Report: Indian e-Payments App Exposes Millions of Users in Massive Data Breach

Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a massive amount of incredibly sensitive financial data connected to India’s mobile payment app BHIM that was exposed to the public.

The website was being used in a campaign to sign large numbers of users and business merchants to the app from communities across India. All related data from this campaign was being stored on a misconfigured Amazon Web Services S3 bucket and was publicly accessible.

The scale of the exposed data is extraordinary, affecting millions of people all over India and exposing them to potentially devastating fraud, theft, and attack from hackers and cybercriminals.

👀 Data Breach Summary 👀

Company/Website: http://cscbhim.in/
Located: India
Industry: Mobile banking; e-payments; personal finance
Size of data in gigabytes: 409 GB
Suspected no. of records: ~7.26 million
No. of people exposed: Millions
Geographical scope: Nationwide across India
Types of data exposed: PII data
Potential impact: Identity theft, fraud, theft, viral attacks
Data storage format: AWS S3 bucket

👉🏼 Read more:
https://www.vpnmentor.com/blog/report-csc-bhim-leak/

#BHIM #india #data #brach #leak #epayment #app
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Millions of Telegram Users’ Data Exposed on Darknet

Telegram’s built-in contact import feature was exploited to leak the personal data of millions of users onto the darknet.

Telegram, a major privacy-focused messaging app, has suffered a data leak that exposed some personal data of its users on the darknet.

A database containing the personal data of millions of Telegram users has been posted on a darknet forum. The issue was first reported by Russian-language tech publication Kod.ru on Tuesday.

According to the report, the database contains phone numbers and unique Telegram user IDs. It remains unclear exactly how many users' data was leaked while the database file is about 900 megabytes.

About 40% of entries in the database should be relevant
Telegram has reportedly acknowledged the existence of the leaked database to Kod.ru. The database was collected through exploiting Telegram’s built-in contacts import feature at registration, Telegram reportedly said.

Telegram noted that the data in the leaked database is mostly outdated. According to the report, 84% of data entries in the database were collected before mid-2019. As such, at least 60% of the database is outdated, Telegram declared in the report.

Additionally, 70% of leaked accounts came from Iran, while the remaining 30% were based in Russia.

https://kod.ru/darknet-sliv-baza-telegram-jun2020/

👉🏼 Read more:
https://cointelegraph.com/news/millions-of-telegram-userss-data-exposed-on-darknet

#tg #telegram #leak #breach #database #exposed #darknet
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Hacker breaches security firm in act of revenge

Hacker claims to have stolen more than 8,200 databases from a security firm's data leak monitoring service.

A hacker claims to have breached the backend servers belonging to a US cyber-security firm and stolen information from the company's "data leak detection" service.

The hacker says the stolen data includes more than 8,200 databases containing the information of billions of users that leaked from other companies during past security breaches.

The databases have been collected inside DataViper, a data leak monitoring service managed by Vinny Troia, the security researcher behind Night Lion Security, a US-based cyber-security firm.

👀 👉🏼 https://www.zdnet.com/article/hacker-breaches-security-firm-in-act-of-revenge/

👀 👉🏼 https://gist.github.com/campuscodi/226b0758e08592df2e5d898979d1da17

#DataViper #leak #breach #hacked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

AssangeLeaks

DDoSecrets Announcement About This Folder

With the Justice Department's superseding indictment against Assange, public access to the evidence becomes critical. The documents in this file illuminate that case and illustrate how WikiLeaks operates behind closed doors. AssangeLeaks is not for or against Julian Assange or WikiLeaks, and is only interested in the evidence.

👀 👉🏼 https://assangeleaks.org/

#DDoSecrets #leak #Assange #FreeAssange
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Report: No-Log VPNs Exposed Users’ Logs and Personal Details for All to See

A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. This lack of basic security measures in an essential part of a cybersecurity product is not just shocking. It also shows a total disregard for standard VPN practices that put their users at risk.

The vpnMentor research team, led by Noam Rotem, uncovered the server and found Personally Identifiable Information (PII) data for potentially over 20 million VPN users, according to claims of user numbers made by the VPNs.

Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple instances of internet activity logs on their shared server. This was in addition to the PII data, which included email addresses, clear text passwords, IP addresses, home addresses, phone models, device ID, and other technical details.

The VPNs affected are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN – all of which appear to be connected by a common app developer and white-labeled for other companies.

👀 👉🏼 https://www.vpnmentor.com/blog/report-free-vpns-leak/

#vpn #breach #leak #cybersecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

OnePlus accidentally leaks emails of hundreds of customers in an research email.

👀 👉🏼 https://twitter.com/itsRith/status/1286399727572000769

#oneplus #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Malaysian Navy Documents Uploaded on the Dark Web by Hackers

Documents belonging to the Royal Malaysian Navy have been breached and posted on the dark web although the Malaysian military has dismissed the data as obsolete

When we speak about the numerous cyberattacks that have been orchestrated in brazen campaigns of late, one thing stands out – threat actors breach an organization’s system to access critical files through a loophole, which then exposes the entire system to the attackers.

Although recent times have seen the hacking of victims such as Garmin who ended up parting with millions of dollars for ransom, it appears that threat actors have not restricted their sights to private sector entities – the Royal Malaysian Navy is the latest victim.

Media reports have intimated that about 70 documents belonging to Malaysian Navy were accessed by unknown hackers who uploaded them to a darknet platform.

According to Singapore’s English-language daily newspaper The Straits Times, it turns out that the affected documents were sourced from different threat actors who breached the communication channels belonging to the Malaysian military – including personnel email accounts.

While the newspaper reported the uncertainty to whether the hackers intended to sell the uploaded documents, it was revealed that the affected information touched on details concerning the strength of the Malaysian Navy.

👀 👉🏼
https://www.freemalaysiatoday.com/category/nation/2020/08/17/navy-documents-leaked-on-dark-web-claims-report/

👀 👉🏼 (Tor-Browser)
http://tapeucwutvne7l5o.onion/malaysian-navy-documents-uploaded-on-the-dark-web-by-hackers

#malaysia #navy #hackers #leak #darkweb
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The Internet’s Biggest Webmaster Forum Had a Data Breach

Another day and another big data leak. On July 1st the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained records of the internet’s largest webmaster portal. Upon further research it appeared that Digital Point had leaked the data of 863,412 users.

Digital Point claims to be the world’s biggest webmaster forum and marketplace for web related services. The forum lets people buy and sell websites, SEO, and a wide range of services. The site caters to those individuals who maintain or create websites either for themselves or customers.

👀 👉🏼 Data Breach Summary:
https://www.websiteplanet.com/blog/digitalpoint-leak-report/

#digitalpoint #leak #report
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Major German shopping site leaks customer data

A publicly-listed multinational retailer with millions of dollars in annual revenues was discovered to be operating a completely unsecured server, thereby publicly exposing private data belonging to around 700,000 of its customers.

Our Security team, led by Anurag Sen, discovered a vulnerable and unsecured server containing more than 6 terabytes of data operated by German company windeln.de.

Our team detected the breach on 13 June 2020 and estimates that the server vulnerability was exposed on the Internet on 11 June 2020.

The ElasticSearch server and its vulnerability were discovered during a routine check of IP addresses on particular ports. Our team found that the server was completely unsecured and publicly exposed without a password – meaning that anyone in possession of the server’s IP address could access the entire database.

We tried to reach out to Windeln.de, but nobody ever got back to us. We then contacted the German CERT, so they could inform the company about the data leak. A few days later, the server got secured.

👀 👉🏼 https://www.safetydetectives.com/blog/windeln-leak-report/

#windeln #germany #vulnerability #leak #data #dataleak #customers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Bitwarden leaks passwords to other subdomains

Today I was on a domain that should only be available via BasicAuth. Then I was really scared when I did not have to login. Even in incognito mode the page was visible without login. Is my BasicAuth broken? Turns out: No, but @Bitwarden has automatically logged in for me.

👀 👉🏼 https://nitter.net/RitzmannMarkus/status/1307614248835731456

#bitwarden #leak #password #subdomains
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Airbnb may be exposing private host inbox messages, bookings and earnings data

Airbnb hosts report that they are able to access inboxes that do not belong to them.

Airbnb may be at the heart of a severe security incident as hosts report they are able to inadvertently access private inboxes that are unrelated to their accounts.

On Thursday, Airbnb hosts flooded Reddit, querying the sudden appearance of inboxes that do not belong to them when they signed into the service.

👀 👉🏼 https://www.reddit.com/r/AirBnB/comments/iz26du/airbnb_host_login_shows_me_other_peoples_inboxes/

👀 👉🏼 https://www.zdnet.com/article/airbnb-security-incident-may-be-leaking-host-inbox-messages-bookings-information

👀 👉🏼 🇩🇪 https://www.golem.de/news/datenleck-airbnb-gibt-gastgebern-zugriff-auf-fremde-postfaecher-2009-151125.html

#airbnb #security #incident #leaked #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How to compile Windows Server 2003 - and compile Windows XP, (part 1)

From source code to ISO. Sit back, relax, and witness the miracle of creating a new build of Windows :)
Just to be clear from the start: As of now, there is NO way to completely compile Windows from the Source code, as it lacks some stuff... However, this is pretty close.

👀 👉🏼 https://nitter.net/NTDEV_/

https://invidious.snopyta.org/watch?v=bO0daYbti5g

👀 👉🏼 Compiling Windows XP, part 1
https://invidious.snopyta.org/watch?v=8IyW-bwGQTQ

#windows #compiling #sourcecode #leak #video #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Caution: Norton VPN only protects with IPv6 disabled.

Norton now also provides VPN in its security product suites - a great feature, shamefully implemented.

Security Suites are not opened very often - so after one year of abstinence I was surprised that a VPN button suddenly appeared. You can freely choose the desired IP region, the performance is good, the connection is established super fast, everything just a click away - thanks Norton! And then the disappointment: Yes, the IPv4 address changes - the IPv6 address remains untouched. And with that the protection is just above zero! The real cheek: Not a word about it from Norton, no hint how to prevent IPv6 leaks. Very weak Symantec.

👀 👉🏼 Translated with DeepL:
https://www.tutonaut.de/vorsicht-norton-vpn-schuetzt-nur-mit-ipv6-deaktivierung/

#norton #vpn #ipv6 #leak #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

👇🏼 Dataleak (zip) from 2,000,000 Million Members of 🇨🇳☭ Chinese Communist Party (Shanghai Clique) 👇🏼

A major leak containing a register with the details of nearly two million CCP members has occurred – exposing members who are now working all over the world, while also lifting the lid on how the party operates under Xi Jinping, says Sharri Markson.

Ms Markson said the leak is a register with the details of Communist Party members, including their names, party position, birthday, national ID number and ethnicity.

“It is believed to be the first leak of its kind in the world,” the Sky News host said.

https://telegra.ph/Major-leak-exposes-members-and-lifts-the-lid-on-the-Chinese-Communist-Party--Sky-News-Australia-12-13

#leak #china #xi #communist #party #shanghai #clique #zip
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

https://nitter.net/antiproprietary/status/1339166805068312578

#China #ccp #leak

70TB of Parler users’ messages, videos, and posts leaked by security researchers

Parler, a social network used to plan the storming of the U.S. Capitol last week, has been hit by a massive data scrape. Security researchers collected swaths of user data before the network went dark Monday morning after Amazon, Google, and Apple booted the platform.

The scrape includes user profile data, user information, and which users had administration rights for specific groups within the social network. Twitter user @donk_enby, who first announced about the scrape, claims that over a million video URLs, some deleted and private, were taken.

“These are original, unprocessed, raw files as uploaded to Parler with all associated metadata,” claims one of the authors.

Security researchers claim that the scrapped posts are linked to accounts that posted them, and some of the video and image data have geolocation information. That is said also to include data from Parler’s “Verified Citizens,” users of the network who verified their identity by uploading photographs of government-issued IDs, such as a driver’s license.

https://cybernews.com/news/70tb-of-parler-users-messages-videos-and-posts-leaked-by-security-researchers/

https://nitter.net/donk_enby/status/1348281459031814146

#parler #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Facebook does not plan to notify half-billion users affected by data leak

(Reuters) - Facebook Inc did not notify the more than 530 million users whose details were obtained through the misuse of a feature before 2019 and recently made public in a database, and does not currently have plans to do so, a company spokesman said on Wednesday.

Business Insider reported last week that phone numbers and other details from user profiles were available in a public database. Facebook said in a blog post on Tuesday that “malicious actors” had obtained the data prior to September 2019 by “scraping” profiles using a vulnerability in the platform’s tool for synching contacts.

The Facebook spokesman said the social media company was not confident it had full visibility on which users would need to be notified. He said it also took into account that users could not fix the issue and that the data was publicly available in deciding not to notify users. Facebook has said it plugged the hole after identifying the problem at the time.

The scraped information did not include financial information, health information or passwords, Facebook said. However, the collated data could provide valuable information for hacks or other abuses.

Facebook, which has long been under scrutiny over how it handles user privacy, in 2019 reached a landmark settlement with the U.S. Federal Trade Commission over its investigation into allegations the company misused user data.

Ireland’s Data Protection Commission, the European Union’s lead regulator for Facebook, said on Tuesday it had contacted the company about the data leak. It said it received “no proactive communication from Facebook” but was now in contact.

The July 2019 FTC settlement requires Facebook to report details about unauthorized access to data on 500 or more users within 30 days of confirming an incident.

The Facebook spokesman declined to comment on the company’s conversations with regulators but said it was in contact to answer their questions.

https://www.reuters.com/article/us-facebook-data-leak/facebook-does-not-plan-to-notify-half-billion-users-affected-by-data-leak-idUSKBN2BU2ZY

#facebook #DeleteFacebook #data #leak #database #thinkabout
📡 @nogoolag 📡 @blackbox_archiv

Nov 13 (12 days before #Omicron was announced): Initial Reports Coming Out of China Indicate There Was a New COVID-19 #Lab #Leak at University in #Shanghai

“Allegedly, laboratory workers tested positive for COVID-19 after conducting experiments involving the insertion of COVID-19 genetic material into the bacterium #E.coli as an expression vector for COVID-19 proteins.”

https://www.thegatewaypundit.com/2021/11/breaking-initial-reports-coming-china-indicate-new-covid-19-lab-leak-university-shanghai/

@ChiefNerd