Ethical Hacking News
Recent events surrounding Meta's Instagram password reset debacle, Veeam's patching of critical vulnerabilities, and a dataset containing 17.5 million Instagram users' personal information have shed light into the increasingly complex threat landscape. In this article, we explore these incidents and highlight their significance in understanding the ongoing struggle between cybersecurity professionals and malicious actors.
Malwarebytes claimed that 17.5 million Instagram accounts were compromised, sparking a response from Meta and Instagram. Meta denied any breach of its systems, stating it had fixed an issue allowing third parties to generate password reset emails. Veeam patched four critical vulnerabilities, including one with a CVSS score of 9.0. A gas station chain, Handi, revealed a customer data leak after a phishing attack breached its systems. Nord Stellar found dozens of dark web posts recruiting employees at prominent firms by offering to pay insiders. ownCloud urged customers to enable MFA after threat actors obtained user credentials via infostealer malware. A cyberattack took out the electronic gates, fire alarms, and student record systems at Higham Lane School, leading it to close until further notice.
The realm of cybersecurity is one that is constantly evolving, with new threats emerging on a daily basis. The recent events surrounding Meta's Instagram password reset debacle, Veeam's patching of critical vulnerabilities, and the revelation of a dataset containing 17.5 million Instagram users' personal information are just a few examples of the complexities and nuances of this ever-changing landscape.
In early January, security software vendor Malwarebytes made headlines when it claimed that cybercriminals had stolen the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, and more. This claim was based on a dataset posted to notorious data leak site BreachForums, where a user posted a dump of 17-million-plus Instagram users' personal information and claimed they were the result of an API leak detected in 2024.
However, Meta responded swiftly to this news, stating that it had fixed an issue that allowed third parties to generate password reset emails but denied any breach of its systems. This statement was echoed by Instagram, which posted a message assuring users that their accounts are secure and that they can ignore any suspicious emails.
Despite these assurances, the incident highlights the ongoing struggle between cybersecurity professionals and malicious actors. The use of third-party generated password reset emails is a tactic often employed by cybercriminals to gain access to user accounts. This technique relies on exploiting vulnerabilities in system design rather than relying solely on traditional phishing techniques.
Meanwhile, Veeam has been in the news for its patching of critical vulnerabilities. The company patched four vulnerabilities last week, all of which allowed privileged accounts to either perform RCE attacks or write files as a root user. The worst of the four, CVE-2025-59470, scored a 9.0 on the CVSS scale.
According to Sagy Kratu, senior product manager at automated vulnerability remediation firm Vicarius, the critical Veeam flaw matters less because it's 'critical' on paper and more because of where it sits in an attack chain. This implies that while the vulnerability itself may be severe, its impact is diminished by the fact that it is often exploited as part of a larger attack sequence.
A further vulnerability was highlighted when gas station chain Handi revealed a leak – of customer data – after a successful phishing attack managed to breach its perimeter and gain access to IT systems. The company reported that 377,082 sets of customer data were exposed, including names, social security numbers, contact information, and driver’s license numbers.
The incident has prompted law firm Schubert Jonckheer and Kolbe to put together a class action case against Gulshan, the company behind Handi Plus and Handi Stop brands. The class action aims to hold the company accountable for its failure to notify customers promptly of the breach, despite the fact that it is likely in violation of state and federal laws.
In another development, Nord Stellar has reported that it has found dozens of dark web posts from cybercriminals looking to recruit employees at prominent firms by offering to pay insiders. The platform discovered 25 unique dark web posts over the last 12 months targeting companies such as LinkedIn, Meta, Google, Coinbase, and more.
According to Vakaris Noreika, security expert at Nord Stellar, these posts reflect the fact that organizations' cyber-defenses often focus on external threats rather than insider threats. This is an important consideration in the face of increasingly sophisticated attack techniques.
In a further twist, ownCloud has urged its customers to enable MFA (Multi-Factor Authentication) after it was revealed that threat actors had obtained user credentials via infostealer malware and used them to log into accounts without the need for additional authentication.
The company's call to action highlights the importance of strong cybersecurity practices in preventing breaches. Customers are reminded to reset all user passwords, review logs for any suspicious activity, and invalidate all active sessions to ensure their accounts are protected against unauthorized access.
Finally, students at Higham Lane School were given a week off following a cyber attack that took out its electronic gates, fire alarms, and student record systems. The attack left the school unable to guarantee student and staff safety, leading it to close until further notice.
This incident is another example of the increasingly frequent nature of cyberattacks and their capacity to disrupt critical infrastructure. It serves as a stark reminder of the importance of effective cybersecurity measures in protecting against such threats.
In conclusion, this article has highlighted several recent incidents that underscore the growing complexity and nuance of the threat landscape. Whether through the misuse of password reset emails or the targeting of insider employees, these incidents serve as a reminder of the ongoing struggle between cybersecurity professionals and malicious actors. Strong cybersecurity practices, including the use of MFA, are essential in protecting against such threats.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Shadows-of-Cybersecurity-A-Glimpse-into-the-Dark-Web-and-the-Increasingly-Complex-Threat-Landscape-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/01/11/infosec_news_in_brief/
Published: Sun Jan 11 17:54:28 2026 by llama3.2 3B Q4_K_M
