The IT Nerd

The Safety Detectives Cybersecurity Team stumbled upon a forum post on the clear web where a threat actor posted a link to a database allegedly belonging to the French electronics retail store Boulanger Electroménager & Multimédia, which suffered a cyber incident in 2024. The data stolen is now being offered for free. 

The dataset is available in parsed and unparsed formats and contains 5 and 27+ million records from Boulanger’s customers. The data includes names, surnames, full physical addresses, email addresses, and phone numbers. 

This data is sensitive because it could be used by malicious actors to prepare and execute various types of attacks on the affected customers. 

The full report can be accessed here: https://www.safetydetectives.com/news/boulanger-leak-report/

The research team at SafetyDetectives just wrapped up a really interesting study, where they compare the censorship and content moderation policies of major platforms and investigate whether they are actually effective or just security theater.

Key findings at a glance:

• Censorship patterns for videos on major social media show that, profanity is the most censored type of content at 55.6%, followed by violence and conflict and sexual Abuse at 7%. On the other hand, the less censored are Self-Harm and People’s Faces tied at 2.3%.
• News outlets and credible informational accounts are sometimes subject to different moderation standards. On the other hand, comedic and entertainment posts still experienced strict regulations on profanity, even on news outlets.
• Content depicting graphic violence is the most widely prohibited in platforms’ policies, with only Meta allowing it with conditions. While YouTube is the only one to impose a blanket prohibition on gory or distressing materials.
• Content censorship appears to be more performative than functional and double standards are also apparentin other platforms whose owners haveclear political ties.

Considering their findings, they believe that individuals and organizations must practice careful scrutiny when consuming media or information on these platforms, given the seemingly one-sided implementation of policies on different social media sites.

You can access their report here: https://www.safetydetectives.com/blog/community-guidelines-comparison-research/

Recently, the Safety Detectives Cybersecurity Team stumbled upon a forum post on the clear web where a threat actor posted a link to a CSV file containing over 200 entries with information allegedly belonging to over 1 Million X/Twitter users. 

You can see their full report here: https://www.safetydetectives.com/news/x200m-leak-report/

Recently, the Safety Detectives Cybersecurity Team stumbled upon a forum post on the clear web where a threat actor posted a link to a database allegedly belonging to 5 Miles Lab, a digital advertising company that contained 8.3 million lines of their corporate inbox information. Which of course is bad.

You can see the full report here: https://www.safetydetectives.com/news/5mileslab-leak-report/

 Here’s some fascinating research done by Safety Detectives on the evolution of the most commonly used passwords, their typical length and complexity, and the behaviors that influence how people create them.

Key findings at a glance:

• NordPass’ sixth annual report on the most common passwords for 2024 reveals that “123456” was the most frequently used password worldwide in 2024, used 3,018,050 times in the dataset. 
• Of the 200 most common passwords identified, an astonishing 161, or 80.5%, can be cracked in just 1 second. The most “difficult” password to crack from the list is g_czechout, taking approximately 12 days.
• The most common password in the United States in 2024 was “secret,” used a total of 328,831 times. As for the other countries, “123456′ dominates in the vast majority, only topped by “qwerty123” in Canada, Finland, Lithuania, the Netherlands, and Norway.
• Many employees use the same weak passwords for work accounts as they do for personal accounts. Approximately 40% of the most common corporate passwords mirrored those used by individuals, with “123456” again topping the list.

While password habits have evolved over time, many people still rely on simple and predictable choices that leave them vulnerable to cyber threats. As we move forward, stronger, longer, and more unique passwords will be necessary to protect our digital lives. By learning from past trends and adopting better security practices, we can create a safer online environment for ourselves and those around us.

You can access the report here: https://www.safetydetectives.com/blog/worst-passwords-research

Research done by the team at SafetyDetectives has been posted that  measured how the news of the TikTok ban in the US affected major accounts and analyze how different strategies led to growth or decline across platforms.Despite it being a short ban, they found that the news produced surprising effects. Some of their key findings were:

• Of the 30 accounts included in their research, half gained followers after January 19, while the rest experienced neither loss nor gain. Of the other 14 accounts that gained followers after the temporary suspension, half are news outlets while high-profile celebrities and brands showed little to no gain.
• Surprisingly, more accounts suffered engagement losses on Instagram than on TikTok. Accounts lost a combined total of 8.1 million in average likes (versus TikTok’s 7.7 million) and 104,000 in average comments (versus TikTok’s 159,000).
• Only 8 of the accounts included in their study experienced growth on Facebook during this period, and Amazon was the only one to lose followers, while the rest maintained stability.
• As on TikTok, none of the accounts included in their study lost followers on YouTube. Not surprisingly, the top 5 accounts include a professional YouTuber, a streamer, and 3 musicians.

The temporary suspension of TikTok highlighted how different platforms, while typically offering the same basic capabilities, won’t necessarily cater to the same categories of content. For creators, brands, and social media managers, this reinforces the importance of understanding your target audience and meeting them where they are.

You can access their report here: https://www.safetydetectives.com/blog/tik-tok-ban-research/

Recently, the Safety Detectives Cybersecurity Team stumbled upon a forum post on the clear web where a threat actor posted a link to a database allegedly belonging to American National Insurance Company’s 2023 data breach that contained 279,332 lines of sensitive data of customers and some employees’ data. 

You can see their full report here: https://www.safetydetectives.com/news/anico-leak-report/

Here’s some new research done Safety Detective’s team that examines three areas of digitalization: connectivity, digital health, and e-government, highlighting critical areas of digital interconnectivity: mobile infrastructure, health-related services, and the extent of government influence on citizens’ lives.

Key findings at a glance:

• According to DataReportal and GSMA Intelligence, worldwide, 5.35 billion people (66% of the global population) use the internet, while 5.61 billion (69.4%) individuals are mobile subscribers, highlighting a growing shift toward mobile-first connectivity.
• Furthermore, social media users grew from 4.2 billion in 2021 to 5.04 billion in 2024, indicating worldwide adoption has increased by 20% in just 3 years.
• Countries, like Saudi Arabia, Portugal, UAE and Brazil excel across multiple GDHM categories, including Leadership and Governance, Strategy and Investment, Infrastructure and Services and Applications, showcasing comprehensive digital health strategies.
• European and North American nations dominate the EGDI rankings, showcasing their robust digital infrastructure and governance. South Korea in particular, is the only country that has achieved 100% OSI score, providing government services.

Digital advancements offer significant potential to improve quality of life. However, they also bring potential challenges, such as data misuse, surveillance, and privacy concerns. Addressing these issues through thoughtful policies as well as promoting equitable access will likely help shape the future impact of these technologies.

You can access their report here: https://www.safetydetectives.com/blog/digitalized-countries-research/

The SafetyDetectives team has been exploring the evolution, tactics, and impact of Christmas scams to offer our readers actionable advice to avoid falling victim to fraud this holiday season. 

Key findings at a glance: 

• Different types of scams are present year-round, but the incidents typically increase during the holidays when people may be more susceptible to social engineering. 
• In 2023, the AARP reported that 80% of adult consumers in the US have experienced holiday-themed fraudulent activity. 
• It was found that 1 in 5 adults would provide their personal information or click questionable links for a chance to redeem a desired item at a bargain during the holidays.

Scammers’ practices have noticeably grown in complexity and sophistication over the years, for that reason people should remain vigilant during the season becomes more imperative given the potentially enormous financial and psychosocial fallout of those.

You can access their detailed report here: https://www.safetydetectives.com/blog/christmas-scams-research/

Recently the Safety Detectives Research Team found weaknesses in Microsoft Defender while investigating a malware-laced NFT game. The application compromised the user’s systems, bypassed their Google two-factor authentication, and stole over $24,000 in cryptocurrency.

The report with the highlights and a video analysis of this newly discovered vulnerability can be found here: https://www.safetydetectives.com/news/msdefender-malware-vulnerability/