Hackers Stole Source Code From Dropbox
Read also: Vodafone Italy discloses a data breach, crypto exchange Deribit suffers a $28 million hack, and more.
Thursday, November 3, 2022
Over a hundred of Dropbox source code repos compromised in a phishing attack
Cloud storage service and file synchronization service Dropbox has suffered a data breach after threat actors gained access to 130 of its source code repositories hosted on GitHub. The company said it fell victim to a phishing attack similar to the September GitHub security incident, in which an unauthorized party accessed GitHub accounts by impersonating the code integration and delivery platform CircleCI.
In the Dropbox case, the attackers sent phishing emails to multiple Dropbox employees with a link to a bogus CircleCI login page, which asked victims to provide their GitHub credentials and then use their hardware authentication key to pass a One Time Password (OTP) to the malicious site. The hackers were able to get access to one of accounts and copy 130 of the company’s code repositories, which included copies of third-party libraries modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team. Dropbox did not share the number of impacted employees, but said it found no evidence that the intruder gained access to its core infrastructure or its customer data was compromised.
Europe’s biggest copper producer targeted in a cyberattack
Aurubis, Europe’s biggest copper producer and the world’s larger recycler of the metal, was forced to shut down various systems at its sites and disconnect them from the internet due to a cyberattack that took place on October 28, 2022.
The producer said in a short statement that the attack is believed to be part of a wider operation aimed at the metals and mining industry. The exact impact of the attack is unclear at this point, but the company said that production and environmental protection facilities at smelter sites were not affected.
Vodafone Italy customer details exposed in a data breach
Vodafone Italia is sending data breach notification letters to its customers to warn them that one of its business partners and a local reseller of the telecommunications services FourB S.p.A suffered a cyberattack in the first week of September, which resulted in the compromise of sensitive subscriber information. The exposed data includes subscription details, identity documents, and contact details. Account credentials and network traffic data are said to have not been impacted.
The confirmation of the breach comes after media reports that a hacker group known as “KelvinSecurity” claimed responsibility for the cyberattack on Vodafone and put up for sale on dark web forums 310GB of data allegedly stolen from the telecommunications company.
Crypto exchange Deribit suffers a $28 million hack
Hackers have drained $28 million worth of cryptocurrencies from a hot wallet belonging to cryptocurrency options and futures exchange Deribit, forcing the company to pause withdrawals as it investigates the incident.
Deribit said client assets have not been impacted because 99% of user funds are being kept in cold storage, and only 1% in hot wallets. According to the crypto exchange, the entirety of the loss will be covered by company reserves. Deribit has not shared details on how the hack was perpetrated and whether they've come in contact with the attackers.
Cybersecurity agencies issue guides on how to secure supply chains, respond to DDoS attacks
US cybersecurity and intelligence agencies released several separate guides with a new set of cybersecurity practices that organizations can use to secure their supply chains, and prevent or reduce the impact of distributed denial of service (DDOS) attacks.
In addition, CISA issued a guidance on phishing-resistant and numbers matching multifactor authentication, and urged organizations to implement phishing-resistant MFA to strengthen defense against phishing and other cyber threats.
What’s next:
- Follow ImmuniWeb on Twitter and LinkedIn
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law. 
