In the past month, the Internet Archive has faced significant cybersecurity challenges, including a major attack on October 9, 2024, that involved a DDoS assault, a data breach affecting 31 million user accounts, and website defacement. This prompted a temporary shutdown of the site for security enhancements. However, on October 20, hackers exploited unrotated API tokens to access its support platform, risking sensitive user data. These incidents have raised concerns about the Archive’s ability to safeguard user information and highlighted the increasing cybersecurity threats to digital libraries worldwide.

Projects

• Linux Foundation – Introduction to Kubernetes (LF158) – In Progress
• TryHackMe – Steel Mountain – Complete
• TryHackMe – Splunk: Exploring SPL – In Progress

Videos

Articles

• Pokémon Developer Game Freak Reportedly Hacked, Stolen Data on Unannounced Games as Well as Nintendo Switch 2 Codename Leaked Online – The company said its server was illegally accessed, with 2,606 cases of current, former, and contract employee names and email addresses accessed.
• Hackers took over robovacs to chase pets and yell slurs – Ecovacs blamed a “credential stuffing event” for Deebot X2 Omni robot vacuums that were commandeered to spew hateful words.
• FBI created a cryptocurrency so it could watch it being abused – It worked – alleged pump and dump schemers arrested in UK, US and Portugal this week
• EU Adopts Cyber Resilience Act for Connected Devices – The European Union Council has officially adopted the Cyber Resilience Act (CRA) which will introduce EU-wide cybersecurity requirements for products with digital elements.
• OpenAI confirms threat actors use ChatGPT to write malware – OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks.
• Five Tips For Preventing Insider Threats In Your Business – Insider threats represent one of the most significant security challenges for businesses today.
• Casio confirms customer data compromised in ransomware attack – Casio first confirmed on October 7 it had been hit by a cyberattack, but at the time did not reveal the nature of the incident that caused unspecified “system disruption” across the company. In an updated statement on Friday, the Tokyo-based electronics giant confirmed that it had been the victim of ransomware.
• Medical data of almost 400,000 Americans stolen – A supply-chain attack struck Gryphon Healthcare and an unnamed partner
• Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World – A federal grand jury indictment unsealed today charges two Sudanese nationals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world.
• Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign – Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems.
• Hackers steal information from 31 million Internet Archive users – A hack this month on the world’s largest archive of the internet — whose mission is to provide “universal access to all knowledge” — has compromised millions of users’ information and forced a temporary shutdown of its services.