Creditseva data breach: 48,000 Indians’ personal and sensitive data was exposed to hackers
The breach comes on the heels of Jio’s massive data breach that saw nearly 1 million users’ data leaked, now considered to be one of the largest data breaches in India’s history. Diachenko said that his firm, which specialises in hunting for data breaches, alerted CreditSeva about the breach on 2 August and that the insecure Amazon S3 bucket was secured the very next day. Personal and financial data of thousands of Indian citizens was found to have been freely exposed on the Web by credit services firm Creditseva, according to Kromtech security researchers who first spotted the data breach. While the statement does not accept that an actual breach occurred, it skirts the issue of whether user data was left exposed because of a cloud server misconfiguration, as alleged by Kromtech researchers. Diachenko says that businesses using the Amazon cloud infrastructure “must ensure there aren’t any publicly accessible S3 buckets. The data left exposed by Creditseva is gold dust for cybercriminals, who could potentially use them to engage in identity theft or other cybercrimes. anonymous users) to read the objects within the bucket, upload/delete objects, view object permissions and edit object permissions,” Diachenko said. Several businesses in the past have experienced such breaches, caused by insecure Amazon web service servers. India’s cyber laws currently have very vague and limited clauses on reporting breaches to either the government or users. Around 48,000 Indian citizens’ critically sensitive data, including drivers’ license, home addresses, credit reports, as well as pictures were left exposed by the Hyderabad-based fintech startup, in an insecure Amazon Web Service server.
Aadhaar Data Breach: 20,100 User Details Published On Punjab Government Website
According to the official website, the Unique Identification Authority of India (UIDAI) is a statutory authority established under the provisions of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (“Aadhaar Act 2016”) on 12 July 2016 by the Government of India, under the Ministry of Electronics and Information Technology (MeitY. As stated by Satish Thaman, member of the Ludhiana District (west sub-division) grievances redressal committe, “If any government department has published a list of applicants with their Aadhaar numbers, their information can get leaked. But, due to a perceived lack of the country’s cyber security standards, experts and activists believe that linking of such information to the Aadhaar number can put private and sensitive information at risk for crimes such as identity theft, hacking and more. According to Section 29 (4) of the Aadhaar Act, no Aadhaar number or core biometric information can be published, displayed or posted publicly, except for specified purposes. As per media reports, the lists are available on the GLADA website server, making it easy to obtain for anyone with access to the direct link. It is a 12-digit identity number provided under the UIDAI, is linked to a citizen’s biometric details and has become mandatory for availing government services, such as filing Income Tax Returns, booking train tickets on the IRCTC, opening a bank account and more. A Punjab government entity has published the Aadhaar details of 20,100 citizens on its official website. These details include Aadhaar numbers, user names and their father’s name. It is a grave threat to the privacy of residents as Aadhaar information can be misused. India’s Supreme Court, too, is currently in the process of determining whether the programme violates an Indian citizen’s right to privacy.
Aadhaar Data Leaks: Jharkhand, UIDAI Cite Breaches Just Like Punjab
According to the complaint, Srivastava illegally accessed UIDAI data through an “Aadhaar e-KYC verification” mobile app that he developed himself. Preliminary inquiries reveal that Srivastava developed a mobile app that provided “Aadhaar e-KYC verification” by accessing data hosted on the National Informatics Centre (NIC) server. Qarth workers were accused of developing an app and accessing details on the official website without authentication and provided the same as e-KYC details. Abhinav is accused of accessing Aadhaar-related information, housed by the NIC server, illegally to the miscreants. Aadhaar Data Leaks: Jharkhand, UIDAI Cite Breaches Just Like Punjab. In recent times, the security of the Aadhaar system has been brought into question several times. Even more recently, Qarth Technologies co-founder Abhinav Srivastava was arrested by Bengaluru’s Central Crime Branch on charges of Aadhaar data theft last week. He had accessed the data through an e-hospital website. These details included sensitive information such as names, addresses, bank account details and Aadhaar numbers. In April 2017, the Aadhaar details of 1. 4 Mn registered users were made public on the Jharkhand Directorate of Social Security.
Malware attack on MTNL broadband in Delhi
A top official at MTNL said that the company had noticed the issue since Thursday. A top official at BSNL said that no such issue has been noticed in the company’s mobile network. The issue, which company officials claim is “under control now”, impacted services at many households with malfunctioning of the broadband services. Apart from this, we are also replacing the modem of subscribers where there is a serious issue due to the malware. Several broadband connections of state-run MTNL have been impacted in the national capital after a malware attack. The government has asked various telecom and banking companies to be careful about virus attacks and malware, especially as the country moves over to digital transactions. “We have been taking action to sort out the matter, and are confident that the issue will be rectified very soon,” the official, who requested anonymity, said. The impact on enterprise connections is still not clear, though sources say that operations were also impacted there. Asked whether the company is also coordinating with the Ministry of IT to look into the matter, the official said he is not aware of any such exercise. The financially-strapped telco, which is struggling to stay afloat, said that it is adopting a variety of measures to tackle the issue.
Russian hacking mastermind arrested, bringing long cybercrime career to an end
Ralsky, Levashov and several associates were indicted for fraud in 2007; Ralsky went to prison while Levashov — safe in Russia — avoided arrest. “There were spam botnets, certainly, before Storm, but it took things to a next level,” Joe Stewart, a security researcher with cyberdefense startup Cymmetria who grappled with Storm at its height, said. By that point, Levashov was cybercrime nobility in his own right, allegedly running a forum for Russian spammers and the massive Storm botnet, whose sophistication drew global attention. Indictments unsealed this year accuse the Russian of renting out Kelihos at $500 per million emails to send spam or to seed computers with ransom software or money-draining banking programs. Court documents suggest that Levashov teamed up in 2005 with Alan Ralsky, a legendary bulk email baron once dubbed the “King of Spam. ” Within a couple of years he had gravitated toward the burgeoning field of email spam, according to an ad attributed to him in U. Internet registry records preserved by DomainTools suggest Levashov launched a bulk mailing website called e-mailpromo. Then again, in response to a question about Levashov’s links to the Russian government, she said: “I’m not a wife who knows everything about her husband. It was with Ralsky that Levashov is alleged to have plunged into the world of the “pump-and-dump,” a scheme that worked by sending millions of emails talking up the value of thinly traded securities before selling them at a profit and leaving gullible investors to soak up the loss. With laws tightening and digital blacklists getting better, spammers resorted to hacking to get their mail across, using malicious software to turn strangers’ personal computers into “proxies” — a euphemism for remote-controlled conduits for junk mail.
Cyberwar ? Pakistan’s government website hacked to play Indian national anthem
According to reports in the Indian media, in June, around 30 Pakistani government websites were hacked after a Pakistani court sentenced former Indian Navy officer Kulbhushan Jadhav to death, on charges of espionage. The website was also reportedly defaced to display a message celebrating India’s independence and play the Indian national anthem. According to reports, the attack involved the hacked website displaying an image of the Indian national flag’s Ashoka chakra. The attack on the Pakistani website comes just a week prior to both India and Pakistan celebrate their 70th year of independence. Last year, the website of Pakistan’s Ministry of National Health Services by hackers who claimed that the attack was a show of solidarity with the grieving families of the victims of the Bacha Khan University terror attack in January 2016. This is not the first time when one of Pakistan’s government websites has been hacked. Although there is no official statement on the matter, according to the official Twitter account of Pakistan defence, the hacked website was allegedly hosted on an insecure HTTP server. pk) reportedly got hacked on Thursday (3 August) by an unknown hacker going by the pseudonym Ne0-H4ck3r.
Illegal goods for sale on dark web markets see boost after death of AlphaBay and Hansa
Vendors who sell drugs, weapons and hacked databases on the dark web are flocking to alternative services after two of the biggest underground marketplaces – Alphabay and Hansa – were taken offline in a global cybercrime operation last month, research suggests. On 20 July, a takedown operation spearheaded by US and Dutch police forces seized the dark web-hosted markets and made numerous arrests. While sales of illicit goods and services appear to have reduced since the two leading markets were shuttered, listings on some websites increased by nearly 30%, according to fresh research carried out by Israeli cybersecurity firm Cyberint and commissioned by the BBC. “I got contacted by an ex-Hansa staff member telling me that the operation is apparently bigger than we currently assume, that ‘there will be a bloodbath, a purge’ and that ‘any vendor [should] seize his operation, lawyer up and hide his trails,” one post on Reddit’s r/darkwebmarkets read. Elad Ben-Meir, a marketing chief at Cyberint, told the BBC: “There is growing evidence that when one illegal dark web marketplace is closed, the illicit business quickly starts to be redirected. The next target for cyber police investigators is likely to be Dream Market – the current king of the internet’s criminal underbelly. On a number of internet forums, speculation has steadily mounted that law enforcement is now working to infiltrate other dark web marketplaces. “However, there is also evidence that continuing crackdowns by international law enforcement operations, are having the effect of forcing illicit traders away from those sites selling firearms or child pornography. It found a website known as Dream Market is now the largest store left standing – boasting more than 98,800 listings, rising by more than 3,000 over the week.
New WikiLeaks files show how CIA uses ‘Dumbo’ tool to disrupt webcams, microphones
“By deleting or manipulating recordings the operator is aided in creating fake or destroying evidence of the intrusion operation,” WikiLeaks editorialised on its website, where 18 other alleged CIA tools – with nicknames like ‘CherryBlossom’ and ‘Imperial’ – are now hosted. Since at least 2012, the US Central Intelligence Agency (CIA) has used a tool known as “Dumbo” that infects targets’ machines in order to mute microphones, disable network connections and corrupt webcam video recordings, so that its tech-savvy spies can operate in peace. The tool “identifies installed devices like webcams and microphones either locally or connected by wireless or wired networks and disrupts how computers log activity,” a Wikileaks statement read. x0rz also said the tool would be “mostly useless” without an additional zero-day exploit because it requires so many escalated privileges to work as intended. Dumbo has the ability to “suspend processes utilising webcams” and corrupt video recordings that could compromise operations being managed by field agents working for the CIA’s Physical Access Group (PAG), which is a division of its so-called Centre for Cyber Intelligence. “I don’t know why WikiLeaks put those two tools in the same category,” x0rz said. The files described the tool as a passive/active scanner that can exfiltrate a targeted computer’s network traffic – either at a “packet” level or via IP port scanning. “Dumbo is designed as a PAG entry-operation utility that targets webcams and other monitoring software,” reads a CIA slide dated June 2012. Amid the ‘Dumbo’ batch of documents was another alleged CIA tool, codenamed “Epione” and dated March 2012. “The tool itself is dull,” said security researcher x0rz.
Smartphone screens are the new ‘front lines of war’, says UK home secretary Amber Rudd
On the same day as the inaugural Global Forum meeting, Rudd was roundly criticised for comments made about the use of end-to-end encryption, a widespread system that companies use to secure software and chat apps, protect privacy and reduce the threat of unwanted snooping. Rudd, in the latest in a long line of similar statements, said the popular technology – used in services such as WhatsApp and iMessage – aids terrorism and gives crooks a safe space to communicate. Who uses WhatsApp because it is end-to-end encrypted. “We believe that the best approach to tackling online terrorism is to collaborate with each other and with others, including civil society and government,” read a joint statement issued on 1 August by Facebook, YouTube, Twitter and Microsoft. As criminals turn to consumer apps, it was made to “share information and best practices about how to counter the threat of terrorist content online. “The scale of the threat we face is not something any one of us can tackle alone and only through collective action across governments, civil society and industry can we seek to defeat it. She was speaking this week (1 August) at the first meeting of the Global Internet Forum, a collective of technology giants and social media firms including Google, Facebook and Twitter. “The Tuesday meeting including Rudd alongside officials from Australia, Canada, the European Union and the United Nations. They said that within the next few months the forum would secure the participation of the five companies and create a database to identify violent terrorist imagery. “Our enemy is trying to weaponize vulnerable people in their homes,” the British politician said while speaking at the event, located in San Francisco.
Pwned Passwords: In 10 seconds, this new website could save you from being hacked
In late July 2017, the National Institute of Standards and Technology (NIST) released guidance around the use of passwords, saying that organization’s should consider blocking new accounts on their websites that use passwords previously discovered in major data breaches. The point of the web-based service is so that people who have been guilty of using sloppy passwords have a means of independent verification that it’s not one they should no longer be using. The website comes with a very clear caveat; users should not rely on the service for checking passwords associated with current accounts, be it social media or online banking. “I realized I was in a unique position to help do something about the problem they’re trying to address due to the volume of data I’ve obtained,” said Troy Hunt, the admin of HaveIBeenPwned, a service which lets you check if your email address has been compromised.
“Hunt added: “I can do that with those who come to the site and enter their email address but by providing these 306 million pwned passwords, my hope is that with your help, I can distribute that ‘lightbulb moment’ out to a far greater breadth of people. Hunt, in his blog post, expounded: “If there’s one thing I’ve learned over the years of running this service, it’s that nothing hits home like seeing your own data pwned. “One thing that’s really hit home while running HIBP is that few things resonate with people like demonstrating that they’ve been pwned. In a blog post, published 3 August 2017, Hunt explained how he amassed a total of 306 million pwned passwords from datasets stored on his repository and – with the help of Cloudflare – created the new capability. Take it as an opportunity to not just reduce the risk to the service