Wow. From Flashpoint, yesterday: On March 3, 2021, Flashpoint detected a breach of the elite Russian cybercrime forum known as “Maza” (originally called “Mazafaka”). This breach follows recent attacks (both attempted and successful) on other Russian cybercrime forums, including the takeover of Russian-language forum Verified. Known to be in operations as far back as 2003, Maza…
Category: Hack
Rookie coding mistake prior to Gab hack came from site’s CTO
Sometimes you read a story and think, “Oh. This is just too perfect.” This is one of those times. Dan Goodin reports: Over the weekend, word emerged that a hacker breached far-right social media website Gab and downloaded 70 gigabytes of data by exploiting a garden-variety security flaw known as an SQL injection. A quick review of…
Mandiant issues final report on its investigation into Accellion breach
Yesterday, Mandiant issued its final report on its investigation into the Accellion data breach that impacted a number of its big clients including Jones Day law firm, SingTel, Bombardier, Goodwin Procter, the Transport for NSW, the New Zealand Reserve Bank, and others. You can find the report here (pdf). And while the investigation may be…
European e-ticketing platform Ticketcounter extorted in data breach
Lawrence Abrams reports: A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server. Ticketcounter is a Dutch e-Ticketing platform that allows clients, such as zoos, parks, museums, and events, to provide online tickets to their venue. Read more on…
Chinese cyber attack foiled: Power Ministry
The Hindu reports: “State-sponsored” Chinese hacker groups had targeted various Indian power centres, the Union Power Ministry said on Monday, but added that these groups have been thwarted after government cyber agencies warned it about their activities. While the government refused to confirm or deny a New York Times report, based on a U.S. cyber…
GabLeaks: Claims by Gab Refuted by DDOSecrets.com
Not surprisingly, extremists appear to have made some false claims about a hack and data dump involving the far-right platform known as Gab. Rather than repeat their claims — claims that include blatantly bigoted language — DataBreaches.net provides the statement by public interest group DDOSecrets.com: Distributed Denial of Secrets provided a pre-release copy of the…