Forwarded from BlackBox (Security) Archiv
Report: No-Log VPNs Exposed Users’ Logs and Personal Details for All to See
A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. This lack of basic security measures in an essential part of a cybersecurity product is not just shocking. It also shows a total disregard for standard VPN practices that put their users at risk.
The vpnMentor research team, led by Noam Rotem, uncovered the server and found Personally Identifiable Information (PII) data for potentially over 20 million VPN users, according to claims of user numbers made by the VPNs.
Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple instances of internet activity logs on their shared server. This was in addition to the PII data, which included email addresses, clear text passwords, IP addresses, home addresses, phone models, device ID, and other technical details.
The VPNs affected are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN – all of which appear to be connected by a common app developer and white-labeled for other companies.
👀 👉🏼 https://www.vpnmentor.com/blog/report-free-vpns-leak/
#vpn #breach #leak #cybersecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. This lack of basic security measures in an essential part of a cybersecurity product is not just shocking. It also shows a total disregard for standard VPN practices that put their users at risk.
The vpnMentor research team, led by Noam Rotem, uncovered the server and found Personally Identifiable Information (PII) data for potentially over 20 million VPN users, according to claims of user numbers made by the VPNs.
Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple instances of internet activity logs on their shared server. This was in addition to the PII data, which included email addresses, clear text passwords, IP addresses, home addresses, phone models, device ID, and other technical details.
The VPNs affected are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN – all of which appear to be connected by a common app developer and white-labeled for other companies.
👀 👉🏼 https://www.vpnmentor.com/blog/report-free-vpns-leak/
#vpn #breach #leak #cybersecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
vpnMentor
Report: No-Log VPNs Reveal Users' Personal Data and Logs
A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. This lack of basic security
Forwarded from BlackBox (Security) Archiv
Warner Music Group finds hackers compromised its online stores
NOTICE OF DATA BREACH
On August 5, 2020, we learned that an unauthorized third party had compromised a number of US-based e-commerce
websites WMG operates but that are hosted and supported by an external service provider. This allowed the unauthorized third party to potentially acquire a copy of the personal information you entered into one or more of the affected website(s) between April 25, 2020 and August 5, 2020.
While we cannot definitively confirm that your personal information was affected, it is possible that it might have been
as your transaction(s) occurred during the period of compromise. If it was, this might have exposed you to a risk of
fraudulent transactions being carried out using your details.
👀 👉🏼 https://assets.documentcloud.org/documents/7201631/Warner-Music-Group-Breach-Letter-BC.txt
👀 👉🏼 (PDF)
https://assets.documentcloud.org/documents/7201631/Warner-Music-Group-Breach-Letter-BC.pdf
👀 👉🏼 https://www.bleepingcomputer.com/news/security/warner-music-group-finds-hackers-compromised-its-online-stores/
#warner #music #breach #hackers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
NOTICE OF DATA BREACH
On August 5, 2020, we learned that an unauthorized third party had compromised a number of US-based e-commerce
websites WMG operates but that are hosted and supported by an external service provider. This allowed the unauthorized third party to potentially acquire a copy of the personal information you entered into one or more of the affected website(s) between April 25, 2020 and August 5, 2020.
While we cannot definitively confirm that your personal information was affected, it is possible that it might have been
as your transaction(s) occurred during the period of compromise. If it was, this might have exposed you to a risk of
fraudulent transactions being carried out using your details.
👀 👉🏼 https://assets.documentcloud.org/documents/7201631/Warner-Music-Group-Breach-Letter-BC.txt
👀 👉🏼 (PDF)
https://assets.documentcloud.org/documents/7201631/Warner-Music-Group-Breach-Letter-BC.pdf
👀 👉🏼 https://www.bleepingcomputer.com/news/security/warner-music-group-finds-hackers-compromised-its-online-stores/
#warner #music #breach #hackers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
A data fail left banks and councils exposed by a quick Google search
Details of more than 50,000 letters sent by banks and local authorities were left online for anyone to see
Private details relating to more than 50,000 letters sent out by banks and local authorities were indexed by Google after a London-based outsourcing firm left its system hopelessly exposed. Details about everything from insolvency to final reminders of unpaid council tax and mortgage holidays were left available for anyone to view since June.
Thousands of names and addresses – and the types of letters they were sent – were left exposed, affecting people in the UK, US and Canada. Virtual Mail Room, the firm responsible for the data breach, worked for clients including Metro Bank, 14 local councils, the publisher Pearson and insolvency specialist Begbies Traynor. The specific content of the letters sent to individuals were not visible.
The privacy breach raises doubts about the due diligence carried out by companies and local authorities using outsourced mailing services to handle sensitive customer data. It also comes at a particularly painful time, with many of the names and addresses contained in the breach belonging to people who have been hit hard financially by the pandemic. Such missteps could fall foul of GDPR, with data controllers and processors potentially facing fines totalling tens of millions of pounds. A spokesperson for the Information Commissioner’s Office, the UK’s data regulator, confirmed it was aware of the incident and was making enquiries.
The details exposed by the breach are hugely personal. Amongst the tranche of exposed personal data were the names and addresses of 6,500 customers of Aldermore Bank. The back-end system left exposed reveals which customers received pre-delinquency and remediation letters. A spokesperson for the bank says it is investigating the issue. Elsewhere, more than 250 Metro Bank customers were identified with their company name and address. A Metro Bank spokesperson says the company has “temporarily suspended sharing data” with Virtual Mail Room as a precautionary measure while its investigation continues.
👀 👉🏼 https://www.wired.co.uk/article/virtual-mail-room-data-breach
#virtual #mail #room #privacy #breach #uk #canada #usa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Details of more than 50,000 letters sent by banks and local authorities were left online for anyone to see
Private details relating to more than 50,000 letters sent out by banks and local authorities were indexed by Google after a London-based outsourcing firm left its system hopelessly exposed. Details about everything from insolvency to final reminders of unpaid council tax and mortgage holidays were left available for anyone to view since June.
Thousands of names and addresses – and the types of letters they were sent – were left exposed, affecting people in the UK, US and Canada. Virtual Mail Room, the firm responsible for the data breach, worked for clients including Metro Bank, 14 local councils, the publisher Pearson and insolvency specialist Begbies Traynor. The specific content of the letters sent to individuals were not visible.
The privacy breach raises doubts about the due diligence carried out by companies and local authorities using outsourced mailing services to handle sensitive customer data. It also comes at a particularly painful time, with many of the names and addresses contained in the breach belonging to people who have been hit hard financially by the pandemic. Such missteps could fall foul of GDPR, with data controllers and processors potentially facing fines totalling tens of millions of pounds. A spokesperson for the Information Commissioner’s Office, the UK’s data regulator, confirmed it was aware of the incident and was making enquiries.
The details exposed by the breach are hugely personal. Amongst the tranche of exposed personal data were the names and addresses of 6,500 customers of Aldermore Bank. The back-end system left exposed reveals which customers received pre-delinquency and remediation letters. A spokesperson for the bank says it is investigating the issue. Elsewhere, more than 250 Metro Bank customers were identified with their company name and address. A Metro Bank spokesperson says the company has “temporarily suspended sharing data” with Virtual Mail Room as a precautionary measure while its investigation continues.
👀 👉🏼 https://www.wired.co.uk/article/virtual-mail-room-data-breach
#virtual #mail #room #privacy #breach #uk #canada #usa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
WIRED UK
A data fail left banks and councils exposed by a quick Google search
Details of more than 50,000 letters sent by banks and local authorities were left online for anyone to see
Forwarded from BlackBox (Security) Archiv
Get this - there is a Bitcoin wallet with 69,000 Bitcoins ($693,207,618) that is being passed around between hackers/crackers for the past 2 years for the purpose of cracking the password, no success so far.
👀 👉🏼 https://twitter.com/UnderTheBreach/status/1303316723186139136
#wallet #bitcoin #breach #hack #whynot
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
👀 👉🏼 https://twitter.com/UnderTheBreach/status/1303316723186139136
#wallet #bitcoin #breach #hack #whynot
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
Shopify discloses security incident caused by two rogue employees
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.
Online e-commerce giant Shopify is working with the FBI and other law enforcement agencies to investigate a security breach caused by two rogue employees.
The company said two members of its support team accessed and tried to obtain customer transaction details from Shopify shop owners (merchants).
Shopify estimated the number of stores that might be affected by the employees' actions at less than 200. The company boasted more than one million registered merchants in its latest quarterly filings.
The e-commerce giant said the incident is not the result of a vulnerability in its platform but the actions of rogue employees.
"We immediately terminated these individuals' access to our Shopify network and referred the incident to law enforcement," the company said in a prepared statement. "We are currently working with the FBI and other international agencies in their investigation of these criminal acts."
An investigation into the security breach is still in its early phases. Shopify promised to notify impacted merchants and customers as relevant.
👀 👉🏼 https://community.shopify.com/c/Shopify-Discussion/Incident-Update/m-p/888971
👀 👉🏼 https://www.zdnet.com/article/shopify-discloses-security-incident-caused-by-two-rogue-employees
#fbi #breach #shopify #security #incident
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.
Online e-commerce giant Shopify is working with the FBI and other law enforcement agencies to investigate a security breach caused by two rogue employees.
The company said two members of its support team accessed and tried to obtain customer transaction details from Shopify shop owners (merchants).
Shopify estimated the number of stores that might be affected by the employees' actions at less than 200. The company boasted more than one million registered merchants in its latest quarterly filings.
The e-commerce giant said the incident is not the result of a vulnerability in its platform but the actions of rogue employees.
"We immediately terminated these individuals' access to our Shopify network and referred the incident to law enforcement," the company said in a prepared statement. "We are currently working with the FBI and other international agencies in their investigation of these criminal acts."
An investigation into the security breach is still in its early phases. Shopify promised to notify impacted merchants and customers as relevant.
👀 👉🏼 https://community.shopify.com/c/Shopify-Discussion/Incident-Update/m-p/888971
👀 👉🏼 https://www.zdnet.com/article/shopify-discloses-security-incident-caused-by-two-rogue-employees
#fbi #breach #shopify #security #incident
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Shopify
Incident Update
Recently, Shopify became aware of an incident involving the data of less than 200 merchants. We immediately launched an investigation to identify the issue--and impact--so we could take action and notify the affected merchants. Our investigation determined…
Forwarded from BlackBox (Security) Archiv
Federal Agency Compromised by Malicious Cyber Actor
The Cybersecurity and Infrastructure Security Agency (CISA) responded to a recent threat actor’s cyberattack on a federal agency’s enterprise network. By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.
💡 For a downloadable copy of IOCs, see:
https://us-cert.cisa.gov/sites/default/files/publications/AR20-268A.stix.xml
👀 👉🏼 https://us-cert.cisa.gov/ncas/analysis-reports/ar20-268a
👀 👉🏼 https://www.zdnet.com/article/cisa-says-a-hacker-breached-a-federal-agency
#cisa #hacker #breach #breached #federal #agency
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
The Cybersecurity and Infrastructure Security Agency (CISA) responded to a recent threat actor’s cyberattack on a federal agency’s enterprise network. By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.
💡 For a downloadable copy of IOCs, see:
https://us-cert.cisa.gov/sites/default/files/publications/AR20-268A.stix.xml
👀 👉🏼 https://us-cert.cisa.gov/ncas/analysis-reports/ar20-268a
👀 👉🏼 https://www.zdnet.com/article/cisa-says-a-hacker-breached-a-federal-agency
#cisa #hacker #breach #breached #federal #agency
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
U.S.A. cybersecurity firm FireEye discloses breach, theft of internal hacking tools
FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that is has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking tools typically reserved to privately test the cyber defenses of their own clients
https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
#FireEye #hacked #breach
FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that is has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking tools typically reserved to privately test the cyber defenses of their own clients
https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
#FireEye #hacked #breach
U.S.
U.S. cybersecurity firm FireEye discloses breach, theft of internal hacking tools
FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that is has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking tools typically reserved to privately test the cyber defenses…
Forwarded from BlackBox (Security) Archiv
Another huge data breach, another stony silence from Facebook
The social media giant is still a law unto itself. Can anybody hold it to account?
Half a billion Facebook users’ accounts stolen. Personal information compromised. Telephone numbers and birth dates drifting across the internet being used for God knows what. And for four days, from Facebook’s corporate headquarters, nothing but silence.
If this sounds familiar, it’s because it is. This week saw reports of a massive new Facebook breach and everything about it, from Facebook’s denials of the words “data” and “breach” to its repeated refusal to answer journalists’ questions, has been uncannily reminiscent of the Cambridge Analytica scandal.
Three years on, “Cambridge Analytica” is a byword for mass-data abuse, Facebook has been fined billions of dollars for failing to protect users’ data and... not a thing has changed. If ever there were a moment to understand how profoundly all systems of accountability have failed, and continued to fail, it is this.
Last week Nick Clegg, vice president of global affairs at Facebook, admitted on The Verge website that the Cambridge Analytica scandal had “rocked Facebook right down to its foundations”. And yet it has learned nothing. It has paid no real price (the record $5 billion fine it paid to the Federal Trade Commission (FTC) is literally no price at all to Facebook), suffered no real consequences, and failed to answer any questions over the involvement of its executives.
https://www.theguardian.com/technology/2021/apr/11/another-huge-data-breach-another-stony-silence-from-facebook
#facebook #DeleteFacebook #data #breach #comment #thinkabout
📡 @nogoolag 📡 @blackbox_archiv
The social media giant is still a law unto itself. Can anybody hold it to account?
Half a billion Facebook users’ accounts stolen. Personal information compromised. Telephone numbers and birth dates drifting across the internet being used for God knows what. And for four days, from Facebook’s corporate headquarters, nothing but silence.
If this sounds familiar, it’s because it is. This week saw reports of a massive new Facebook breach and everything about it, from Facebook’s denials of the words “data” and “breach” to its repeated refusal to answer journalists’ questions, has been uncannily reminiscent of the Cambridge Analytica scandal.
Three years on, “Cambridge Analytica” is a byword for mass-data abuse, Facebook has been fined billions of dollars for failing to protect users’ data and... not a thing has changed. If ever there were a moment to understand how profoundly all systems of accountability have failed, and continued to fail, it is this.
Last week Nick Clegg, vice president of global affairs at Facebook, admitted on The Verge website that the Cambridge Analytica scandal had “rocked Facebook right down to its foundations”. And yet it has learned nothing. It has paid no real price (the record $5 billion fine it paid to the Federal Trade Commission (FTC) is literally no price at all to Facebook), suffered no real consequences, and failed to answer any questions over the involvement of its executives.
https://www.theguardian.com/technology/2021/apr/11/another-huge-data-breach-another-stony-silence-from-facebook
#facebook #DeleteFacebook #data #breach #comment #thinkabout
📡 @nogoolag 📡 @blackbox_archiv
the Guardian
Another huge data breach, another stony silence from Facebook | Carole Cadwalladr
The social media giant is still a law unto itself. Can anybody hold it to account?
India is the sixth most data-breached country in world, says study by cybersecurity firm
India is the sixth most breached country in the world, since the first recorded digital attacks in 2004, according to a study released by Netherlands-based cybersecurity company Surfshark Monday. This means that 18 out of every 100 Indians had their personal contact details breached since 2004, the study noted.
https://theprint.in/india/india-is-the-sixth-most-data-breached-country-in-world-says-study-by-cybersecurity-firm/995215/
#India #data #breach
India is the sixth most breached country in the world, since the first recorded digital attacks in 2004, according to a study released by Netherlands-based cybersecurity company Surfshark Monday. This means that 18 out of every 100 Indians had their personal contact details breached since 2004, the study noted.
https://theprint.in/india/india-is-the-sixth-most-data-breached-country-in-world-says-study-by-cybersecurity-firm/995215/
#India #data #breach
ThePrint
India is the sixth most data-breached country in world, says study by cybersecurity firm
Netherlands-based firm Surfshark says 18 out of 100 Indians have been affected by data breaches since first recorded digital attack in 2004, indicating steady rise in cybercrime.