blog trackingRealtime Web Statistics Exposed Archives | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘exposed’

CYBER SECURITY VULNERABILITIES OF FTSE 100 COMPANIES EXPOSED

Screen Shot 2016-05-27 at 8.27.47 PM

Source: National Cyber Security – Produced By Gregory Evans

Anomali, provider of market-leading threat intelligence platforms, has today revealed the prevalence of suspicious brand spoofing and mass compromised credential exposures of the Financial Times Stock Exchange 100 (FTSE 100). Over the last three months, eighty one companies in the FTSE 100 had potentially malicious domain registrations against them, enabling cyber criminals to create dummy […]

The post CYBER SECURITY VULNERABILITIES OF FTSE 100 COMPANIES EXPOSED appeared first on National Cyber Security.

View full post on National Cyber Security

Philippines Voter Database Exposed By Hackers

security-breaches-684x513

The breach could be the biggest-yet hack of government-held data, according to Trend Micro

A breach of the Philippines’ Commission on Elections (Comelec) affecting about 55 million people could be the largest hack of government-held data ever, according to security specialists.

Government representatives have downplayed the seriousness of the breach, which took place late last month, but IT security firm Trend Micro said its analysis of the exposed data found that it included sensitive information such as passport numbers and fingerprint records.

“Every registered voter in the Philippines is now susceptible to fraud and other risks,” Trend said in an advisory. “With 55 million registered voters in the Philippines, this leak may turn out as the biggest government related data breach in history.”

Comelec’s website was defaced on 27 March by the Philippines branch of the Anonymous hacker group, which left a message accusing the government of poor security ahead of upcoming elections on 9 May.

Later on the same day a different but linked group, LulzSec Pilipinas, posted an online link to what it claimed was Comelec’s entire database, a 338 GB file containing 75.3 million individual entries. Just over 54 million of those entries would seem to correspond to the Philippines’ 54.36 million registered voters, according to Trend.

The database includes 1.3 million records for overseas Filipino voters, listing their passport numbers and expiry dates, in an easily searchable plain-text format, Trend said.

“Interestingly, we also found a whopping 15.8 million record of fingerprints and a list of people running for office since the 2010 elections,” the company stated.

Vote fraud fears

The Philipines uses an automated voting system, and the hacker groups both said their actions were intended to call the security around that system into question.

Comelec has said the voting system uses a separate system that’s better protected than the hacked site.

“We will be using a different website for the election, especially for results reporting and that one we are protecting very well,” a Comelec spokesman said at the time of the hack.

The breached Comelec database affects more people than a leaked database on more than 49 million Turkish voters exposed last week, but the Turkish database contains more sensitive information – detailed records, including parents’ names and addresses, on every person listed.

Last year a breach of the US government’s Office of Personnel Management (OPM) leaked information including fingerprints and social security numbers on 20 million current and former government employees.
Source:http://www.techweekeurope.co.uk/security/hackers-philippines-voter-database-189776

Related Post

The post Philippines Voter Database Exposed By Hackers appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

JD Wetherspoon data breach exposed details of over 650,000 customers

Source: National Cyber Security – Produced By Gregory Evans

JD Wetherspoon data breach exposed details of over 650,000 customers

JD Wetherspoon is the latest high-profile company to become victim of a cyber attack. A hacker gained access to a database containing the details of over 650,000 JD Wetherspoon customers. The database mainly contained names, dates of birth, email addresses and phone numbers. The pub chain said in a statement that the hack occurred in June. It apologised to the customers affected and said that the data breach was related to an old website which it no longer uses. The company’s chief executive, John Hutson, received an anonymous email alerting him of the attack in November. However, the email wasn’t read – it was picked up by the company’s spam filter. The chain wasn’t aware of the attack until The Financial Times contacted them on Monday. Thankfully only a ‘tiny number of customers’ had information on their credit or debit cards stolen. It’s believed that the hacker only gained access to some pieces of financial information of around 100 customers. Source: http://marketbusinessnews.com/jd-wetherspoon-data-breach-exposed-details-of-over-650000-customers/114700

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post JD Wetherspoon data breach exposed details of over 650,000 customers appeared first on National Cyber Security.

View full post on National Cyber Security

55,000 Social Security Numbers exposed in the security breach of VFW.org

Source: National Cyber Security – Produced By Gregory Evans

The Veterans of Foreign Wars  recently began notifying their users that hackers hacked into VFW.org  and hackers were able to see their users personal information.     In February 2014 , Veterans of Foreign Wars bitterest was hacked by hackers and hackers planted a malicious code , when ever any visitor visited their website with vulnerable version of Internet Explorer , The user is infected. This attack is believed to be done from China. After the investigation it shows that names ,  security numbers and other personal details of about 55,000 users have been leaked because of VFW.org security breach. The letter dated April 4 said that VFW got to know about the security breach on April 4. “VFW has been informed that the purpose of the attack wasn’t identity theft, but rather to gain access to information regarding military plans or contracts”  says the letter. Source: http://whogothack.blogspot.co.uk/2014/04/55000-social-security-numbers-exposed.html#.VjKYMvmqqko The post 55,000 Social Security Numbers exposed in the security breach of VFW.org appeared first on Am I Hacker Proof. View full post on Am I Hacker Proof

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post 55,000 Social Security Numbers exposed in the security breach of VFW.org appeared first on National Cyber Security.

View full post on National Cyber Security

Cars Exposed to Hacking Inside Car Dealerships

Source: National Cyber Security – Produced By Gregory Evans

Security researcher Craig Smith developed a device to test if car diagnostics tools used in car dealerships to test and fix modern cars can be hacked and then used as infection stations, spreading malware to other cars. Craig named this concept an “auto brothel,” and warns that his work found numerous car diagnostics tools as being vulnerable to a series of simple hacking techniques. His research was presented during this year’s edition of DerbyCon, a security and hacking conference that took place in Louisville, Kentucky. At the same conference, Craig also introduced a special hardware device he created to test car diagnostics tools found in dealerships, which he called ODB-GW (Ol’ Dirty Bastard Gateway). The software for this tool, the Unified Diagnostic Services (UDS) Server, is also available for download on GitHub. As Craig explains, the ODB-GW device was created to work as a honeypot, making car diagnostics tools that are plugged into it think it’s a car. On the other side of the ODB-GW, Craig also plugs the device into his laptop, from where he is then able to carry out basic tests, and identify weaknesses in the car diagnostics tool. The technique used by the ODB-GW device to […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Cars Exposed to Hacking Inside Car Dealerships appeared first on National Cyber Security.

View full post on National Cyber Security

ISIS hacker who exposed troops’ personal info killed in drone strike

Source: National Cyber Security – Produced By Gregory Evans

The cyber hacker affiliated with the Islamic State Hacking Division, responsible for exposing the personal information of hundreds of U.S. military and government personnel, has been killed in a drone strike. The Wall Street Journal reports that Junaid Hussain, also known as Abu Hussain al-Britani, was killed by a U.S. drone strike in Syria on Aug. 25. Hussain had been pinpointed in a “targeted strike” outside the Syrian city of Raqqa, the Journal says. U.S. officials have not confirmed his death. It is unclear if the drone strike was conducted out of Incirlik Air Base, Turkey — where the United States, in addition to stationing F-16 fighter jets, recently began launching armed drone strikes — or elsewhere. Hussain, on behalf of the IS Hacking Division, in early August published names, emails, passwords and phone numbers of more than 1,480 members in the Air Force, Marine Corps, NASA, FBI, State Department, and the Port Authority of New York and New Jersey. The group urged “lone wolves” to “process the info and assassinate,” according to tweets sent out by Hussain’s account, which was suspended shortly afterward. The Defense Department and FBI were investigating the hack. “We are still looking into the incident,” Marine Lt. Col. Jeffrey Pool, a Pentagon spokesman, […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post ISIS hacker who exposed troops’ personal info killed in drone strike appeared first on National Cyber Security.

View full post on National Cyber Security

Here’s every type of data exposed in the Ashley Madison hack

Source: National Cyber Security – Produced By Gregory Evans

Share on Facebook Tweet (233) Share (4) Pin There are plenty of ways to look up whether your information has been exposed in the Ashley Madison hack — all you need is an email address. And while that alone certainly speaks volumes, email addresses are just a small sliver of the information found in the nearly 10GB data dump (compressed total file size) containing what looks to be over 36 million Ashley Madison accounts and 9 million individual credit card transactions. The amount of data tied to each account, found across numerous spreadsheets, is as mind-bending as the messy ramifications and may include some (if not all) of the following: Creation date and last updated date, down to the second Account type and membership status (listed as a 0, 1, 2, or 3) First and last name (at least, the one given) and nickname Listed street address, including city, state, zip code, and in some cases even the latitude and longitude lines Up to three phone numbers, including work and mobile (if provided) Gender (approximately 27 million male-identified and 4.4 million female-identified accounts, which is about a 6-to-1 ratio with 2 million undetermined) Date of birth Profile caption (examples include “No Games […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Here’s every type of data exposed in the Ashley Madison hack appeared first on National Cyber Security.

View full post on National Cyber Security

Find out if your Android device is exposed to MMS attacks using Zimperium’s Stagefright Detector App

Last week, security researchers from Zimperium have reported on a vulnerability in Android’s Stagefright media playback library, one that is thought to affect about 950 million active Android devices. In a nutshell, potential hackers can take control of the affected smartphones by sending a malicious SMS. For more details on the Stagefright vulnerability, check out our original post here.

Zimperium has now launched an app that lets users check if their smartphone or tablet is exposed to the Stagefright vulnerability. The app is intuitively called the Stagefright …

View full post on PhoneArena

Hacking Team, Which Sells Surveillance Tech To Governments, Exposed By Major Hack

Source: National Cyber Security – Produced By Gregory Evans

One of the technology world’s most notorious providers of surveillance and intrusion software has found itself on the wrong end of an embarrassing hack. A range of sensitive documents belonging to Italy-based Hacking Team, which is known for working with governments worldwide, appeared to leak out over the weekend, including email communications and client lists. The hackers, who remain unidentified at this time, also took over the group’s Twitter account, using it to post screenshots of emails and other details, as CSO first reported. Hacking Team is a mysterious organization which has long been thought to sell tracking and hacking software to governments, particularly those in developing markets. The organization describes itself as providing “effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities”. One tool that it is known to offer is Davinci, a service marketed at law enforcement organization that can purportedly access SMS, emails, web browsing and more to locate specific targets. Last year, the organization denied selling technology to “any repressive regime” following a report from a report from Citizen Lab, but early leaks of the files — which weigh it at over 400GB — appear to show government contracts with Kazahkstan, Sudan, Russia, Saudi Arabia and others. In addition, […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Hacking Team, Which Sells Surveillance Tech To Governments, Exposed By Major Hack appeared first on National Cyber Security.

View full post on National Cyber Security

Google leaves most Android users exposed to hackers

index

Source: National Cyber Security – Produced By Gregory Evans

People with Android smartphones and tablets running older versions of the mobile operating system — around 60 percent of all Android users — are going to have to live with a security flaw Google has decided not to fix. A known security bug in the default, unbranded Web browser for Android 4.3 Jelly Bean and older versions of Google’s mobile OS will go unpatched, Google’s chief of security for Android wrote in a Google+ post on Friday. “Keeping software up to date is one of the greatest challenges in security,” Adrian Ludwig wrote. Because the browser app is based on a version of the WebKit browser engine that’s now more than two years old, fixing the vulnerability in Android Jelly Bean and earlier versions is “no longer practical to do safely,” he wrote. Google confirmed on Saturday that Ludwig’s post is the company’s official position on the matter. The company’s decision has upset security experts, who worry hackers will be able to easily target the hundreds of millions of people using phones and tablets that run older versions of Android. Ludwig contends the number of people potentially affected by the vulnerability is “shrinking every day.” But for security professionals, it’s […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Google leaves most Android users exposed to hackers appeared first on National Cyber Security.

View full post on National Cyber Security

Page 1 of 512345»

My Twitter

  • RT @GregoryDEvans: The Hobbit and Lord of the Rings Age-by-Age Guide https://t.co/zTd1JIr8OM
    about 1 hour ago
  • RT @GregoryDEvans: #galaxylife #samsung4life Website/IP https://t.co/zw5e7L14oH may be hackable #hacked, #WGH, #USA, #hackerproof https://t…
    about 2 hours ago
  • RT @GregoryDEvans: Website/IP https://t.co/l214quFdVx may be hackable #hacked, #WGH, #CAD, #hackerproof https://t.co/BEjdgsqwTp
    about 2 hours ago
  • RT @GregoryDEvans: Website/IP https://t.co/l214quFdVx may be hackable #hacked, #WGH, #CAD, #hackerproof https://t.co/BEjdgsqwTp
    about 2 hours ago
  • RT @GregoryDEvans: Keep Students Safe From Identity Theft https://t.co/baq1u1i5RA https://t.co/uzjq8Z6aj3
    about 3 hours ago

AmIHackerProof.com By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans