DATABASE

now browsing by tag

 
 

#deepweb | Joker’s laughing: Fresh database of half a million Indian payment card records on sale in the Dark Web

Source: National Cyber Security – Produced By Gregory Evans

“INDIA-BIG-MIX” (full name: [CC] INDIA-BIG-MIX (FRESH SNIFFED CVV) INDIA/EU/WORLD MIX, HIGH VALID 80-85%, uploaded 2020-02-05 (NON-REFUNDABLE BASE)”

If you’re wondering what this seemingly random set of words mean, that is how a fresh database of 461,976 payment card records currently on sale on Joker’s Stash, a popular underground cardshop in the dark web has been listed.

Group-IB, a Singapore based cybersecurity company specialising in preventing cyber attacks which detected the database, says that over 98% of this database on sale were cards issued by Indian banks.

At the moment, the source of this new breach is unknown. The card records were uploaded on the 5th of February and that the total estimated value of the database according to Group-IB, is USD4.2 million, at around USD 9 apiece. Till yesterday morning 16 cards details were found to have been sold. Those who buy these cards do so with the intention of committing payment card fraud.

The company says that they have already alerted India’s Computer Emergency Response Team (CERT-In). The Economic Times will update this story as and when we hear from CERT-In on the steps they have taken.

With the sharp rise in digital payments in India and a lack of corresponding rise in awareness of the best practices to use payment cards safely online and offline, the country has become an attractive destination for nefarious elements online.

This newest breach has, according to Group-IB, “exposed card numbers, expiration dates, CVV/CVC codes and, in this case, some additional information such as cardholders’ full name, as well as their emails, phone numbers and addresses.”

This is the second major database of Indian payment card details that Group-IB has detected since October when 1.3 million credit and debit card records of mostly Indian banks’ customers uploaded to Joker’s Stash with and estimated underground market value of USD130 million was detected in what became “the biggest card database encapsulated in a single file ever uploaded on underground markets at once.”

According to Dmitry Shestakov, the head of Group-IB cybercrime research unit, “In the current case, we are dealing with so-called fullz — they have info on card number, expiration date, CVV/CVC, cardholder name as well as some extra personal info.”

They also say that unlike earlier breaches what “distinguishes the new database from its predecessor is the fact that the cards were likely compromised online, this assumption is supported by the set of data offered for sale.”

Shestakov adds “such type of data is likely to have been compromised online — with the use of phishing, malware, or JS-sniffers — while in the previous case, we dealt with card dumps (the information contained in the card magnetic stripe), which can be stolen through the compromise of offline POS terminals, for example.”

Source link
——————————————————————————————————

The post #deepweb | <p> Joker’s laughing: Fresh database of half a million Indian payment card records on sale in the Dark Web <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | NYPD fingerprint database touched by ransomware

Source: National Cyber Security – Produced By Gregory Evans Home > Security News > Ransomware The New York City Police Department’s fingerprint database was hit with ransomware in October 2018, a local newspaper learned. The attack was brought in by a third-party vendor who was installing video equipment at the NYPD’s police academy when it […] View full post on AmIHackerProof.com

#hacking | Open database leaked 179GB in customer, US government, and military records

Source: National Cyber Security – Produced By Gregory Evans

Govt officials confirm Trump can block US companies from operating in China
The US president has not made an order as yet, only requesting for US companies to move out of China.

An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. 

On Monday, vpnMentor’s cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. 

Autoclerk is a reservations management system used by resorts to manage web bookings, revenue, loyalty programs, guest profiles, and payment processing. 

In a report shared with ZDNet, the researchers said the open Elasticsearch database was discovered through vpnMentor’s web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within. 

The team says that “thousands” of individuals were impacted, although due to ethical reasons it was not possible to examine every record in the leaking database to come up with a specific number. 

Hundreds of thousands of booking reservations for guests were available to view and data including full names, dates of birth, home addresses, phone numbers, dates and travel costs, some check-in times and room numbers, and masked credit card details were also exposed. 

See also: Citizen Lab: WeChat’s real-time censorship system uses hash indexes to filter content

Data breaches are a common occurrence and can end up compromising information belonging to thousands or millions of us in single cases of a successful cyberattack. 

What is more uncommon, however, is that the US government and military figures have also been involved in this security incident. 
It appears that one of the platforms connected to Autoclerk exposed in the breach is a contractor of the US government that deals with travel arrangements. 

vpnMentor was able to view records relating to the travel arrangements of government and military personnel — both past and future — who are connected to the US government, military, and Department of Homeland Security (DHS).

Within the records, for example, were logs for US Army generals visiting Russia and Israel, among other countries.

CNET: California proposes regulations to enforce new privacy law

Autoclerk facilitates communication between different hospitality platforms, and it appears that a substantial portion of the data originated from external platforms. In total, the database — hosted by AWS — contained over 179GB of data.

At the time of writing it has not been possible to track the overall owner of the database due to the “number of external origin points and sheer size of the data exposed,” the team says.  

The United States Computer Emergency Readiness Team (CERT) was informed of the leak on September 13 but did not respond to the researcher’s findings. 

vpnMentor then reached out to the US Embassy in Tel Aviv, and seven days later, the team contacted a representative of the Pentagon who promised swift action. Access to the database was revoked on October 2. 

TechRepublic: Financial industry spends millions to deal with breaches

“The greatest risk posed by this leak is to the US government and military,” the team says. “Significant amounts of sensitive employee and military personnel data could now be in the public domain. This gives invaluable insight into the operations and activities of the US government and military personnel. The national security implications for the US government and military are wide-ranging and serious.”

ZDNet has reached out to US-CERT and affected parties and will update when we hear back.

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Source link

The post #hacking | Open database leaked 179GB in customer, US government, and military records appeared first on National Cyber Security.

View full post on National Cyber Security

7th International Workshops on Database and Data Mining (ICDDM)

General Cybersecurity Conference

 June 27 – 29, 2018 | Chongqing, China

Cybersecurity Conference Description 

In today’s information society, we witness an explosive growth of the amount of information becoming available in electronic form and stored in large databases. . For example, many companies operate huge data warehouses collecting many different types of information about their customers. As the workshops of ICIVC conference, ICDDM is for presenting novel and fundamental advances in the fields of Database and Data Mining. It also serves to foster communication among researchers and practitioners working in a wide variety of scientific areas with a common interest in improving Database and Data Mining related techniques.

advertisement:

The post 7th International Workshops on Database and Data Mining (ICDDM) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #steal 19M #California voter #records after #holding #database for #ransom

Source: National Cyber Security – Produced By Gregory Evans

In late 2015, a security researcher found voter registration records of 191 million US voters on the Internet. Months later, hackers were found selling those records on several dark web marketplaces. Now, the IT security firm Kromtech has revealed that its researchers discovered a MongoDB database (a popular database management system) containing over 19 million California voters records.

Database Was Left Exposed

The database was left exposed for anyone with an Internet access to view or edit. In the majority of such cases, researchers contact the affected party and inform them about the exposed data, but in this case, Kromtech researchers were unable to identify the owner.

Remember, MongoDB is used by popular organizations such as LinkedIn, MetLife, City of Chicago, Expedia, BuzzFeed, KMPG and The Guardian etc.

Cybercriminals Held Voters Database For Ransom

Since early 2017, hackers have been targeting MongoDB based databases. In this case, according to researchers hackers discovered voters records, took control of it and left a ransom note before deleting the entire database.

The ransom note asked the owner of the database to send 0.2 bitcoin, that is around USD 3,123 (thanks to sudden price hike) to a bitcoin address. However, the fact that cybercriminals erased the database, researchers were unable to conduct a detailed analysis.

Furthermore, the group stated that “your database is downloaded and backed up on our secure servers.” Simply put: the group now holds the database and wants the owner to pay to get it back.

What Data The Database Had

In total, the 4GB database contained 19,264,123 records. As expected, it included highly personal and sensitive data of registered Californian voters such as:

City: 
Zip: 
StreetType: 
LastName: 
HouseFractionNumber
RegistrationMethodCode 
State: CA 
Phone4Exchng: 
MailingState: CA
Email: 
Phone3Area: 
Phone3NumPart: 
Status: A 
Phone4Area: 
StreetName: 
FirstName:
StreetDirSuffix: 
RegistrantId:
Phone1NumPart: 
UnitType: 
Phone2NumPart: 
VoterStatusReasonCodeDesc: Voter Requested 
Precinct: 
PrecinctNumber: 
PlaceOfBirth: 
Phone1Exchng:
AddressNumberSuffix: 
ExtractDate: 2017-05-31
Language: ENG 
Dob: 
Gender: 
MailingCountry:
AssistanceRequestFlag 
MailingCity: 
MiddleName:
AddressNumber: 
StreetDirPrefix: 
RegistrationDate: 
PartyCode: 
Phone1Area: 
Suffix:
NonStandardAddress: 
Phone4NumPart: 
CountyCode: 
MailingAdd3: 
MailingAdd2: 
MailingAdd1:
UnitNumber: 
Phone2Exchng: 
NamePrefix: 
_id: ObjectId 
MailingZip5: 
Phone2Area:

Moreover, researchers also found a 22GB file that contained a massive 409,449,416 records of complete California voter registration records. It is believed that the database was created back on May 31st, 2017.

ExtractDate: '2017-05-31',
'District': 
'RegistrantId': 
'CountyCode':, 
'DistrictName':
'_id': ObjectId

MongoDB And Ransom

Since 2016, there have been a number of incidents where MongoDB database have been found exposed on the Internet or held for ransom. In January this year, several unsecured MongoDB databases were hijacked by a hacker, who not only wiped out those databases but also stored copies of them and asked for a ransom of 0.2 bitcoins (roughly US$ 211 at that time).

Researchers also found 13 MillionMacKeeper’ credentials and 58 million business firm accounts exposed online due to misconfigured MongoDB database last year. Last week, AI.Type keyboard app had 31 million customers records exposed online due to misconfigured MongoDB database. In that case, it was discovered that the keyboard app has been spying on users and collecting everything a user does on their smartphone.

Voters Database And Dark Web

A dark web marketplace is a perfect place for hackers and cybercriminals to sell what they steal from others. A year ago, entire US voters’ registration records were being sold on now seized Hansa marketplace, therefore, Californians should not be surprised if their data goes on the dark web for sale.

The post Hackers #steal 19M #California voter #records after #holding #database for #ransom appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers hold Sydney start-up’s customer database for ransom

Source: National Cyber Security – Produced By Gregory Evans

Hackers hold Sydney start-up’s customer database for ransom

Small Sydney tech company Qnect is in damage control after its customer data was reportedly stolen and held for ransom. The attack comes just weeks after ransomware known as WannaCry disabled over 300,000 computers and essential services worldwide. The hackers, calling themselves RavenCrew, threatened to publish the data – including…

The post Hackers hold Sydney start-up’s customer database for ransom appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

DocuSign says hackers accessed customer email database

Source: National Cyber Security – Produced By Gregory Evans

DocuSign says hackers accessed customer email database

Electronic signature service DocuSign said on Tuesday hackers had temporarily gained access to a database containing customer emails following a surge in phishing emails sent to its users. The company, which has about 200 million users, said the emails imitated the DocuSign brand to trick recipients into opening a Microsoft Word document containing malicious software. The breach comes amid heightened …

The post DocuSign says hackers accessed customer email database appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Three Mobile, two alleged hackers, one big customer database heist

shutterstock_mobile_theft_648

Source: National Cyber Security – Produced By Gregory Evans

Three Mobile, two alleged hackers, one big customer database heist

UK carrier Three Mobile was the victim of a hacking scheme that has reportedly left the records of millions of customers exposed.
According to multiple UK media reports citing both Three and the National Crime Agency (NCA), hackers gained access

The post Three Mobile, two alleged hackers, one big customer database heist appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Philippines Voter Database Exposed By Hackers

security-breaches-684x513

The breach could be the biggest-yet hack of government-held data, according to Trend Micro

A breach of the Philippines’ Commission on Elections (Comelec) affecting about 55 million people could be the largest hack of government-held data ever, according to security specialists.

Government representatives have downplayed the seriousness of the breach, which took place late last month, but IT security firm Trend Micro said its analysis of the exposed data found that it included sensitive information such as passport numbers and fingerprint records.

“Every registered voter in the Philippines is now susceptible to fraud and other risks,” Trend said in an advisory. “With 55 million registered voters in the Philippines, this leak may turn out as the biggest government related data breach in history.”

Comelec’s website was defaced on 27 March by the Philippines branch of the Anonymous hacker group, which left a message accusing the government of poor security ahead of upcoming elections on 9 May.

Later on the same day a different but linked group, LulzSec Pilipinas, posted an online link to what it claimed was Comelec’s entire database, a 338 GB file containing 75.3 million individual entries. Just over 54 million of those entries would seem to correspond to the Philippines’ 54.36 million registered voters, according to Trend.

The database includes 1.3 million records for overseas Filipino voters, listing their passport numbers and expiry dates, in an easily searchable plain-text format, Trend said.

“Interestingly, we also found a whopping 15.8 million record of fingerprints and a list of people running for office since the 2010 elections,” the company stated.

Vote fraud fears

The Philipines uses an automated voting system, and the hacker groups both said their actions were intended to call the security around that system into question.

Comelec has said the voting system uses a separate system that’s better protected than the hacked site.

“We will be using a different website for the election, especially for results reporting and that one we are protecting very well,” a Comelec spokesman said at the time of the hack.

The breached Comelec database affects more people than a leaked database on more than 49 million Turkish voters exposed last week, but the Turkish database contains more sensitive information – detailed records, including parents’ names and addresses, on every person listed.

Last year a breach of the US government’s Office of Personnel Management (OPM) leaked information including fingerprints and social security numbers on 20 million current and former government employees.
Source:http://www.techweekeurope.co.uk/security/hackers-philippines-voter-database-189776

Related Post

The post Philippines Voter Database Exposed By Hackers appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com

Teen hackers strike again, allegedly gain access to U.S. arrest records database

Source: National Cyber Security – Produced By Gregory Evans

Teen hackers strike again, allegedly gain access to U.S. arrest records database

A group of teenage hackers going by the name of “Crackas With Attitude” (CWA) are on a rampage, breaking into federal systems to embarrass the U.S. government. Network jobs are hot; salaries expected to rise in 2016 Wireless network engineers, network admins, and network security pros can expect above-average pay READ NOW After gaining access to the personal AOL email account of CIA Director John Brennan last month, the teenagers reportedly broke into the Comcast email account of FBI Deputy Director Mark Giuliana‘s wife, dumped personal details of thousands of government employees and then claimed to have gained access to the national Joint Automated Booking System, JABS, a database of arrest records, the FBI’s Internet Crime Complaint Center and the FBI’s Virtual Command Center. “Cracka,” one of the hackers who also claims to be a stoner, told Motherboard the CWA targeted FBI Deputy Director Mark Giuliana because the FBI is investigating the hacker group and plans to “make an example” out of them. CWA “hacked” into the email account of Giuliana’s wife, found Giuliana’s phone number and then called him. Giuliana allegedly told Cracka, “I don’t know you but you better watch your back.” The hacker tweeted that Comcast and […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Teen hackers strike again, allegedly gain access to U.S. arrest records database appeared first on National Cyber Security.

View full post on National Cyber Security