now browsing by tag


#deepweb | Weibo Confirms 538 Million User Records Leaked, Listed For Sale on Dark Web

Source: National Cyber Security – Produced By Gregory Evans

Rumors have spread after Wei Xingguo (Yun Shu), CTO of Chinese Internet security company Moresec and former chief of Alibaba’s Security Research Lab posted on Weibo that millions of Weibo users’ data had been leaked on March 19. Wei claimed that his own phone number was leaked through Weibo and had received WeChat friend requests based on “phone number search.”

In the comment section, netizens claimed that they found 538 million user records including user IDs, number of Weibo posts, number of followers, gender and geographic location available for purchase on the dark web. Among all the user records, 172 million had basic account information, all of which was available for sale for 0.177 Bitcoin.

Luo Shiyao, Weibo’s Security Director responded on Weibo that the Internet security community was merely “overreacting.” “Phone numbers were leaked due to brute-force matching in 2019 and other personal information was crawled on the Internet,” adding that “When we found the security vulnerability we took measures to fix it.” Luo stated that this is likely another “dictionary attack” instead of a direct drag from Weibo’s database.

Both Wei’s thread and Luo’s Weibo post have been deleted.

Flow chart of the information purchase process (Source: Phala Network)

Weibo responded to media admitting that the data leak is true, while no users’ passwords or ID numbers were under threat. Weibo also claimed that its security policy has since been strengthened and is under continuous optimization. The company also stated that the leak traced back to an attack on Weibo in late 2018, when hackers used brute force data through the Weibo interface, that is, using the address book matching interface to find user nicknames through the enumeration segment. Weibo concluded that no other information besides users’ IDs was leaked and its normal services would not be affected.

However, according to Phala Network‘s research, users’ ID numbers, emails, real names, phone numbers and related QQ numbers can all be obtained through the Weibo information leak on the dark net. One search costs approximately 10 RMB. According to TMT Post, a source had purchased their own personal information including name, email, home address, mobile phone number, Weibo account number and password on the dark web and confirmed it to be accurate. Another source revealed to TMT Post that even some user’s license plate numbers and previous passwords could be found. Chat app Telegram is a major platform where transactions for the leaked data are conducted.

Source link

The post #deepweb | <p> Weibo Confirms 538 Million User Records Leaked, Listed For Sale on Dark Web <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | Ring’s leaked Video Doorbell 3 has a few small upgrades

Source: National Cyber Security – Produced By Gregory Evans

A sneak peek of the product page for the upcoming Ring Video Doorbell 3 shows some upgrades over the Video Doorbell 2. Dave Zatz at Zatz Not Funny discovered the product page (it’s since been removed, apparently), which included a “pre-roll” feature for the doorbell’s Plus model that captures four seconds of black-and-white video before a motion alert goes off.

The product page described it as a “first-to-market feature for battery-powered doorbells and unique exclusively to Ring,” although Zatz points out that other video doorbells have this so-called “foresight” feature, just not battery-powered models.

A screenshot of the Ring Video Doorbell 3 product page.
Zatz Not Funny via Ring

The basic design of the Video Doorbell 3 doesn’t appear much different from its predecessor, but Zatz reports the new model’s faceplate will be easier to remove; it will have a “near” motion sensor to reduce false motion alerts; and it will have 2.4GHz and 5GHz Wi-Fi (only 2.4GHz is available on the Video Doorbell 2).

It’s not clear when the Video Doorbell 3 will be available, and Zatz notes the product page didn’t mention support for Ring’s Sidewalk networking standard or Apple HomeKit support (that’s not to say they won’t be included, just that neither was mentioned).

Zatz calls the Ring Video Doorbell 3 a “decent, minor upgrade from Ring 2, with a clever upsell for those seeking a bit more security,” adding they’re likely to be priced between $199 and $229.

Amazon-owned Ring has come under fire for privacy and security concerns in recent months. In January, the company added a new privacy dashboard for its app, to allow users to manage their connected devices better, including control over whether local police departments can request video footage from an owner’s Ring camera.

Source link

The post #comptia | Ring’s leaked Video Doorbell 3 has a few small upgrades appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | 3,000 government emails leaked, Ministry of Information’s data also became public

Source: National Cyber Security – Produced By Gregory Evans Cybersecurity researchers claim 3,2020 government emails have been leaked. The report claimed that the email IDs of 11 departments, including the Bhabha Atomic Research Center and the Ministry of Information, exist on the dark web. Sai Krishna Kothapalli, an IIT-Guwahati alumnus and founder of the cybersecurity […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Billions of Medical Images Leaked in Huge Privacy Puzzle

Source: National Cyber Security – Produced By Gregory Evans

Security researchers say healthcare providers are failing to secure highly sensitive patient medical data. Mind-boggling amounts of health info are just sitting on internet-connected servers, with only a well-known default password—or no password at all.

And it’s despite frequent warnings. The scale of the problem has only grown in recent months.

Imagine that. In today’s SB Blogwatch, we prescribe radical surgery.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Nice pipes (giggity).


What’s the craic, Zack? Mister Whittaker reports—“A billion medical images are exposed online, as doctors ignore warnings”:

 Hundreds of hospitals, medical offices and imaging centers are running insecure storage systems, allowing anyone … to access over 1 billion medical images of patients. … About half of all the exposed images, which include X-rays, ultrasounds and CT scans, belong to patients in the United States.

The problem is well-documented. Greenbone found … more than 720 million medical images in September. … Two months later, [it doubled]. The problem shows little sign of abating.

Medical images … are typically stored in … a PACS server. … But many doctors’ offices disregard security best practices and connect their PACS server directly to the internet without a password. … Some of the largest hospitals and imaging centers in the United States are the biggest culprits.

Many patient scans include … the patient’s name, date of birth and sensitive information about their diagnoses. … Yet, patients are unaware that their data could be exposed on the internet for anyone to find.

HIPAA created the “security rule” … designed to protect electronic personal health information. … The law also holds healthcare providers accountable for any security lapses [which] can lead to severe penalties. … Experts who have warned about exposed servers for years say medical practices have few excuses.

And Renée Fabian adds—“Unsecured Medical Images Are an Underrated Threat”:

 Compromised medical data is life-altering — worse than having your financial information stolen — and in some cases, even life-threatening. … But the general public still has their eyes on financial identity theft as the bigger threat.

However, when your health-related information is used by someone else … it can have a much bigger impact than stolen financial data. … Here’s how:

Errors in your medical record constitutes one of the biggest dangers. … A diagnosis you don’t have, medication you’re allergic to, the wrong blood type or treatments you never actually get [can] make it into your permanent health care file. [So] you may end up in a situation where you’re treated with something that’s harmful.

You could also fail a physical job exam because a medical condition you don’t have ends up in your medical record. … It puts you at greater risk of discrimination, especially at work.

Your legitimate [insurance] claims may be denied. The company may flag or cancel your policy because of a suspicious number of claims or another person’s information on your record. [Or] you may be denied health or life insurance in the future.

Medical data includes more personal information than your financial data, which is why it sells for an estimated 10 times as much on the dark web. … Criminals get more bang for their buck out of your health data.

Are you sure we’re not hyping this up a bit? Mark Davis is horrified:

 Images, as actually used, usually do contain demographics. But they also often contain indications and sometimes diagnosis and treatments. Those are the absolute most sensitive of all information.

Indications are the reason for the image and would be something like “suspected pneumonia.” Diagnoses are official labels of sickness/illness/disease, like “AIDS.”

I can’t overstate how bad disclosing such information is, when it comes to protecting privacy.

Specifically, what are the legalities? Here’s Oliver Jones:

 It’s possible to see so-called “protected health information” (PHI) in these images. … HIPAA and ARRA 2009 (followon legislation) made it a federal crime to knowingly or negligently disclose PHI.

Natural persons can be tried and convicted, even if they were acting on behalf of corporations. … The Centers for Medicare and Medicaid Services (CMS) has a Breach Notification Rule, requiring holders of data to notify patients and CMS themselves if PHI is breached.

It wouldn’t surprise me if the people involved in securing these sloppily configured … servers are in a state of panic. … I was involved in dealing with an unintentional breach of 44 patient records a few years back, and yeah … it stinks to be them.

So doctors are to blame? prostheticvamp thinks that’s too simplistic:

 I have never, in all my years of working in healthcare, seen a hospital or physicians office directly install and manage PACS. They pay a third-party—usually the vendor—to install, configure, and walk them through it.

Healthcare-related technologically was largely pushed on the industry via legislation. … When a technology is forced on you at a loss, from a vendor with little incentive to optimize ease of use or utility, you get a terrible piece of **** that no one wants to invest more time and money into than absolutely needed.

When it comes to healthcare, everything is always the doctor’s fault. It’s convenient to have a single target to blame. … Never mind that most physicians are just employees … in massive organizations, with extremely heavy regulatory oversight.

If an organization that runs three hospitals can’t … secure their PACS system with a decent password, that’s the fault of the physician about as much as it’s the fault of the nurse, the janitor, the cafeteria chef, etc. … We’re just line workers. We try to do our best by patients, but we ain’t in charge of anything.

OK, but what can IT do about it? imidan’s suggestion is clouded by their gender presumption:

 The IT guy needs to talk to the lawyer and the insurance guy. The lawyer will **** his pants at the HIPAA violation, and the insurance guy will **** his pants at the likely cost of judgment for the inevitable prosecution.

The three of them can go to the person in charge and explain the problem in terms of the technical, legal, and financial. When it’s clear that the fallout of prosecution includes fines so big they make the practice uninsurable, jail time for personnel who wantonly violated, and the loss of license for doctors, I would hope they’d listen.

It gets worse. wswope has this head-meets desk moment:

 Fun experiment: use Google Maps API to search a major US metro area for medical practices. Pick out any websites that don’t use TLS. Crawl them for HTML forms that include common PHI keywords. You’ll find a lot.

Meanwhile, what of our neighbors to the north? Here’s ceoyoyo:

 Here in Canada, hospitals are super paranoid about their PACS. As originally designed, PACS really couldn’t transmit images over the Internet at all, and most hospitals still have it configured that way.

And Finally:

Riccardo Bonci is going straight to Heck

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Stephen Hampshire (cc:by)

Source link

The post #cybersecurity | #hackerspace |<p> Billions of Medical Images Leaked in Huge Privacy Puzzle <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Redditt: US-UK NHS ‘Sale’ Docs Leaked by Russia

Source: National Cyber Security – Produced By Gregory Evans

Documents allegedly revealing a secret post-Brexit US-UK trade deal were leaked online as part of a Russian influence campaign, Reddit has claimed.

The social site said it has banned 61 accounts and one subreddit following an investigation into the origin of the documents, which had been seized on by the opposition Labour Party as proof of a deal to ‘sell’ the NHS to US companies.

Those it found guilty of posting and sharing the documents are probably part of a Russian campaign dubbed “Secondary Infektion” that has already been attempting influence operations on Facebook, it claimed.

“In late October, an account u/gregoratior posted the leaked documents and later reposted by an additional account u/ostermaxnn. Additionally, we were able to find a pocket of accounts participating in vote manipulation on the original post. All of these accounts have the same shared pattern as the original Secondary Infektion group detected, causing us to believe that this was indeed tied to the original group,” explained Redditt in a post over the weekend.

“Outside of the post by u/gregoratior, none of these accounts or posts received much attention on the platform, and many of the posts were removed either by moderators or as part of normal content manipulation operations. The accounts posted in different regional subreddits, and in several different languages.”

The Secondary Infektion group is known for attempts to sow discord between NATO allies and in its mature OpSec capabilities, which help to keep its tracks covered.

If true, the incident would seem to echo attempts to influence the 2016 US Presidential election, when Russian hackers stole and leaked sensitive Democratic Party documents, to the detriment of Hillary Clinton’s campaign.

However, these don’t seem to have had the same impact. Reports claim UK officials are currently investigating whether the documents were originally leaked or hacked.


#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity

Source link

The post #infosec | Redditt: US-UK NHS ‘Sale’ Docs Leaked by Russia appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Open database leaked 179GB in customer, US government, and military records

Source: National Cyber Security – Produced By Gregory Evans

Govt officials confirm Trump can block US companies from operating in China
The US president has not made an order as yet, only requesting for US companies to move out of China.

An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. 

On Monday, vpnMentor’s cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. 

Autoclerk is a reservations management system used by resorts to manage web bookings, revenue, loyalty programs, guest profiles, and payment processing. 

In a report shared with ZDNet, the researchers said the open Elasticsearch database was discovered through vpnMentor’s web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within. 

The team says that “thousands” of individuals were impacted, although due to ethical reasons it was not possible to examine every record in the leaking database to come up with a specific number. 

Hundreds of thousands of booking reservations for guests were available to view and data including full names, dates of birth, home addresses, phone numbers, dates and travel costs, some check-in times and room numbers, and masked credit card details were also exposed. 

See also: Citizen Lab: WeChat’s real-time censorship system uses hash indexes to filter content

Data breaches are a common occurrence and can end up compromising information belonging to thousands or millions of us in single cases of a successful cyberattack. 

What is more uncommon, however, is that the US government and military figures have also been involved in this security incident. 
It appears that one of the platforms connected to Autoclerk exposed in the breach is a contractor of the US government that deals with travel arrangements. 

vpnMentor was able to view records relating to the travel arrangements of government and military personnel — both past and future — who are connected to the US government, military, and Department of Homeland Security (DHS).

Within the records, for example, were logs for US Army generals visiting Russia and Israel, among other countries.

CNET: California proposes regulations to enforce new privacy law

Autoclerk facilitates communication between different hospitality platforms, and it appears that a substantial portion of the data originated from external platforms. In total, the database — hosted by AWS — contained over 179GB of data.

At the time of writing it has not been possible to track the overall owner of the database due to the “number of external origin points and sheer size of the data exposed,” the team says.  

The United States Computer Emergency Readiness Team (CERT) was informed of the leak on September 13 but did not respond to the researcher’s findings. 

vpnMentor then reached out to the US Embassy in Tel Aviv, and seven days later, the team contacted a representative of the Pentagon who promised swift action. Access to the database was revoked on October 2. 

TechRepublic: Financial industry spends millions to deal with breaches

“The greatest risk posed by this leak is to the US government and military,” the team says. “Significant amounts of sensitive employee and military personnel data could now be in the public domain. This gives invaluable insight into the operations and activities of the US government and military personnel. The national security implications for the US government and military are wide-ranging and serious.”

ZDNet has reached out to US-CERT and affected parties and will update when we hear back.

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Source link

The post #hacking | Open database leaked 179GB in customer, US government, and military records appeared first on National Cyber Security.

View full post on National Cyber Security

Intel didn’t #tell US #cyber security officials about the #Meltdown and #Spectre flaws until after it #leaked in news #reports

Source: National Cyber Security News

Intel did not inform U.S. cyber security officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet Inc notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday.

Current and former U.S. government officials have raised concerns that the government was not informed of the flaws before they became public because the flaws potentially held national security implications. Intel said it did not think the flaws needed to be shared with U.S. authorities as hackers had not exploited the vulnerabilities.

Intel did not tell the United States Computer Emergency Readiness Team, better known as US-CERT, about Meltdown and Spectre until Jan. 3, after reports on them in online technology site The Register had begun to circulate.

US-CERT, which issues warnings about cyber security problems to the public and private sector, did not respond to a request for comment.

Details of when the chip flaws were disclosed were detailed in letters sent by Intel, Alphabet and Apple Inc on Thursday in response to questions from Representative Greg Walden, an Oregon Republican who chairs the House Energy and Commerce Committee.

Read More….


View full post on National Cyber Security Ventures

1.4 #billion #hacked #passwords leaked #online, now you’re at #risk

Source: National Cyber Security – Produced By Gregory Evans

Staying protected from cybercriminals is something everyone needs to stay on top of now that we’re living in a digital world. New data breaches, malware and phishing scams are popping up constantly.

Having sensitive information fall into the hands of criminals is the last thing that we need. You definitely don’t want your identity stolen or hackers having access to your bank accounts.

Unfortunately, a massive archive of stolen credentials was recently discovered online that could put you at risk.

Have your credentials been exposed?

Security researchers at 4iQ recently discovered a 41GB archive that contains more than 1.4 billion stolen user credentials. The credentials, including passwords, are unencrypted on the Dark Web.

The database includes email addresses, passwords and usernames. This isn’t actually a new data breach, it’s a collection of information that had been stolen in previous data breaches.

Researchers who discovered the file said, “While scanning the deep and dark web for stolen, leaked or lost data, 4iQ discovered a single file with a database of 1.4 billion clear text credentials–the largest aggregate database found in the dark web to date.”

More than 250 previous data breaches contributed to this collection of stolen credentials. The stolen information was well organized, even indexed alphabetically by the criminal who put it together.

Anytime there is a massive data breach, there are steps that you need to take to make sure your information is secure. Keep reading for suggestions.

Change your password

Whenever you hear news of a data breach, it’s a good idea to change your account passwords. This is especially true if you use the same credentials for multiple websites, which is a bad idea.

If your credentials are stolen from a breach, criminals can test them on other sites to log into those accounts as well.

Keep an eye on your bank accounts 

You should already be frequently checking your bank statements, looking for suspicious activity. It’s even more critical when sensitive information has been exposed through a data breach.

If you see anything that seems strange, report it immediately. It’s the best way to keep your financial accounts safe.

Set up two-factor authentication 

Two-factor authentication, also known as two-step verification, means that to log into your account, you need two ways to prove you are who you say you are. This is an extra layer of security that will help keep your accounts safe.

Investigate your email address 

This is a critical step and it will only take a few seconds of your time. You need to find out if your credentials are part of any recent data breach. The best way to find out if you’re impacted is with the Have I Been Pwned website. 

It’s an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest breaches. You can even set up alerts to be notified if your email address is impacted in the future.

Beware of phishing scams 

Scammers will try and piggyback on data breaches like this. They will create phishing emails, hoping to get victims to click on malicious links that could lead to more problems. You need to familiarize yourself with what phishing scams look like so you can avoid falling victim to one.


When our PCs work normally, we sometimes take them for granted. We recklessly fill up our hard drives with data, download files, install applications and browse the web as we please. But of course, all it takes is one installation of a malicious application to ruin your PC and worse, have all your information stolen.

The post 1.4 #billion #hacked #passwords leaked #online, now you’re at #risk appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Leaked ‘Orange Is the New Black’ Despite Receiving $50,000 Ransom

Source: National Cyber Security – Produced By Gregory Evans

A hacking group known as The Dark Overlord that has been terrorizing Hollywood in recent months reportedly received $50,000 in ransom money before leaking the latest season of the popular Netflix series Orange Is the New Black in May. Variety is reporting that the hacking collective confirmed that it demanded…

The post Hackers Leaked ‘Orange Is the New Black’ Despite Receiving $50,000 Ransom appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Netflix hackers that leaked Orange is the New Black season 5 list ‘hundreds of gigabytes’ more of stolen, unseen TV

Source: National Cyber Security – Produced By Gregory Evans

Netflix hackers that leaked Orange is the New Black season 5 list ‘hundreds of gigabytes’ more of stolen, unseen TV

An unfinished version of Orange is the New Black season 5 was leaked over the weekend, the episodes having apparently been stolen along with many others from Hollywood-based audio post-production company Larson Studios.

Hacking group The Dark Overlord was behind it, and is now threatening to make other new seasons of shows available for torrent.

TDO told DataBreaches.net it had discovered “hundreds of GBs of unreleased and non-public media”, from networks including FOX, IFC, NAT GEO and ABC.

“It’s nearly time to play another round,” it posted on Twitter shortly before time of writing, along with a list of the shows it claims to have stolen:

A Midsummers Nightmare – TV Movie

Above Suspicion – Film

Bill Nye Saves The World – TV Series

Breakthrough – TV Series

Brockmire – TV Series

Bunkd – TV Series

Celebrity Apprentice (The Apprentice) – TV Series

Food Fact or Fiction – TV Series

Handsome – Film

Hopefuls – TV Series

Hum – Short

It’s Always Sunny in Philadelphia – TV Series

Jason Alexander Project – TV Series

Liza Koshy Special – YoutubeRed

Lucha Underground – TV Series

Lucky Roll – TV Series

Making History ) – TV Series

Man Seeking Woman – TV Series

Max and Shred – TV Series

Mega Park – TV Series

NCIS Los Angeles – TV Series

New Girl – TV Series

Orange Is The New Black – TV Series

TDO appears to have stolen the shows in the hope of receiving a ransom fee. It apparently demanded 50 Bitcoin from Netflix (£54,700), a sum it said in a very colourful letter was “modest” in comparison to the amount the studio stands to lose from the leak.


The post Netflix hackers that leaked Orange is the New Black season 5 list ‘hundreds of gigabytes’ more of stolen, unseen TV appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures