Americans. Although, fortunately, the database didn\u2019t contain full names or social security numbers, the 248 available data fields could easily be used to identify specific individuals.<\/p>\nBillions of Credentials Found on Dark Web<\/h3>\n
Data on Millions of Americans Left Unattended Online<\/h3>\n
Thousands of Lexmark Printers Left Unsecured<\/h3>\n