Average American had personal data stolen at least 4 times last year, report says

Over the past decade or so you’ve probably noticed the increasing frequency of major data breaches around the world. There have been at least 200 documented data breaches since 2005, and the number of records exposed is only on the rise as more folks move their lives online. With more people transitioning facets of their lives online in the context of the “stay home” orders of the 2020 pandemic, these numbers of are sure to climb even higher in years to come.

It’s impossible to know the impact and extent to which data breaches are occurring as many almost certainly go unreported. Here are some of the data breaches we analyzed in our research:

👉🏼 Read more:
https://www.interest.com/personal-finance/the-average-american-had-personal-information-stolen-at-least-4-times-in-2019/

https://en.wikipedia.org/wiki/List_of_data_breaches

https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/

https://theweek.com/articles/730439/have-almost-certainly-been-hacked

#USA #hacked #breach #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

The entire database is being sold for $30,000 on a hacker forum.

Last month a hacker was selling 267 million Facebook user data on a dark web marketplace. Now, a hacker or call them a threat actor is claiming to have access to a database with 500 million Facebook user data from 82 countries.

What’s worse is that the data is currently being sold on an infamous hacking forum, Hackread.com has learned.

As seen on the forum, the hacker has been offering the treasure trove of data since May 15th, 2020 and includes personal information such as,

Names
Gender
location
City name
Surnames
Actual job
Marital status
Mobile number
Email addresses
Facebook profile links

Furthermore, the hacker has divided the price of the data into three parts, for instance, $1500 per million, $450 per 100,000, and $30,000 for 500 million for the entire database. The listing also states that the information in the database was stolen between November 2019 to May 2020.

👉🏼 Read more:
https://www.hackread.com/hacker-selling-500-million-facebook-user-data/

https://www.hackread.com/hacker-forum-sell-267-million-facebook-records/

#hacker #hacked #breach #facebook #DeleteFacebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

The A1 Telekom Austria Hack - they came in through the web shells

On the 3rd of February 2020 I received an encrypted email on 3 of my email addresses from a person calling themself "Libertas" with the subject "Information for the public".

"I am writing to you today because you seem to be a IT security related guy from Austria with a brain. I hope this assumption is correct, otherwise please disregard this message.

I am writing concerning your local telecom company A1 Telekom. -Libertas"

At first I thought it's some conspiracy theorist who wants to publish something on my blog (they always do) but it was not one of these cases and I wasn't prepared to what they presented me.

Disclaimer:

After confirming the hack with A1 I was asked to postpone the publishing of this post until A1 has kicked the attackers out. I complied with their request so I wouldn't interfere with the ongoing investigation. Since I did not publish this post for months the whistleblower also contacted a journalist from Heise.de and we agreed to release our articles at the same time.

Since I have no way of checking the validity of individual statements made by the whistleblower, they could all be fabricated. I find them very plausible and many details of the email were confirmed by A1 but keep it in the back of your head that the statements of "Libertas" might be untrue or half-true until confirmed by A1 Telekom. Since I had the opportunity to talk to people from A1 I will add their statements in blue.

👉🏼 Read more:
https://blog.haschek.at/2020/the-a1-telekom-hack.html

👉🏼 Read more 🇩🇪:
https://www.golem.de/news/oesterreich-hackerangriff-bei-a1-telekom-2006-148984.html

#austria #telekom #hack #hacked #Libertas
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Anonymous Hackers Target TikTok: ‘Delete This Chinese Spyware Now’

“Delete TikTok now,” the account tweeted today, July 1, “if you know someone that is using it, explain to them that it is essentially malware operated by the Chinese government running a massive spying operation.”

https://twitter.com/YourAnonCentral/status/1278204068175818752?s=20

https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/

#anonymous #hacked #TikTok #DeleteTikTok
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Hacker breaches security firm in act of revenge

Hacker claims to have stolen more than 8,200 databases from a security firm's data leak monitoring service.

A hacker claims to have breached the backend servers belonging to a US cyber-security firm and stolen information from the company's "data leak detection" service.

The hacker says the stolen data includes more than 8,200 databases containing the information of billions of users that leaked from other companies during past security breaches.

The databases have been collected inside DataViper, a data leak monitoring service managed by Vinny Troia, the security researcher behind Night Lion Security, a US-based cyber-security firm.

👀 👉🏼 https://www.zdnet.com/article/hacker-breaches-security-firm-in-act-of-revenge/

👀 👉🏼 https://gist.github.com/campuscodi/226b0758e08592df2e5d898979d1da17

#DataViper #leak #breach #hacked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Massive Bitcoin fraud wave rolls over Twitter

Do not send Bitcoins! They will certainly not be doubled.

Prominent Twitter accounts such as those of Bill Gates, Elon Musk, Jeff Bezos, Joe Biden, Apple and Uber currently promise to double Bitcoins sent to certain wallets. Numerous crypto currency exchanges also tweet similar "invitations". Some refer to an alleged "Crypto for Health" campaign.

This is a large-scale fraud attempt. The most likely scenario at present is a security hole in Twitter, which allows the perpetrators to access numerous, perhaps even all, Twitter accounts. Therefore, it cannot be ruled out that the perpetrators will send less conspicuous tweets to any Twitter account. Now, special caution is required when interpreting tweets.

👉🏼 👀 🇬🇧 https://www.coindesk.com/hackers-take-over-prominent-crypto-twitter-accounts-in-simultaneous-attack

https://twitter.com/TwitterSupport/status/1283518038445223936

👀 👉🏼 🇩🇪 https://www.heise.de/news/Massive-Bitcoin-Betrugswelle-ueberrollt-Twitter-4844911.html

#twitter #fraud #bitcoin #hacked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Hackers Convinced Twitter Employee to Help Them Hijack Accounts

After a wave of account takeovers, screenshots of an internal Twitter user administration tool are being shared in the hacking underground.

A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts.

On Wednesday, a spike of high profile accounts including those of Joe Biden, Elon Musk, Bill Gates, Barack Obama, Uber, and Apple tweeted cryptocurrency scams in an apparent hack.

"We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.

The accounts were taken over using an internal tool at Twitter, according to the sources, as well as screenshots of the tool obtained by Motherboard. One of the screenshots shows the panel and the account of Binance; Binance is one of the accounts that hackers took over today. According to screenshots seen by Motherboard, at least some of the accounts appear to have been compromised by changing the email address associated with them using the tool.

👀 👉🏼 https://www.vice.com/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos

#twitter #fraud #bitcoin #hacked #insider
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Exclusive: More than 1,000 people at Twitter had ability to aid hack of accounts

More than a thousand Twitter employees and contractors as of earlier this year had access to internal tools that could change user account settings and hand control to others, two former employees said, making it hard to defend against the hacking that occurred last week.

Twitter Inc and the FBI are investigating the breach that allowed hackers to repeatedly tweet from verified accounts of the likes of Democratic presidential candidate Joe Biden, billionaire philanthropist Bill Gates, Tesla Chief Executive Elon Musk and former New York Mayor Mike Bloomberg.

Twitter said on Saturday that the perpetrators "manipulated a small number of employees and used their credentials" to log into tools and turn over access to 45 accounts. here On Wednesday, it said that the hackers could have read direct messages to and from 36 accounts but did not identify the affected users.

The former employees familiar with Twitter security practices said that too many people could have done the same thing, more than 1,000 as of earlier in 2020, including some at contractors like Cognizant.

Twitter declined to comment on that figure and would not say whether the number declined before the hack or since. The company was looking for a new security head, working to better secure its systems and training employees on resisting tricks from outsiders, Twitter said. Cognizant did not respond to a request for comment.

“That sounds like there are too many people with access,” said Edward Amoroso, former chief security officer at AT&T. Responsibilities among the staff should have been split up, with access rights limited to those responsibilities and more than one person required to agree to make the most sensitive account changes. “In order to do cyber security right, you can’t forget the boring stuff.”

Threats from insiders, especially lower-paid outside support staff, are a constant worry for companies serving large numbers of users, cyber security experts said. They said that the greater the number of people who can change key settings, the stronger oversight must be.

👀 👉🏼 https://www.reuters.com/article/us-twitter-cyber-access-exclusive/exclusive-more-than-1000-people-at-twitter-had-ability-to-aid-hack-of-accounts-idUSKCN24O34E

#twitter #fraud #bitcoin #hacked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

A vigilante hacker is sabotaging the Emotet botnet by replacing malware payloads with GIFs

Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure.

An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected.

The sabotage, which started three days ago, on July 21, has grown from a simple joke to a serious issue impacting a large portion of the Emotet operation.

According to Cryptolaemus, a group of white-hat security researchers tracking the Emotet botnet, the vigilante is now poisoning around a quarter of all Emotet's payload downloads.

👀 👉🏼 https://www.zdnet.com/article/a-vigilante-is-sabotaging-the-emotet-botnet-by-replacing-malware-payloads-with-gifs/

#emotet #hacked #malware #botnet #Cryptolaemus
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

REPORT OF THE SELECT COMMITTEE ON INTELLIGENCE

UNITED STATES SENATE ON RUSSIAN ACTIVE MEASURES CAMPAIGNS AND INTERFERENCE IN THE 2016 U.S. ELECTION

VOLUME 5: COUNTERINTELLIGENCE THREATS AND VULNERABILITIES

👀 👉🏼 PDF (966 pages): https://kryptosjournal.com/uploads/1/3/2/3/132343488/472862136-senate-intel-report-volume5.pdf

👀 👉🏼 https://thehill.com/policy/national-security/512526-manafort-shared-campaign-info-with-russian-intelligence-officer

👀 👉🏼 Report: Trump campaign’s Russia contacts a ‘grave’ threat
https://t.me/BlackBox_Archiv/1107

#usa #russia #hacking #hacker #hacked #ToddlerTrump #elections #counterintelligence #pdf #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Trump Twitter Account Hacked (2016) by Dutch Hackers With The Password "Yourefired"

👀 👉🏼 https://www.reddit.com/r/worldnews/comments/iqnjcu/trump_twitter_account_hacked_by_dutch_hackers/

👀 👉🏼 https://nos.nl/artikel/2347694-nederlandse-hackers-schrokken-toen-ze-trumps-twitteraccount-binnendrongen.html

👀 👉🏼 https://www.vn.nl/tijdlijn-zo-verliep-de-hack-van-trump/

#trump #ToddlerTrump #twitter #hacked #dutch #hackers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

DHS Admits Facial Recognition Photos Were Hacked, Released on Dark Web

Traveler’s faces, license plates, and care information were hacked from a subcontractor called Perceptics and released on the dark web.

The Department of Homeland Security (DHS) finally acknowledged Wednesday that photos that were part of a facial recognition pilot program were hacked from a Customs and Border Control subcontractor and were leaked on the dark web last year.

Among the data, which was collected by a company called Perceptics, was a trove of traveler’s faces, license plates, and care information. The information made its way to the Dark Web, despite DHS claiming it hadn’t. In a newly released report about the incident, the DHS Office of Inspector General admitted that 184,000 images were stolen and at least 19 of them were posted to the Dark Web.

https://www.vice.com/en_us/article/m7jzbb/dhs-admits-facial-recognition-photos-were-hacked-released-on-dark-web

#US #DHS #face #recognition #photos #hacked

Crypto crime - KuCoin: Hackers steal 150 million US dollars from Bitcoin stock exchange

The Bitcoin exchange KuCoin has become the victim of a hacker attack. According to estimates, 150 to 200 million US dollars disappeared. Most of the money is said to have already been recovered.

The Bitcoin exchange KuCoin has announced that it became the victim of a hacker attack on September 26. Mainly Bitcoin (BTC), Ether (ETH) and ERC 20 tokens were acquired by the attackers on their raid. The exchange did not explicitly comment on the amount of damage and reassured that it was a small part of the exchange's total capital. According to external estimates, however, crypto-values of 150 to 200 million US dollars (USD) were apparently lost in the process.

👀 👉🏼 https://nitter.net/kucoincom/status/1309689557206491137

👀 👉🏼 🇩🇪 https://www.btc-echo.de/kucoin-hacker-stehlen-150-millionen-us-dollar-von-bitcoin-boerse/

#KuCoin #bitcoin #exchange #hacker #hacked #attack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

We Hacked Apple for 3 Months: Here’s What We Found

Between the period of July 6th to October 6th myself, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes worked together and hacked on the Apple bug bounty program.

During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources.

There were a total of 55 vulnerabilities discovered with 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity reports. These severities were assessed by us for summarization purposes and are dependent on a mix of CVSS and our understanding of the business related impact.

As of October 6th, 2020, the vast majority of these findings have been fixed and credited. They were typically remediated within 1-2 business days (with some being fixed in as little as 4-6 hours).

👀 👉🏼 https://samcurry.net/hacking-apple/

#apple #hacking #hacked #bugbounty
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

President Trump’s Twitter accessed by security expert who guessed password “maga2020!”

A Dutch security researcher says he accessed President Trump’s @realDonaldTrump Twitter account last week by guessing his password: “maga2020!”.

Victor Gevers, a security researcher at the GDI Foundation and chair of the Dutch Institute for Vulnerability Disclosure, which finds and reports security vulnerabilities, told TechCrunch he guessed the president’s account password and was successful on the fifth attempt.

The account was not protected by two-factor authentication, granting Gevers access to the president’s account.

After logging in, he emailed US-CERT, a division of Homeland Security’s cyber unit Cybersecurity and Infrastructure Security Agency (CISA), to disclose the security lapse, which TechCrunch has seen. Gevers said the president’s Twitter password was changed shortly after.

👀 👉🏼 https://nitter.net/zackwhittaker

👀 👉🏼 https://techcrunch.com/2020/10/22/dutch-hacker-trump-twitter-account-password/

#trump #hacked #twitter #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

U.S.A. cybersecurity firm FireEye discloses breach, theft of internal hacking tools

FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that is has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking tools typically reserved to privately test the cyber defenses of their own clients

https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI

#FireEye #hacked #breach

Suspected Russian hack is much worse than first feared: Here's what you need to know

👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."

👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.

👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."

It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.

CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.

"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."

https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18

via www.cnbc.com

#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit

This summer, iPhones belonging to as many as 36 Al Jazeera journalists were silently infected with malware, according to research released Sunday. They were subjected to silent attacks that appeared to exploit a vulnerability in Apple’s iOS and installed malware on the iOS devices, leaving reporters’ phones open to snooping, the researchers claimed.

In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked.

The phones were compromised using an exploit chain that we call KISMET, which appears to involve an invisible zero-click exploit in iMessage. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 and could hack Apple’s then-latest iPhone 11.

Based on logs from compromised phones, we believe that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019.

The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates.

https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/

https://www.forbes.com/sites/thomasbrewster/2020/12/20/apple-security-warning-zero-click-iphone-hacks-hit-36-al-jazeera-journalists/

#ipwn #iphone #apple #journalists #hacked #nso #imessage #exploit #zeroclick #kismet #jazeera
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

NZBgeek Has Been Hacked Leaving Private User Data Exposed

Popular Usenet indexer NZBGeek has been hacked. The site's database was copied exposing the personal details of all users. The hackers also managed to install a keylogger, opening the door to further abuse. The site's operators recommend that users should secure their online accounts as well as credit cards that were used on the site recently.

Despite the growing popularity of pirate streaming sites and services, classic file-sharing tools continue to have a smaller but dedicated audience.

This is true for BitTorrent as well as Usenet. In the latter category, NZBGeek is one of the largest players as it provides an indexing service that helps users to find content.

NZBGeek is a private community to which users can sign up without any charges. However, those who donate get some extra features that will help to sift through the more than 500,000 NZBs indexed by the site.

NZBGeek Hacked
The site generally operates smoothly but last week something changed. After initially becoming unreachable, the problem was initially clear but after a while, the operators put up a message stating that there were hosting related issues. Yesterday, however, things turned from bad to worse.

“It’s with a heavy heart that we must admit that we have had a breach,” the site informed its users. “If you have recently used your card or payment with us we suggest changing your credentials and card info as soon as possible.”

https://torrentfreak.com/nzbgeek-has-been-hacked-leaving-private-user-data-exposed-201228/

#nzbgeek #hacked #userdata #exposed
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

How I Hacked Google App Engine: Anatomy of a Java Bytecode Exploit

Back in college, I was very interested in Java bytecode. When I got an internship at Google in 2013, I was skeptical of the security of the Java version of Google App Engine and got permission to spend the last week of my internship doing a mini red team exercise, trying to break into App Engine. This is the story of how I found a vulnerability and developed an exploit to break out of the App Engine sandbox and get arbitrary code execution on a Google server.

Background

One of the reasons I was skeptical was Java’s poor security track record. Java is unusual among programming languages in attempting to do in-process sandboxing with its Applet model, where trusted and untrusted code run within the same language runtime.

Back in the dark ages before Javascript and Webassembly took over the world, website authors that wanted to include nontrivial interactivity had to rely on browser plugins. Sun’s entry into the fray was Java Applets, a system that allowed website authors to include precompiled Java classfiles on their site. When the user views the embedding page, the browser sends that code to the Java Virtual Machine (JVM) installed on the user’s computer for execution.

In order to keep things secure, Java used a permission system to control what running code could and couldn’t do. Desktop applications were executed with all permissions by default, while Java applets ran with a very restrictive policy that prevented stuff like accessing the user’s local files.

Unfortunately, applets were still plagued with security vulnerabilities. One issue is that most of the Java runtime library is itself implemented in Java. Trusted and untrusted code run side by side in the same VM, with the only thing separating them being the permission system and visibility modifiers (public, protected, private, etc.)

This means that a bug anywhere in the JVM or standard libraries is liable to become a security vulnerability. Additionally, the attack surface is huge. The Java 7 runtime included over 17,000 classes, a lot of places for bugs to creep in.

https://blog.polybdenum.com/2021/05/05/how-i-hacked-google-app-engine-anatomy-of-a-java-bytecode-exploit.html

#google #app #engine #hacked #java #bytcode #exploit
📡 @nogoolag 📡 @blackbox_archiv