This past week, a hacker by the name of ChinaDan allegedly breached the Shanghai National Police (SHGA) database and has put the nearly 23 TB of data up for sale for 10 bitcoin (BTC), or a little over $200k USD as of this writing. ChinaDan claims the data contains “information on 1 Billion Chinese national residents and several billion case records” including names, addresses, … [Read more...]
FIFA 21 Source Code Leak From Member of Reemerging Hacking Group
A KickAss hacking group member (not the Torrent group) who goes by Leakbook claims to have the full FIFA 21 source code, which they have listed for sale on a popular hacking forum. In addition to the FIFA 21 source code they also claim to have access to the matchmaking servers, Frostbite source code, private API keys, and other development tools. Leakbook directs users to the … [Read more...]
Ubiquitous for all the Wrong Reasons
Ubiquiti may have a lot to answer to after recent allegations of their possible downplaying of January’s breach. The allegation involves an attacker gaining access to Ubiquiti’s Amazon Web Services (AWS) account via an employee’s account with root (read/write admin or higher permissions) level access to all of Ubiquiti’s AWS accounts. The whistleblower alleged that the … [Read more...]
GDPR Complaints Used as an Extortion Tool in 23,000 Databases
Last week ZDnet reported on a hack affecting 23,000 databases using MongoDB. The hacker, or possibly multiple hackers, ran scripts to automate access to misconfigured databases. In total, ZDnet reported that they hit 47% of open online MongoDBs. This attack likely started around April of this year, but others use the same techniques to attack open mongo databases all the … [Read more...]
How Can Automation Improve Security?
A prior Secplicity blog post explored the potential of cloud security. Automation is one of the most important reasons to move applications to the cloud. By design, third-party cloud platforms can automate manual tasks to deploy, monitor and maintain systems. The AWS Architecting for the Cloud whitepaper explains best practices for cloud applications driven by automation. How … [Read more...]