11/16/2014

hundreds of emails and passwords leaked (also Belgians)

Permalink | |  Print |  Facebook | | | | Pin it! |

11/15/2014

so take an example what do we know about the medical situation of

well it is published in some posts below based upon the information that was leaked by Rex Mundi after a breach of mensura

and it is not information that you would like to find back on the web

because there is no way that you could destroy it from the web

how many times was the pastebin document downloaded before it was deleted ?

and what can do those people do with that data ?

e-health is a horror story (but many people don't want to believe me for now)

I am even not sure it is the same person, but any person googling her name will now find this information - even if they have thought that they have destroyed all the data, they didn't

Permalink | |  Print |  Facebook | | | | Pin it! |

this is what happens when your porn logons get leaked online .....

it could be another person with the same name of course

but even than , you will have to explain all the time that it isn't you but some-one else

we found it because it was in a list of destroyed Belgian emailadresses with passwords not knowing it was for access to porn

Permalink | |  Print |  Facebook | | | | Pin it! |

Mensura knew it was fucked, so it wanted to pay but.....

well the result is that the data of tens of thousands of belgian workers has been for some time online and has been downloaded

as far as we have found out it was data about the sickleave of people that was placed online, but if you look at the form of mensura about the controls of medical leave there are enough data in it that will fall under medical privacy

now there is a lot more data at Mensura and it is not clear yet which data has been leaked or breached and which not and so it is now up for Mensura to come clean on that not only with its clients but also with all the people for which it has data

even I am in that database - so don't think I will let you get off that easy :(

it may be necessary that people change their passwords and logins, that other people get compensated because some data has become semi-public (underground) and that other information or IDcards have to be changed

if you think that you are finished with some technical upgrades on sunday, than you don't know what happened

I passed a personal formal complaint with the privacycommission (easy just send them an email at commission@privacycommisson.be) and I won't accept an answer that says nothing

if there are parties that want to go to court because of negligence, let me know I am interested

btw this isn't the first one, the other social secretariat with open database we solved in backoffice was about 200.000 belgians

it is time to act

and that time is NOW

Permalink | |  Print |  Facebook | | | | Pin it! |

dropbox accounts still being leaked online

did you change already your password on dropbox lately ?

Belgacom has asked me to suppress this file because it has accounts. Well you should know that dropbox accounts were leaked in great numbers although Dropbox itself said it wasn't true. 

choose who to trust

you can find dropbox accounts in pastebin if you know how to search for them and there were Belgians between them

Permalink | |  Print |  Facebook | | | | Pin it! |

how to find the confidential documents on mensura.be with google

first you have to find the robot.txt

in robot.txt are all the areas of the site that Google shouldn't index

so here this is that

and if you want to check what is effectively done than you do the following tric in Google

so this robot.txt file is just nonsense because it doesn't work and we didn't do any hacking or trying to

Permalink | |  Print |  Facebook | | | | Pin it! |

rex mundi hacks and leaks databases from Mensura.be and they have a lot of data

is your firm or organisation linked to mensura.be

well, than you can suppose that all that data is compromised except if an independent external consultant can show you without question that this is NOT the case (this is the only rule that you as a victim - client) can expect. If you don't do this, than you are not doing enough during your contact with the serviceprovider you have chosen to protect the data and the integrity of your workers and you could also be held responsable for not doing enough after the incident and leak to protect the data of your workers

I said that first you have to see a full incident report - not by the firm itself and not by the firms working for that firm but by your representatives and their estimation of the damage and the risks and the steps that have to be taken

they are trying to fix the problems without tellling you that they have been hacked and leaked

looking at the data we have to look at the different forms to have an idea which database could have been downloaded

 

this is the form for new clients

nice for a targeted attack campaign with some ATP 

and for the payment of your allocations for children you have to give up your RRN number as an identifier, something that is in fact FORBIDDEN by the privacycommission in Belgium

and than there is a lot of medical information online

Permalink | |  Print |  Facebook | | | | Pin it! |

rex mundi (update) republishes hacked Pizza Domino France data

he is back with a vengenance and so he publishes the data from the old leak again

 

and than we have the database

https://anonfiles.com/file/d498554c9308a65d3951bdfebf72d013

you can see that the passwords are now encrypted but I have no idea if that encryption is strong or not

but there is still enough other information like mobile numbers connected to emailaddresses and real addresses and names which is already a nice start for a targeted phishing campaign

it also says something about the security of pizza domino france

because if you were hacked, you know that you will be attacked agains and you should have upgraded your security enormously because you know this will happen - especially if you pissed them off by throwing them off twitter (what is the use, they will come back under another name anyway)

Permalink | |  Print |  Facebook | | | | Pin it! |

superhacker Rex Mundi hacked it again : major belgian data online for a moment

wow  

Permalink | |  Print |  Facebook | | | | Pin it! |

more information about the hacked and leaked belgian social secretariat working for TELENET

this is another proof from pastebin.com  search

so the social secretariat has to work for also telenet

so it means that all the social, medical and financial information that is on that server from

 

Permalink | |  Print |  Facebook | | | | Pin it! |

kineticcontrol.com hacked and leaked (also belgians)

Permalink | |  Print |  Facebook | | | | Pin it! |

major car loan website hacked and data leaked online (for a while)

there were three hacks and we have already one of the three

a social secretariat

this is the second one

Permalink | |  Print |  Facebook | | | | Pin it! |

probably major Belgian social secretariat is hacked and data was leaked on the internet

why do we know that now

as the paste is done we have typed the emailaddress in pastebin and than we found another bit of information  and there we see that it is about a person that is sick and has prolonged his period of leave

so which firm does the social secretariat for Thomascooktravelshop in Belgium ?

you shouldn't be surprised about this because one of our backoffice operations that were not published because of the sensitivity was about a social secretariat that had all her files open to the public internet and that we had closed down after that we contacted the responsable authorities in Belgium with that information

if this is confirmed this is huge

because in that database will and can be so much personal, financial and medical information that this is enormous

and it is not because it is not anymore on pastebin that it is not somewhere on the server of somebody or sold or traded or exposed elsewhere - we go hunting now

any more information, mail me

just a reminder : these are logical assumptions that haven't been proven yet but based upon the information before us, this seems to be the best logical explanation

and more from pastebin search

 

 

Permalink | |  Print |  Facebook | | | | Pin it! |

a datapack of half a million Belgian and french personal data has been shortly online

we don't have more information for the moment but it seems that a number of passwords to emailaddresses or logins which use an emailaddress as identifier have been hacked and that that site uses also paypal and vista

the other seems on the first site to be a hacked (sql injection probably) french or Belgian database which has lost all its customers or contactsdata

if some-one has more info, please free feel to contact me - even if it is only the name of the sites that have been emptied so we can warn the necessary instances to get them offline because if you can hack them anybody can (with some tools and some minimal guidelines)

so for one day that I don't do the normal checks in pastebin because of some heavy offline shit happening that needed my attention, I miss this one and it goes under the carpet (because nobody will inform you that your website was hacked and your personal data were leaked). I doubt that even the privacycommission is informed. If I were the persons mentioned in these lines I would write to the Privacycommission to ask to investigate. They can than ask the authorities to ask pastebin where the information came from and what it was and so on.... based on that information they can than go to the site that was a victim and in most cases even doesn't know that something happened.

the only bunchpacket of belgian data that big is the hack of VOO and normally Rex Mundi will have had an agreement about that and so that data shouldn't be in the open except if Rex Munid has resold it or some of his friends have decided to put it online anyway .....

but it is maybe just another victim of the new stupid ideology of Big data (without investing the big costs for security because it is all about limiting costs, not increasing efficiency (which is more expensive)

Permalink | |  Print |  Facebook | | | | Pin it! |

hackers talk of 500.000 creditcards to put online and want to play Sint Nicolas

first we would warn that in the paste old or fake listings have been published on these forums and that this is for the moment nonconfirmed but it is interesting enough to give it some attention and if real to follow up

and this is the first bunch (and these listings are also popping up elsewhere on pastebin)

Permalink | |  Print |  Facebook | | | | Pin it! |

11/11/2014

why your smarttv is a dumb privacy-idea (put a post-it on its cam and disable the microphone)

"I just bought a new TV. The old one had a good run, but after the volume got stuck on 63, I decided it was time to replace it. I am now the owner of a new “smart” TV, which promises to deliver streaming multimedia content, games, apps, social media and Internet browsing. Oh, and TV too.The only problem is that I’m now afraid to use it. You would be too — if you read through the 46-page privacy policy.

The amount of data this thing collects is staggering. It logs where, when, how and for how long you use the TV. It sets tracking cookies and beacons designed to detect “when you have viewed particular content or a particular email message.” It records “the apps you use, the websites you visit, and how you interact with content.” It ignores “do-not-track” requests as a considered matter of policy.

It also has a built-in camera — with facial recognition. The purpose is to provide “gesture control” for the TV and enable you to log in to a personalized account using your face. On the upside, the images are saved on the TV instead of uploaded to a corporate server. On the downside, the Internet connection makes the whole TV vulnerable to hackers who have demonstrated the ability to take complete control of the machine.

More troubling is the microphone. The TV boasts a “voice recognition” feature that allows viewers to control the screen with voice commands. But the service comes with a rather ominous warning: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.” Got that? Don’t say personal or sensitive stuff in front of the TV.

You may not be watching, but the telescreen is listening.
http://www.salon.com/2014/10/30/im_terrified_of_my_new_tv...

big brother

first the product than the security and last but not least the privacy

smarttv have been hacked already

Permalink | |  Print |  Facebook | | | | Pin it! |

the TORsweep was a result of undercover police work, technical knowledge and a cooperative host

it was good old police undercover infiltration work (while waiting patiently instead of jumping immediately on the chance just to break everything up but without really arresting everybody involved) and the cooperation of the host of the site (most of the TOR webservers are in fact on western hosts)

"Authorities said that they were able to arrest Benthall after an undercover Homeland Security agent was able to gain the trust of Silk Road 2.0′s administrators and received access to “private, restricted areas” of the site reserved for its leaders. Through that operation, the agent said he was able to interact directly with Defcon.

 

That agent detailed his investigation in full in the criminal complaint against Benthall, noting that he had attained moderator privileges on a forum that formed after the closure of the original Silk Road site. On that forum, the agent was able to see discussions between users who toyed with the idea of creating a successor site.

 

In May, agents were able to locate the server hosting Silk Road 2.0 in a foreign country, tracing alleged ownership back to Benthall. As the agent wrote: “Based on a review of records provided by the service provider for the Silk Road 2.0 Server, I have discovered that the server was controlled and maintained during the relevant time by an individual using the email account blake@benthall.net.”
http://www.forbes.com/sites/ryanmac/2014/11/06/silk-road-...

well once you get the emailaddress you get anything else, why didn't the guy use a tor emailserver - didn't trust it or lazy - those amateur undercover anonymous activists and wouldbe online gangsters don't really have the knowledge or guts or time to keep their identity anonymous (and so they get caught)

 

and these are the main targets for the next operation because not all of the top five illegal bazaars have been taken offline

"A study by the non-profit Digital Citizens Alliance in September found that the six most popular Tor-based markets by total product listings were Silk Road 2, Agora, Evolution, Pandora, Andromeda, and BlueSky. Operation Onymous captured fully half of those top sites. But Agora, Evolution and Andromeda remain online and will likely absorb many of the refugee buyers and sellers from the law enforcement busts. In fact, Agora had already passed the Silk Road in total product listings with more than 16,000 mostly-illegal offerings, and the fast-growing marketplace Evolution was already on pace to soon take the second place spot in the underground economy. via Andy Greenberg/WIRED
http://leaksource.info/2014/11/09/list-of-dark-market-sit...

but there are more operations to come because the police forces have set up a central command center for this kind of operations

2014-11-07_DarknetActionDay[1]

"The operation fits the objectives of Project ITOM (Illegal Trade in Online Marketplaces), an official Dutch initiative, supported by the European Union, to enhance cooperation between law enforcement and judicial authorities in an effort to hinder the development of online marketplaces.
http://www.deepdotweb.com/2014/11/08/129-seized-onion-dom...

and the goals of this operation are

http://www.deepdotweb.com/2014/09/28/itom-europes-plan-cr...

itommodel

what did you think that you could sell freely for millions of drugs online and that no police force would come to get you one way or another ?

if you read the chart above than you could also have - as a police officer - the following idea - let's shut down all those email and other contactservices on TOR so that they are obliged to use 'public' services to make contact - or set up honeypot torservices with email and so on so you can attract them, follow them and arrest them in another sweep - and if you do it you have another big advantage - that is that people won't trust any TORservice anymore because they don't know if it is a real one or a honeypot from the police (palace of mirrors)

and that is just the biggest problem or advantage of TOR for undercover operations - there is no way any user can know if a service if really anonymous, secure, hosted in an unreachable country or relayed with a real and not a fake relay tor server, operated by the police or not because otherwise TOR wouldn't be as anonymous

By the way the Belgians DO NOT PARTICIPATE in this operation - for now (fccu ? how come ? You have some of the best specialists on TOR it is being said)

Permalink | |  Print |  Facebook | | | | Pin it! |

these are the kinds of illegal webshops on ToR that are taken down

so before you think that it is only drugs (sample of 410 webservices on 29 servers  according to the latest account) oh and indexing only illegal services is also illegal (a directory for pedos is taken down also - hoera)

if it is criminal and illegal and has nothing to do with politics 

than you are on the next list to do

Permalink | |  Print |  Facebook | | | | Pin it! |

very few news sites offer full https protection to their readers

at least they could give it to readers from overseas if they don't want to give the protection at their national readers because normally there is no reason to do so but people from outside our western world are running risks for even reading your news sites

and TOR - the anonimity of TOR is being dismantled and the coders are only discovering now that there are a whole bunch of different attack codes, attacks and undercover surveillance relays on their networks and are crying for urgent help to stop the flood and keep their Titanic from sinking (I always found that they should have kicked all these drugbazaars and pedos out of their infrastructure)

source https://freedom.press/blog/2014/09/after-nsa-revelations-...

Permalink | |  Print |  Facebook | | | | Pin it! |

11/10/2014

all secret TOR services were warned they were discovered months ago but some didn't protect themselves

only 27 servers with 400 secret services were downed by an international police action

why not so many more - even if some are the biggest for the moment

and where did they get their information because TOR is supposed to be uncrackable (nothing is over time - it all depends on the effort one wants to put into it)

well here is one possibility - and even if they didn't get the information directly from the researchers - it is possible that they have learned how it was done and combined it with a lot of other new attacks against bitcoin and tor that were known for years but only got some perfection and ameliorations the last months

Researchers for example were earlier this year succesful in cracking the anonimity of hundreds of hidden services on TOR and were about to present their results on conferences but had to withdraw after an enormous uproar started in the online community. Those two paragraphs are the most important of that episode. Before they said that de department of defense didn't get the result but that it was possible that the FBI or DHS got it (but they didn't say by which (in)formal way).

"He warned then that "users who operated or accessed hidden services from early February through July 4 should assume they were affected."

 

Dingledine said the physical locations where the hidden services were housed could have been exposed, although probably not which content was viewed by a visitor.
http://www.reuters.com/article/2014/08/06/us-cybersecurit...

so any hidden service that didn't move since months and is does criminal action will have to move

Permalink | |  Print |  Facebook | | | | Pin it! |