Category: data leak

Recent reports reveal a complex and contentious cyber conflict involving Iran. On one side, Iran faces allegations of orchestrating ransomware attacks on various U.S. federal facilities through a group known as Fox Kitten. On the other, it has been reported that the Iranian government may have paid millions to a different hacking group to prevent the release of sensitive banking data on the dark web.

The hacking group IRLeaks, notorious for targeting Iranian entities for financial gain, reportedly demanded a ransom of $10 million in cryptocurrency to prevent the release of stolen information from approximately 20 domestic banks. As the threat of destabilizing Iran’s financial system loomed large, the Iranian government was able to negotiate the ransom down to $3 million. This payment was made to halt the data leaks and secure the sensitive information from further exposure.

Some speculated that IRLeaks might have connections to the United States and suggested their actions were intended to create psychological fear among Iranian citizens. However, this claim has been firmly denied by the Biden administration, which dismissed it as unfounded.

Instead, the Biden administration has accused Iran of deploying malware via Advanced Persistent Threat (APT) groups to disrupt critical infrastructure and influence the 2024 U.S. elections in favor of former President Donald Trump. The situation has led to an ongoing blame game between the United States, Israel, and Iran, with alleged support from hackers in Moscow and Beijing.

In response to these threats, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recently issued a joint advisory warning U.S. and Israeli businesses about Fox Kitten, also known as Rubidium. The advisory revealed that this group, backed by state actors, is engaged in activities beyond espionage, including data wiping and malware distribution. Evidence also suggests that Fox Kitten has been targeting companies across various countries, including Azerbaijan, Australia, Finland, Ireland, France, Germany, Algeria, Turkey, India, and Canada.

The post Iran pays millions to stop data leak related to banks appeared first on Cybersecurity Insiders.

In today’s digital landscape, maintaining an active presence on social media platforms has become imperative for staying informed about societal trends, current events, and entertainment. However, the looming threat of data breaches often deters many from fully engaging on these platforms. In this article, we’ll delve into the practicalities of social media data leaks and explore strategies to mitigate associated risks.

As users, we are well-versed in the advantages and drawbacks of social media engagement. We understand the potential dangers these networks pose, particularly when it comes to mishandling account settings, falling victim to phishing attacks, or committing user errors.

Beyond these familiar risks, there exists another avenue through which hackers can exploit personal information stored on social media accounts: third-party applications. These apps, often developed for promotional purposes, can inadvertently expose sensitive user data.

A notable example is the now-defunct Cambridge Analytica, which leveraged Facebook to gather political insights by manipulating survey responses. Subsequently, the company utilized this data to construct user profiles, which were then disseminated to interested parties seeking voter sentiment.

Similarly, certain applications access extensive user data, including profile information, contact lists, and message exchanges. This data is subsequently utilized to tailor targeted advertisements based on users’ browsing habits and preferences.

So, how can individuals safeguard against these social media cyber threats and prevent data leaks?

a. Exercise caution when granting permissions to third-party applications, opting to authorize only reputable developers with a track record of trustworthiness.

b. Implement additional security measures such as two-factor authentication or biometric data verification to bolster account security and thwart unauthorized access attempts.

c. Remain vigilant against phishing attempts, and ensure that device software is regularly updated with the latest security patches to mitigate vulnerabilities.

By adopting these proactive measures, individuals can navigate the social media landscape with greater confidence, safeguarding their personal information from potential breaches and preserving their online privacy.

The post How to prevent social media data leak appeared first on Cybersecurity Insiders.

The Australian Home Affairs department may want to bury their heads in the sand after accidentally exposing sensitive information of more than 50 small business survey participants. Why were they being surveyed? Ironically, to get their thoughts on cybersecurity.

It is believed the names, business names, phone numbers and emails of the participants in the survey were released on the parliament website in response to a question for a government cybersecurity report.

The report is part of a wider initiative that was launched in the wake of last year’s Optus and Medibank cyber attacks – two high-profiled attacks that impacted Australia significantly. Australia’s Cyber Wardens program – which went on to receive $23.4m in the May budget – is aimed at training small businesses and the workforce to be “cyber smart” and aware of possible cyber threats.

The following cybersecurity experts offered their insights on the incident:

Erfan Shadabi, cybersecurity expert at comforte AG:

The incident highlights the importance of adopting robust data-centric security measures to safeguard sensitive information effectively. As cyber threats continue to evolve, it is crucial for government agencies and businesses alike to prioritize data-centric security as a fundamental aspect of their cybersecurity strategy. Proactive measures are vital to safeguarding personal information, fostering a secure digital ecosystem for individuals and organizations alike.Data-centric security revolves around securing the data itself rather than solely focusing on perimeter defence. It involves implementing encryption, access controls, and data masking techniques, ensuring that even if a breach occurs, the data remains encrypted and indecipherable to unauthorized individuals.

Erich Kron, Security Awareness Advocate at KnowBe4:

The irony that data was leaked in response to a survey about cybersecurity should not be lost here. This simply illustrates how easy it is for organisations to accidentally become a party to an accidental disclosure of sensitive information. It goes without saying that collecting private information is a task that must be taken seriously at any time, however, when the topic related to the information collection is something like cybersecurity, it looks very bad indeed when the information is not protected.

Organisations often find that accidental information leakage or data breaches can significantly harm an organisation’s reputation, even if it is not at a large scale. The old adage that any press is good press, can certainly be proven false in this case.

The post Australian Home Affairs Leaks Sensitive Information Of Cybersecurity Survey Respondents appeared first on IT Security Guru.

A Security researcher named Volodymyr Diachenko aka Bob is claiming to have access to over 280m bank account records of Indian Citizens and warned that the data exposure could lead to an information disaster, if the Indian government led by Honorable Prime Minister Shri Narender Modi Ji doesn’t take it on a serious note.

Going deep into the details, Bob found two unsecured IP addresses during a routine research last week. And when he tried to gain access to the databases reflecting the IPs, he found two massive troves of data belonging to the populace of Indian Subcontinent.

One of that IPs had 280,472,980 records stored on it, while the other had 8,390,500 records.

Diachenko, who is the founder of SecurityDiscovery.com, claims the records contain personal information belonging to Universal Account Numbers (UANs) that EPFO assigns to each account holding individual. The information trove available on Azure reportedly contains IFSC codes, Aadhaar Card Numbers, employment details of the account holder, their income slabs, GST numbers, martial status and other personal information of their family members.

Bob offered a screenshot of the details that were accessible to him on the Elastic Search Cluster as proof and posted the same on Twitter and Facebook accounts. He alleged the server was left unsecured and was available as an open source info trove for some reason.

For those who are unaware of UAN, here’s a bit on it. UAN is a unique 12 digit number that is allotted to working employees who contribute to the Employees Provident Fund Organization (EPF). The Ministry of Labor and Employment and other government agencies authenticates the number such as the UIDAI of Aadhaar and Income Tax Department. And what’s concerning about the leak is that any hacker having tech expertise can use these details to create a virtual profile of an individual through which they can figure out the individual’s Aadhaar, and PAN related details to launch spear phishing and identity theft attacks.

Bob, the Chief of SecurityDiscovery.com, already sent a red alert to EPFO and CERT-in about the breach and learnt that the databases have been now secured completely with a foolproof password and a 2FA.

Till date, CSC e-Governance India LTD supervised and resolved EPFO’s software glitches. Previously, i.e. almost 4 years ago, EPFO was alerted by a security agency about a data breach that took place on a Aadhaar seeding portal that was supposed to be linked to the services of Employee provident fund servers and the blame was put on CSC Software.

 

The post Bank Account details of about 280m Indian Citizens exposed on the web appeared first on Cybersecurity Insiders.

 

All these days, we have seen countries and governments screeching about cyber attacks and data thefts conducted by Chinese hackers. But now, a hacker online has claimed that he/she is ready to sell about 23 terabytes of data for 10 bitcoins or $246,000 appx.

The hacker named ‘ChinaDan’ also notified those interested that the information was related to 1 billion Chinese populace and was stolen from a police database of Shanghai National Police during the recent covid pandemic propelled lockdown months.

Since 2016, China has been conducting surveillance on its populace in different parts of the country. The aim behind the surveillance is to identify crime at its root level and nip it out before it is too late.

In April this year, a Chinese media resource claimed that the monitoring of the populace has curbed crime by 53% and cited the recent Texas school shooting crime as an example and said that the Xi Jinping-led nation doesn’t have this menace at all, as it neutralizes criminal thoughts in citizens’ mind before they can happen in real-time.

ChinaDan is said to access information such as names, addresses, birthplace, national identity numbers, mobile numbers, and criminal cases against the populace.

The Shanghai Government and the Police department are silent on this media report that was first published in Reuters a few hours ago

Currently, some of the siphoned details are posted online and are being promoted on China’s Weibo and WeChat platforms

An ethical hacker who is super active on Twitter claimed the information to be true and suspected that the details could have been spilled to hackers because of a misconfiguration vulnerability in the Elastic Search Deployment server of the government agency.

More details are awaited!

 

The post Surveillance data of Chinese citizens put online by hackers appeared first on Cybersecurity Insiders.

Ericsson, the Sweden-based Telecom Company that was involved in the 2019 money laundering case with a terrorist organization, seems to be serious about some of the internal documents being leaking to Swedish and international news outlets.

According to a highly placed source the senior level management of the company is miffed with the reports claiming that the company was involved in channelizing money to the Islamic State (IS) Terrorist Group in Iraq making millions during suspicious transactions that took place between 2011 and 2019.

Some of the investigated documents that act as evidence have now leaked to the Swedish media firms and so the company is looking to launch another serious investigation on how third party firms could gain access to such classical information.

To those unaware of the involvement of Ericsson in the money laundering case, here’s a gist of it.

On March 2nd 2021, Ericsson broke an agreement with the US DoJ by hiding evidence about alleged corruption of its officials in Iraq. Evidence is out that the company was involved in some kind of money swindling activities with companies that were funding ISIS. Later, its internal investigations revealed that some of its employees were involved in corruption and misconduct by engaging in unlawful activities, which the company took a note of later.

Ericsson paid $1 billion to the US Department of Justice for deferring the agreement and for hiding the activity.

Now, Ericsson found the documents prepared after the investigations have leaked to some Swedish media resources and suspects an internal hand in the whole drama.

More details on this story are awaited!

 

The post Ericsson serious about the data breach and data leak to media appeared first on Cybersecurity Insiders.