No trust without independent control - Page 4

  • #rexmundi hack we confirm has lost numbers of bankaccounts (2000 or 100)

    It wasn't with but with the form of that there was the possibility to fill in your bankaccount numbers

    they have lost about 2800 accounts

    but the export of the data seems to be problematic, in the table it is shown as x.xxxxxE+13 where x is a number of an account that we have changed - so without the 13 other numbers we aren't sure what the number will be and it is not clear if he has been able to download the numbers of the accounts fully and is this a bad export to a table that could be posted on dpaste or if this is the form in which he has some bank accounts

    if he has all the bankaccountnumbers in full than he has about 2000 bankaccounts with all the personal details of the people involved

    if he has the bankaccountnumbers in the short manner than there are only about 100 bankaccountnumbers in full that were short enough to be downloaded or published in full

    now, don't start crying victory because it would be a false victory

    we don't know anything and because we don't anything and we live only on suppositions we should suppose only that all that data has been compromised and as it is compromised we shouldn't use and we should change it


    and even if he doesn't publish the bankaccountnumbers in full than he can sell them or just upload the full dataset to a real fileserver

    anyway, the Belgian banks should urgently start with organizing some methodology to respond to cases like this - informing the victims is not enough - you should help the victims and you should give them the compensation for having to change a lot of administrative things

  • #rexmundi hacked another online interim firm but no dataleak yet but real reputationdamage

    so what is this

    well the site seems to have been gone offline - the best thing to do under the circumstances

    but it will go into the digital history for some time as being hacked and leaked

    because if you look for xtra-interim in Google than you have got their website but just under it the news that they were hacked

  • #rex mundi is not from Belgium, but he came to belgium hack

    In this article in De Morgen Eddy Willems thinks that he or the group is from Belgium because he has been attacking Belgian targets lately. He thinks they are frenchspeaking.

    Rex Mundi discovered Belgium. He was hacking in France, Netherlands and some other countries while by chance he discovered that the state of internetsecurity was so bad here that it was a piece of cake to hack websites of some specific sectors who have no oversight at all and where everybody can do on the web whatever he does well or bad and nearly nobody cares a bit about their responsabilities and the consequences because there is nobody who has the power or wants to effectively use his authority voluntarily to impose norms, audits and punishments.

    I could be wrong because Rex Mundi seems to have learned a lot from the mistakes the Lulzsec people made and the fact that he is still out there hacking and changing the way he is operating seems to confirm this. Rex Mundi is a ghost.

    Rex Mundi will never be caught if there is no dedicated international team that hunts him down like all other big or important hackers and cybercrime groups have been hunted down. This was never done by one country or one operation but by a coordinated international team with all the necessary resources, judicial powers and evidence.

    Otherwise we they will never find Rex Mundi

    I am not Rex Mundi and even not part of it. Never was.

    But I don't understand what all that grandstanding about the digital Interpol is while here is one example of one experienced hackers ransacking Belgium for the moment but ready to go back to whatever countries he tried out first.

  • #leak with also many Belgians published

    no link due to lawyers

    passwords seem encrypted but can't even try to decrypt

  • #snowden the NSA document showing the phone of Merkel was tapped seems in doubt

    "Harald Range launched an official investigation in June, believing there was enough preliminary evidence to show unknown U.S. intelligence officers had tapped the phone, although there was not enough clarity on the issue to bring charges.


    On Wednesday he said however, "the document presented in public as proof of an actual tapping of the mobile phone is not an authentic surveillance order by the NSA. It does not come from the NSA database.


    "There is no proof at the moment which could lead to charges that Chancellor Merkel's phone connection data was collected or her calls tapped."


    Range said neither a reporter for German news magazine Spiegel who presented the document, nor Germany's BND foreign intelligence agency, nor Snowden had provided further details to his office. The investigation continues, however.

    if that document is in doubt, than there can also be some doubt between other documents - even more now there seems to be several caches or selections of documents that are being used by different people in different places

    the effect of course will be that the real journalists will now ask more guarantees from the NSAjunkies to proof that their documents are really coming from a real Snowden cache and are really from the NSA

  • #ukraine Russian troops are on the move.... to Mariupol

    this is what they are writing on their tanks

    this is what they are saying on their social media

    this is one of the several columns rumored to be heading to Mariupol

    or somebody thought that Putin didn't want to take Mariupol and gave up on the idea ?

    what will the rest of the world do if he starts attacking Mariupol ?

  • #rexmundi decides not to publish the national registry numbers but what about the bank account numbers

    thanks for that

    they are in any case compromised

    and together with the bank account numbers this would have been mortal

    the other question stays what will now happen with the people who have their personal contactdetails, some personal and financial information and their bankaccounts published

    in the US the firm or service responsable for the protection of the data has to pay for a year of monitoring or the costs of changing the bankaccounts and other details


  • #rexmundi leaks what we see and what we don't

    • first we don't see the national registry numbers which is good if that was the intention - we say that you should never fill that in online or any other personal or financial information if you don't have all the necessary security settings (like https, like being protected behind another login screen, etc....)
    • Secondly we see that some people have not filled in all the information which shows that people sometimes begin to think like we do - if you don't need it, you shouldn't get it
    • third the passwords are protected somewhat

    but we see

    id	langID	hiant_id	cv	tel	naam	email	busnr	office	huisnr	straat	diploma	
    postcode voornaam gemeente
    paswoord opmerking creationdate nationaliteit geboortedatum geboorteplaats burgerlijke_stand

    we have emails and if somebody is still married and the address and so on

    and we see

    id eid hiant_id video_id arbeidsstelsel cv tel naam type email active straat
    statuut bedrijf postcode paswoord
    voornaam gemeente opmerking loginnaam fiscale_code creation_date nationaliteit
    geboortedatum rekeningnummer geboorteplaats burgerlijke_stand fiscale_code_temp

    not everybody filled in their NR of their banc account (wise) but some did and they may have to get some
    special protections and maybe change their number of their account viewing the number of personal details
    that are published and makes it easier for fraud and phishing

  • microsoft accepts bitcoin but will it learn it also how to secure itself ?

    It is Gates who inspired the decision

    but Microsoft should go further than that and learn the Bitcoin community who is now awash with managers and investors about how to (re)secure the bad code, the bad libraries, the bad practices in development which makes it today to vulnerable too be a good platform that will survive hack and other attacks

  • #rexmundi leaks thousands of personal contact details of the hacked tempjob agencies

    due to legal reasons no direct links



  • #ukraine US gives itself the legal possibilities to intervene and help the attacked eastern front states

    so you are not alone and if it comes to that the US president and the military have the legal and democratic powers to intervene while the NATO can intensify their links and decide if it comes to that what they will or can do

    the bill itself :

  • Belgian Mobile Networks used for Mobile attacks from Inception espionage network

    the following Belgian mobile networks were used in these Inception attacks and had mobile malware MMS files being sent over

    this shouldn't surprise anybody as Brussels is the diplomatic capital of Europe

    we should also remember that in Belgium NOBODY is responsable for MOBILE attacks because the CERT (already underfinanced and understaffed) is NOT responsable for the MOBILE networks, they say that the Belgian mobile operators themselves are responsable

    the belgian mobile operators are shouting every so many months about the successes of the mobile data revolution blablabla but there is NO MOBILE CERT and the latest news from PROXIMUS is that the securityteam is responsable for FRAUD but not for malware

    this seems to be the responsability of the mobile users but he doesn't know that the mobile datatraffic is not filtered and protected and scanned as is the case with the normal traffic and that there is no securityteam that is looking at and investigating attacks in the mobile traffic

    and in any case, very few mobiles are in se secure, they are as secure as computers were 10 years ago (and the same for tablets)

    Proximus 197

    Mobistar 78

    BASE 33

    but these are targeted attacks against certain specific targets, so these numbers can't be high

    You should read the Inception report - see previous post because there is so much information in it

    it is time that somebody in Belgium starts worrying about mobile attacks while our ministers use all kinds of insecure mobiles

  • new international cyberespionagenetwork Inception with new techniques discovered

    you will have to read the whole file if you are a specialist

    the points to remember are the following

    * they use webdav so you will have to look at webdav traffic coming to that - eliminate everything you don't know

       go from free for all to only those you know and look at the logs of the things that were blocked

    * they use infected files of which RTF and docs so sandboxing attachments or opening them on specific servers with no connections to any workstations (scripts, installations etc...) and no links to the internet

    * they use routers they overtake which haven't been hardened which means that you will have to take the security of your routers more seriously and look at what happens to them and who has access as an administrator to those routers (they own hundreds of them)

    * nothing can protect you once you are infected because all processes take place in memory - it is game over

    * there is also a mobile element with infected multimedia messages but I never believed that mobiles were secure anyway

    the targets are mainly russian for the moment but everybody will be reading and analyzing these files and this will just become another method used by everybody with enough knowledge or sold to anybody willing to apy for it


  • those who think that they are anonymous on bittorrent forget something.... they are not

    and other trackers and software are just encoding and keeping track

  • Googlemaps shows status of Crimea depending on where you live #ukraine

    this says something about the universality of information and the correctness of information because it is not disputed legally, it is still legally part of Ukraine, point final

    once you start departing from that point of view you are creating problems with no return

  • before the #sonyhack there was the wipe-attack against Las Vegas Sands Casinoservers

    same methodology

    extract and destroy the rest while the victim tries to hide the damage from the public

  • are the US cruisemissiles coming back to Europe - and no peace movement now to count on

    at the time it was the US who was thinking and planning a limited nuclear war in Europe (Reagan and Haig and so)

    now it is Putin who is sending nuclear missiles to Crimea, the Baltic region and before our coasts (submarines) and along our borders in planes

    it are the Russian troops shooting every day to kill in Ukraine, having already killed already thousands of people and not willing to abide by any peace agreement or diplomatic solution

    it is in Moscow that people are parading with posters of Stalin, responsable for the deportation of 17 million people to the Gulag and nobody really knew how many millions died during the Big purge

    it is Putin that is speaking in terms of war time and time again and Obama who is looking more and more like Roosevelt was treating Stalin (like a friendly Puppy he could handle personally while Churchill didn't trust Stalin a second)

    so there may be some peace movements and demonstrations but they will be dubious (Marie Le Pen may even participate) and they won't be understood in the eastern memberstates of the EU and NATO. Well, you will also have the people who are always against the US whatever it is doing and do not want to know anything wrong about Russia because that is all propaganda

    For the moment there are about 800 russian missiles targeting Europe with a madman holding the button

    the day the first missiles land, don't be surprised that the situation will degrade quite quickly and that US troops will follow fast afterwards - except if Putin is brought back to his senses and stops this circus of military provocations and incursions and undercover destabilisation operations

  • the future of TOR is in encryption not hosting the underworld and so it is a networkservice

    as an ISP you could already propose a clean TOR relay service

    the only thing you will have to do for legal reasons is to put a proxy behind it so that you can go on the whole of the internet except onion sites (just one blocking rule in fact)

    and if you go on it to do something awfully wrong, it will be in the logs

    but for their business clients it would be useful to go on a respected and trusted relayserver and be able to communicate with a host of countries and clients without endangering your privacy or confidential information

    fundamentalists won't like it, but I think it is the kind of service that will make TOR available on a reliable scale for the real purposes that it was put into place


  • #ukraine putin is channeling all the money he can to his croonies in these hard times


    that is what friends are for

    or also the proof that Russia is a cooperation, nothing more

  • hacked and LOL

    this is a very old server time to throw it away

    and the following even I couldn't make up

    and this is for the following cities