mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,4 Tsd.
aktive Profile

#Misconfiguration

0 Beiträge0 Beteiligte0 Beiträge heute
Hackread.com<p>Over 3.5 million customer records from Australian global fashion brand <a href="https://mstdn.social/tags/SABO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SABO</span></a> were exposed online containing over 292GB database without any security authentication or encryption.</p><p>🔗 <a href="https://hackread.com/global-fashion-label-sabo-customer-records-leaked" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/global-fashion-la</span><span class="invisible">bel-sabo-customer-records-leaked</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mstdn.social/tags/Australia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Australia</span></a> <a href="https://mstdn.social/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a> <a href="https://mstdn.social/tags/Misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Misconfiguration</span></a></p>
Dissent Doe :cupofcoffee:<p>In August 2020, <span class="h-card" translate="no"><a href="https://infosec.exchange/@SchizoDuckie" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SchizoDuckie</span></a></span> and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."</p><p>In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span>, <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span>, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.</p><p>Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately. </p><p><a href="https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/04/no</span><span class="invisible">-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/</span></a></p><p>Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to <span class="h-card" translate="no"><a href="https://infosec.exchange/@TonyYarusso" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>TonyYarusso</span></a></span> and <span class="h-card" translate="no"><a href="https://hachyderm.io/@bkoehn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bkoehn</span></a></span> for their efforts. </p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/incidentmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentmanagement</span></a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>responsibledisclosure</span></a> <a href="https://infosec.exchange/tags/securityalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityalert</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
teufelswerk<p>Zapier (NoCode-Software) informierte am Freitag Kunden darüber, dass ein Unbefugter Zugriff auf Code-Repositories u. Kundendaten erhalten habe. Der Unbefugte konnte aufgrund einer Fehlkonfiguration der Zwei-Faktor-Authentifizierung (2FA) im Konto eines Mitarbeiters auf die Repositories zugreifen. Die Repositories hätten aber keine Kundendaten enthalten dürfen. Diese wurden versehentlich von Zapier hineinkopiert...</p><p><a href="https://www.theverge.com/news/622026/zapier-data-breach-code-repositories" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theverge.com/news/622026/zapie</span><span class="invisible">r-data-breach-code-repositories</span></a></p><p><a href="https://social.tchncs.de/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.tchncs.de/tags/mfa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mfa</span></a> <a href="https://social.tchncs.de/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2fa</span></a> <a href="https://social.tchncs.de/tags/leak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>leak</span></a> <a href="https://social.tchncs.de/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://social.tchncs.de/tags/zapier" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zapier</span></a></p>
teufelswerk<p>Modat Internet Index Solution führte Anfang 2025 eine umfassende Untersuchung durch und entdeckte 49.000 falsch konfigurierte, ungeschützte <a href="https://social.tchncs.de/tags/Zugangsverwaltungssysteme" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zugangsverwaltungssysteme</span></a> (AMS) in mehreren Branchen und Ländern, die die Privatsphäre und die physische <a href="https://social.tchncs.de/tags/Sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sicherheit</span></a> in kritischen Sektoren gefährden könnten. Die <a href="https://social.tchncs.de/tags/AMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMS</span></a> waren nicht richtig für die sichere <a href="https://social.tchncs.de/tags/Authentifizierung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentifizierung</span></a> konfiguriert, so dass nahezu jeder darauf hätte zugreifen können.</p><p><a href="https://social.tchncs.de/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.tchncs.de/tags/config" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>config</span></a> <a href="https://social.tchncs.de/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://social.tchncs.de/tags/kritis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kritis</span></a></p>
Dissent Doe :cupofcoffee:<p>About two hours after I posted our article on <a href="https://infosec.exchange/tags/KillSec3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KillSec3</span></a> trying to extort its victims using publicly leaked data, there was a <a href="https://infosec.exchange/tags/DDoS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DDoS</span></a> attack on my site.</p><p>Gosh, it must be just a coincidence, right? 🤔 </p><p>If you didn't read the post yet, you can read it here:</p><p><a href="https://databreaches.net/2024/12/08/is-killsec3-trying-to-extort-victims-using-publicly-leaked-data/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2024/12/08/is</span><span class="invisible">-killsec3-trying-to-extort-victims-using-publicly-leaked-data/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/fraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fraud</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/exposed_data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exposed_data</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@chum1ng0" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>chum1ng0</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@bucketchallenge" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bucketchallenge</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>amvinfe</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@lawrenceabrams" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lawrenceabrams</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>briankrebs</span></a></span></p>
Dissent Doe :cupofcoffee:<p>Bolton Walk-In Clinic in Ontario: lock down your backup already!</p><p>DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the dime.</p><p>Do any personal injury lawyers in Ontario, Canada, or folks in the Information and Privacy Commissioner of Ontario follow me? Maybe they can get something done. </p><p>Read more at: <br><a href="https://databreaches.net/2024/12/03/bolton-walk-in-clinic-in-ontario-lock-down-your-backup-already/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2024/12/03/bo</span><span class="invisible">lton-walk-in-clinic-in-ontario-lock-down-your-backup-already/</span></a></p><p><a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/error" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>error</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/exposure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exposure</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <br><a href="https://infosec.exchange/tags/DontCallMeHoney" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DontCallMeHoney</span></a></p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span></p>
Dissent Doe :cupofcoffee:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> This is why sometimes it's not enough to just disclose responsibly to an entity. Did you let the data protection regulator know that although the entity is claiming 4-day exposure window, your research found it was almost a year? And did you tell the data protect regulator that the entity is reportedly telling some departments that their data was not exposed, when you found clear proof that it was? </p><p><span class="h-card" translate="no"><a href="https://xn--baw-joa.social/@lfdi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lfdi</span></a></span> </p><p><a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>responsibledisclosure</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> <a href="https://infosec.exchange/tags/accountability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>accountability</span></a> <a href="https://infosec.exchange/tags/dataprotection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataprotection</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Dissent Doe :cupofcoffee:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@Scary" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Scary</span></a></span> Nice to see you here! Hope to see you posting/sharing more of your research. </p><p>When you say Alltech was flagged around 11 times before closing, what exactly do you mean by that? </p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>leak</span></a></p>
securityaffairs<p><a href="https://infosec.exchange/tags/Oracle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oracle</span></a> <a href="https://infosec.exchange/tags/NetSuite" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSuite</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> could lead to data exposure<br><a href="https://securityaffairs.com/167287/hacking/oracle-netsuite-misconfiguration.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/167287/hac</span><span class="invisible">king/oracle-netsuite-misconfiguration.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a></p>
Dissent Doe :cupofcoffee:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>douglevin</span></a></span> They claim “no data or information was exposed or compromised during this event."</p><p>Diachenko had posted a redacted screenshot on X<br><br> (see <a href="https://twitter.com/MayhemDayOne/status/1694311872827208160/photo/1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">twitter.com/MayhemDayOne/statu</span><span class="invisible">s/1694311872827208160/photo/1</span></a>) showing that personal information <em>was</em> exposed, so the firm's denial of any exposure seems.... factually inaccurate, to say the least. </p><p>Similarly, their statement that "Our technical team promptly resolved this issue as soon as it came to our notice." does not explain why they didn't notice it sooner when Diachenko first reached out to them to alert them. He went public because they didn't "notice" or respond timely while personal information was reportedly exposed. </p><p>This company does not seem very credible in their claims with respect to this incident. </p><p>And they also seem to be in a lot of financial distress even prior to this incident: <a href="https://www.bbc.com/news/world-asia-india-66126095" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bbc.com/news/world-asia-india-</span><span class="invisible">66126095</span></a></p><p><a href="https://infosec.exchange/tags/EdTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EdTech</span></a> <a href="https://infosec.exchange/tags/Misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Misconfiguration</span></a> <a href="https://infosec.exchange/tags/DataExposure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExposure</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EduSec</span></a></p>