security - Page 8

  • you can buy 32.000 belgian paswords from easypay for 40 euro

    this is the price Rex Mundi asks for his list of 32.000 belgian paswords and emailadresses that he stole from easypay.be

    in fact it is in bitcoins

    and this is not new but more and more stolen datasets are being sold for small sums in bitcoins

    well it would surprise me if he got 50.000 euro like he wanted from the firm and if he wants that kind of money that he needs  a lot of download but that he will only get if he can proof that they still work

    now, easypay has changed the passwords - well some people have said that they have received today (about two weeks late) a new password but it is not clear if they have been advised (two weeks late) to change also their passwords for all other services where they have used the same password or something that looks like it

    and it is not clear if some security agency in Belgium has bought the list or got the list from easypay to warn all the owners of big networks that they have to block some people - instead of going through a total pasword reset for everybody

    and even if that is the case, if you are a client of easypay than you better change your passwords now if they are the same or look like the same

  • et pour les flamand la même chose : bad certificate RRN

    because they use the certificate for the french subdomain for the flemish subdomain

  • updated : mensura.be is hosted in Spain

    forgot to double check with ipgeo tools who seem to differ, it is not belgium, the hosting company is in Belgium but the hosting is in Spain 

    this makes everything much more difficult 

    it is an .be domainname but it is hosted in Spain which makes it much more difficult to do forensic research there and I am not sure what will happen now with the legality of it all, which law will be applicable under which circumstance and which law is better for the firm or for the victims

    if you want to keep it simple, in future be sure that your data or that of your clients or users is in Belgium if you are a Belgian firm or work primarily with Belgians. This makes it much easier to work with belgian justice and belgian police and lawyers.

     

    IP Address 46.34.93.67
    Host www.mensura.be
    Location ES ES, Spain
    City Madrid, 29 -
    Organization Terremark
    ISP NAP de Las Americas-Madrid, S.A.
    AS Number AS23148 Terremark
    Latitude 40°40'86" North
    Longitude 3°69'22" West
    Distance 2252.09 km (1399.38 miles)

      

     

  • these organisations have to block all their passwords because of easypay.be

    please aks all your people who have logged in there to change there passwords elsewhere

    * if it is the same

    * if is has the same letters, structure, logic 

    take a totally different password from anything for your principal emailaddress

    you will always need your principal emailaddress to contact services if things are compromised or have to be verified

    all those firms and organisation have also to block all their accounts of their members who have logged in to easypay to be sure that they don't use the same password. You can't wait untill they say so or did so and you have to obligation as a good housefather and as a securityperson to protect your network and data and as you know now that their passwords are on sale online that you have to limit the risk by whatever means you have (and that means is to reset all the passwords of those people using your extranet or external protected services) and in some critical infrastructure like belgocontrol and isabel even their internal passwords (because I suppose that you don't have the cheap but effective double authentification methods) 

    you can't know when the data will be sold and to who

    the costs of doing so you can eventually try to recuperate on easypay by filing a claim in court - enough evidence to do so - because they were really negligent 

    oh and if you are a bank or you use personal private data and so on - than not blocking all those passwords - makes you NEGLIGENT - and if something happens - YOU ARE IN COURT 

    some say I am paranoid.

    I prefer to be a bit paranoid and not end up in court. 

    @belgocontrol

    @isabel 

    @abvv

    @fgtb

    @socmut

    @acv-csc

    @familiezorg

    @libmotov

    @multipharma

    @continentalfoods

    @maredsous

    @home-market

    @ocmwsintmertenslatem

    @generali-international

    @fedasil.be 

    and so and so on 

    1000 of the 32.000 are here 

    http://paste4btc.com/wVtizDaG

     

     

  • easypay.be doesn't pay so rex mundi puts 32.000 passwords up for online sale

    there are no passwords in this file

    these are just some of the emailadresses linked to the passwords

    http://paste4btc.com/wVtizDaG

    so 32.000 people will have to be alerted TODAY that if they have an account there they should change

    * the same passwords

    * passwords that look the same or have the same structure 

    for any service on the web that can be directly or indirectly linked to you even if they seem innocent at first

    skynetblogs has asked me to suppress the image with the proof

    If you are a lawyer and you need this information for your courtcase against easypay, you can contact me. 

  • Even Google forget procedure was used to destroy links to Rex Mundi data

    yep, they have used everything they have got to destroy the data that was placed online this time

  • Nobody is responsable in Belgium for online creditcompanies like the hacked finaleasecarcredit.be

    the hack and leak of  Finaleasecarcredit.be is important because it is another example of something that I have been running around for the last year but to no avail

    when rex mundi hacked some online creditcompanies  - including some big ones I asked the national bank who has some stringent itsecurityrules on paper and a very small department to go through them with the banks (but hey it is better than nothing) why these - even big - online creditcompanies didn't have to respect the same basic rules Banks have to respond to (encryption for example in this case)

    well, it seemed that the national bank of belgium was not responsable because when they made a list of the financial institutions for which the national bank of belgium was responsable, the firms that were only online were explicitly excluded from the supervision of the national bank (not only itsecurity but also to have enough money and other normal financial rules for normal financial institutions) 

    but they said, well, maybe the Minister of Economy can be hold responsable if he wants to act as the protector of consumer rights, so I went to the cabinet and the Administration of the Economy - consumer affairs and there we had some discussions but it seemed that their legal advisors didn't really find something they could use immediately and without discussion because there was no law or rule that gave them that power and they would have to try it using some interpretations of some global powers but that was a bit too risky

    so there it went

    nobody in Belgium is responsable for any online credit or loancompany or insurancecompany if it doesn't exist online or has set up a seperate online affliate

    now one of the biggest is hacked - after another big one last year and NOBODY is RESPONSABLE

    because everybody is explicitly excluded (National Bank of Belgium) or not explicitly appointed (Minister for Consumer Affairs)

    the only thing that can happen is that the Privacycommission takes up this case

    the site itself doesn't inform its users that it has been hacked and there is also no mention of any upgrading or technical maintenance over the weekend

    they probably think that as long as the normal big media doesn't report it, that nothing has happened

    except for this small litle stupid blogger over here ......

  • finaleasecarcredit.be hacked and leaked by Rex Mundi because everything is in CLEARTEXT

    Rex Mundi says that it is one of their hacks

    so which data is possible hacked, leaked and published on the internet ?

    as it is by SQL injection we have to look at the forms

    well, on their simulator, this is all the information they are asking (just part of it, it just goes on and on

    and it goes on and on and on and on

    but we couldn't tell you more about the security of the encryption because somehow it was not configured to be able to be analyzed by securitytools

    and in fact the reason is simple

    there is NO SSL encryption, there is probably no encryption at all, it is ALL in clear text

    so if some of these forms and databases get hacked, than all this data is being given in CLEAR TEXT

  • citizenlab releases the specific info about targeted attacks against democratic opposition groups

    it is the real data from this report https://targetedthreats.net/

    but the real listings are to be found here https://github.com/citizenlab/malware-indicators

  • this nmbs logon leads to war (look at url)

  • mensura.be did have the bucks and the people to secure your information

    it was only not interested in doing so

    this was the situation in 2008 but it should be otherwise today

  • mensura.be did have the bucks and the people to secure your information

    it was only not interested in doing so

    this was the situation in 2008 but it should be otherwise today

  • is Belgacom still responsable for mensura.be infrastructure ?

    this was in 2008 and the contract was for 6 years

    we are not saying that Belgacom is responsable because it could be another stupid thing - coming coming

    but interesting to know because these things happen more often when firms change providers or technology

  • world of warcraft servers under typical heavy DDOS attack (are you reaady)

    DDOS attacks today are so enormous that if you don't have contracts with your hoster and your ISP to displace your servers, a communication strategy and the essential appliances or contracts with the ISP's to stop (part of those attacks) you will just be overwhelmed and dead in the water

    and yes you can say that these DDOS attacks are nowadays 1 GBPS instead of the 20 or 100 MBPS they were before (and what could be handled)

    but now DDOS attacks need a clear strategy - before they take place

    and to show the importance is that after the DDOS attack the login process of the WOW servers was a mess and needed an enormous lot of work from the firm and its serviceproviders increasing another time the already enormous cost of stopping this

    the only way to stop this is an international anti DDOS war room that can contact all the major routers and hosts once those attacks are under way and coordinate a FAST response (cut off) to limit already the biggest overwhelming volume and to keep the infrastructure and the securitytools online to work through the other connections that have to be cleaned

  • if you are on windows95 windows98 or windowsxp you are NOT protected against SUPERBUG

    "Microsoft has patched a critical flaw in Windows that has existed in every version since the introduction of Windows 95 more than 19 years ago. IBM security researchers discovered the flaw earlier this year and notified the software giant privately in May. The rare bug allows attackers to remotely execute code on an affected system just by convincing Windows users to visit a URL in Internet Explorer. IBM says the exploit can be triggered on Internet Explorer 3.0 onwards, and every currently supported version of Windows is affected.

     

    "This vulnerability has been sitting in plain sight for a long time despite many other bugs being discovered and patched in the same Windows library," says IBM researcher Robert Freeman. While Microsoft is providing patches for Windows 8.1, Windows 7, Windows Vista, and its various server releases, the company stopped supporting Windows XP earlier this year so consumers will not be protected if attackers attempt to exploit the bug. There’s no evidence this bug is being exploited in the wild yet, but it has been rated 9.3 out of 10 on the Common Vulnerability Scoring System (CVSS) so it’s well worth patching through Windows Update if you haven’t already. http://www.theverge.com/2014/11/12/7202801/microsoft-patches-critical-19-year-old-windows-bug

    advice : change to Firefox and don't use Internet Explorer for the internet if you are still on those systems and you can lock down your Firefox so it is as protected as the latest version of Internet Explorer

    advice : if you are somewhat commercial than you should really change those systems - just to make sure that are not responsable for any dataloss you may have when you are attacked 

    advice : install some free firewall (zone-alarm) antivirus (avast) antispyware (search and destroy) and so on 

  • Obama asks wife of Chinese leader to give the information about his postmen back

    Obama to the wife of the Chinese leader "I know it was not one of our postmen you had an affair with when you visited the states lately, so please ask your husband to stop hacking us to find out who it was and give back the information about our postmen"

    her husband saying to Putin

    I did as you have said, I have taken all that data about all their postmen and I will find the man who was according to his workfiles at our holiday resort while I was in conference - she thinks I can't proof it but I will

    Putin is saying nothing because he already knows who it is, he has it all on film made by his spies and said he wanted to sell it to the Chinese leader but he thought that the price was too high and for that price he could try to find it for himself whatever the means

    Obama is telling the Chinese wife that he knows the KGB knows because the CIA was filming the KGB filming the Chinese and he knows that even the Chinese know that the CIA knows that the KBG knows because they were filming the KGB and the CIA (but they forgot to film the Chinese wife so they don't know who she met during one hour while her husband was away). The problem is that Obama is under wife and daughter surveillance all the time and Putin is having athletic erotic exercises with his new lover every day so he has hardly any energy left afterwards. So they don't have any dirty stuff yet to blackmail back - even an operation on the computers of the White House just before this meeting didn't turn up anything that could be used.

    the other guest in the row doesn't know how not to start laughing out loud (LOL)

    "All United States Postal Service (USPS) employees’ personal data—including names, addresses, social security numbers—has been exposed as the result of a hack believed to have originated from China. According to its own tally, USPS employs over 600,000 people.
    http://arstechnica.com/security/2014/11/all-us-postal-service-employees-personal-data-exposed-by-hackers/

     

  • a bitcoin mining farm on fire ......

    they were on first sight only out on the quick buck not ready to invest in real safe infrastructure - just as most of the rest of the bitcoin world with their totally unsafe codes that are being broken faster than it is corrected

    and they were really farming in a farm house on farm land (not joking)

    they don't have the same rules and controls like the rest of the financial industry even if they have become a real financial (black) industry

    https://bitcointalk.org/index.php?topic=521520.msg9451926#msg9451926

    because this doesn't look like a real datacenter - more a cannabisplant :)

    and this is the result of their non-investment