Bob Diachenko writes: On May 23rd, another Elasticsearch misconfiguration incident has led to the exposure of the personal details and Aadhar number for millions of families registered under Mukhya Mantri Parivar Samridhi Yojana (MMPSY), which is one of the largest social security programme in India rolled out in the state of Haryana. According to Bob, the server…
U.S. Accuses Russian Military Hackers of Attack on Email Servers
Julian E. Barnes and David E. Sanger report: The National Security Agency publicly accused Russian government hackers of targeting email servers around the world in an unusual announcement on Thursday, showing that the agency is becoming more aggressive in calling out Moscow’s action as the presidential election approaches. While the Trump administration has publicly attributed…
MA: New York City Man Charged with Hacking, Credit Card Trafficking, and Money Laundering Conspiracies
A New York City man was charged Tuesday with conspiracies to engage in computer hacking, trafficking in stolen payment card numbers, and money laundering. Vitalii Antonenko, 28, was indicted on one count of conspiracy to gain unauthorized access to computer networks and to traffic in unauthorized access devices, and one count of money laundering conspiracy….
Fortune 500 company NTT discloses security breach
Catalin Cimpanu reports: Nippon Telegraph & Telephone (NTT), the 64th biggest company in the world, according to the Fortune 500 list, has disclosed today a security breach. NTT says hackers gained access to its internal network and stole information on 621 customers from its communications subsidiary, NTT Communications, the largest telecommunications company in Japan, and…
Bringing VandaTheGod down to Earth: Exposing the person behind a 7-year hacktivism campaign
This site has reported on VandaTheGod more than half a dozen times over the past years. Now Check Point researchers report on how an open tab in a screenshot ultimately enabled them to identify him: Since 2013, many official websites belonging to governments worldwide were hacked and defaced by an attacker who self-identified as ’VandaTheGod.’…
Fake Aarogya Setu apps carrying spyware spotted
Romita Majumdar reports: … SonicWall Labs Threats research team found fake Aarogya Setu apps carrying spyware, which is capable of making phone calls, recording audio, send SMS, take pictures and record videos from the camera. If the user deletes Aarogya Setu app from the device by long pressing the icon > uninstall method, only the…