Image for post
Image for post

The attack on the SolarWinds supply chain through the SolarWinds Orion tool has proven to be one of the most devastating hacking incidents of recent years, impacting thousands of public and private organizations worldwide. One of the main features of this attack is the distribution of binaries through legitimate updates, which allowed the theft of credentials, privilege escalation attacks and eventually theft of sensitive information.

is one of the institutions that have invested the most resources in investigating this complex attack, which has enabled the detection of source code, engagement indicators, and behavior patterns associated with the hacking group responsible…

Image for post
Image for post

security researchers reported the finding of a private information leaking incident belonging to thousands of Turkish citizens due to a misconfiguration in an Amazon Web Services (AWS) bucket. This implementation contained information from more than 15,000 legal cases involving a minimum of 5,000 people.

The information was apparently stored by INOVA Y-NETIM & AKT-ERYAL DANI-MANLIK, an actuarial and legal advisory firm that stores statistical and risk analyses. Inova has operated in Turkey since 2021 and has significant business customers.

According to experts, the leak involves sensitive information such as full names, dates of birth, gender and national identification keys. In…

Image for post
Image for post

Due to an error in the implementation of its online system, the Department of Health and Welfare of West Bengal, India presented the information of at least 8 million tests performed on its population. This finding was reported by cybersecurity specialist Sourajeet Majumder, who in the past reported similar incidents.

“I can confirm that I found a problem on an Indian government website, which would have resulted in the leak of COVID-19 tests of millions of people in a particular territory,” Majumder says. …

Image for post
Image for post

Cybersecurity specialists reported the finding of some incorrect middleware configurations in Nginx that could expose compromised web applications to severe cyberattacks. Nginx is a modular, lightweight and open source web server, which has made it one of the most popular web solutions worldwide.

The report, prepared by security firm Detectify, mentions that the problem lies in Nginx’s versatility, considered its main attribute and which has served to operate on one in three websites worldwide: “At the end of 2020, we analyzed nearly 50,000 configuration files for Nginx downloaded from GitHub with Google BigQuery, finding a set of possibly incorrect settings…

Image for post
Image for post

The Federal Bureau of Investigation (FBI) has determined that a woman originally from Wisconsin entered an illegal site on the with the intention of hiring a hit man. Kelly Harper, 37, was arrested on February 5 after being charged by the person she was trying to murder.

The potential victim was in his residence accompanied by two journalists who had long been investigating cases of hired murders concreted via dark web when they made the report to the Sun Prairie Police. These journalists disclose evidence of a conversation between the alleged dark web market manager and a potential client, who…

Image for post
Image for post

Like other festivities, Valentine’s Day is an ideal opportunity for threat actors to deploy ambitious cyberattacks. This time, experts report that a hacking group is sending emails with information about alleged orders to flower and lingerie stores; actually these messages include links or attachments for downloading the BazaLoader .

This malware variant was identified in April 2020 and since then at least six variants have been detected, indicating that developers devote considerable resources for its maintenance.

The report, prepared by security firm Proofpoint, mentions that since the beginning of 2021 various phishing campaigns were detected using PDF documents infected with…

Image for post
Image for post

Brazilian data protection authority initiated an investigation into a massive data breach that would have led to the exposure of more than 102 million private telephone records, so it is already considered one of the most serious cybersecurity incidents ever detected in Brazil and even South America.

The information, picked up from a local news platform, notes that this incident involves all kinds of personal records, including full names, taxpayer data, call history, among other sensitive data. An additional report mentions that some records contain information belonging to Brazilian President Jair Bolsonaro.

In this regard, a threat actor based outside…

Image for post
Image for post

Have you ever thought of raising your voice to support a cause or oppose government policies? Sure you have but you were surely worried of getting arrested by the authorities. A peaceful march is a strategic way to address and bring awareness to a cause. Successful public demonstration isn’t just random chaos. It is a planned organized mobilization designed to effect change.

We will tell you how to organize a successful peaceful protest campaign using your phone, some basic stuff, water and a lot of lemons. But how would lemons and water get your voice heard? …

Image for post
Image for post

Just a couple of months after the information security incident that affected thousands of users, the music streaming platform confirmed the detection of a new credential stuffing attack, which led to a massive reset of passwords as an emergency security measure. It should be noted that in a credential stuffing attack, the cybercriminals create software to try to automatically access online accounts using email addresses and passwords leaked in previous security incidents.

In mid-November 2020, a malicious hacking group tried to compromise the accounts of thousands of Spotify users via this attack variant. …

Image for post
Image for post

Security flaws could be detected on all kinds of technological devices, including on a coffee vending machine. A cybersecurity specialist has just revealed a way to compromise smart cards on older models of Nespresso coffee machines in order to get free and unlimited drinks. Polle Vanhoof, a Belgian security researcher, mentions that this technique depends on modifying the values stored on smart cards.

“The process of decrypt the security keys and downloading the contents of these cards is feasible due to the security weaknesses inherent in their design and the technology with which they were manufactured,” Vanhoof says. …

Eli Cyber Security

Knowledge belongs to the world

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store