Standing Intelligence Requirements

For the most up to date list of ZeroFox Threat Research’s Intelligence Requirements, please visit:

https://cloud.zerofox.com/intelligence/advisories/14956

Details

Toondoo, a U.S.-based web-based tool that enables users to create a comic strip, in which 4,229,240 email addresses were leaked, which were subsequently shared on a deep web platform. The threat actor did not disclose the ultimate source of the data breach or how it was exploited.

Recommendations

• If not already enabled, turn on the compromised credentials rule for all relevant entities and ensure relevant emails are entered for those entities, or reach out to [email protected] for assistance
• If one of your entities receives an alert, ZeroFox recommends immediate password changes for the affected account
• Enable multi-factor authentication for all of your organizational accounts to help mitigate phishing and credential stuffing attacks