X

我们使用cookie,以确保适合你的经验

我们用饼干和其他跟踪技术来提高你的浏览体验在我们的网站上,显示个性化内容和有针对性的广告,分析网站流量,并理解我们的观众来自哪里。你也可以阅读我们的隐私政策,我们使用cookie来确保你在我们的网站上的最好的体验。

选择我接受,或继续在网站上,你同意我们使用饼干条款和条件

得到应用

\"\"
<\/span><\/figcaption><\/figure>New Delhi: Cyber-security researchers on Wednesday revealed that hackers have compromised the swachh.city platform, an initiative of the Swachh Bharat Mission<\/a> in association with the Ministry of Housing and Urban Affairs<\/a>, that could put \"critical information\" of nearly 1.6 crore (about 16 million) users at risk.

From the data sample that was disclosed by the threat actor to substantiate his claim on the Dark Web, researchers were able to assess registered email addresses, password hashes, registered phone numbers, transmitted OTP information, login IPs, individual user tokens, and browser fingerprint information of the affected users.

The threat intelligence team of AI-driven Singapore-headquartered CloudSEK<\/a> said the breach of the Swachhata Platform is the handiwork of threat actor LeakBase<\/a>.

The finding showed that critical information of approximately 16 million users could be ending up in the wrong hands.

\"The adversary, going under the monikers of LeakBase<\/a>, Chucky, Chuckies, and Sqlrip on underground forums has shared a database containing Personal Identifiable Information (PII) such as email addresses, hashed passwords, User IDs etc, that allegedly affects 16 million users of the swachh city<\/a> platform,\" the researchers noted.

LeakBase often operates for financial gain and conducts sales on its marketplace forum on the Dark Web.

\"The database of size 1.25 GB has been disclosed under the post and has been hosted on a popular file-hosting platform,\" informed the team.

LeakBase also offers access to admin panels and servers of most CMS<\/a> (content management systems).

\"As individuals whose personal details such as phone numbers and email addresses are advertised for sale, there is a strong possibility of it being used against them,\" said CloudSEKA.

This information can be harvested by threat actors to conduct phishing, in the form of fake breach notice emails from Swachh City<\/a>, and social engineering to reveal more sensitive information.

It would equip malicious actors with details required to launch sophisticated ransomware attacks, exfiltrate data, and maintain persistence, warned researchers.

This information can also be aggregated to further be sold as leads on cybercrime forums.

\"Implement a strong password policy and enable MFA (multi-factor authentication) across logins. Patch vulnerable and exploitable endpoints and monitor for anomalies in user accounts, which could indicate possible account takeovers,\" advised the researchers.
<\/body>","next_sibling":[{"msid":94515710,"title":"Russia demands Apple explain VK removal from App Store","entity_type":"ARTICLE","link":"\/news\/russia-demands-apple-explain-vk-removal-from-app-store\/94515710","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":94515911,"entity_type":"ARTICLE","title":"Govt's Swachh City platform hacked, data of 1.6 cr people at risk: Researchers","synopsis":"From the data sample that was disclosed by the threat actor to substantiate his claim on the Dark Web, researchers were able to assess registered email addresses, password hashes, registered phone numbers, transmitted OTP information, login IPs, individual user tokens, and browser fingerprint information of the affected users.","titleseo":"telecomnews\/govts-swachh-city-platform-hacked-data-of-1-6-cr-people-at-risk-researchers","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":170,"shares":0,"engagementtimems":628000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-09-28 21:20:24","lastupd":"2022-09-28 21:25:44","breadcrumbTags":["swachh city","leakbase","Swachh City platform hacked","Swachh Bharat Mission","ministry of housing and urban affairs","cms","cloudsek","1.25 GB data disclosed","internet"],"secinfo":{"seolocation":"telecomnews\/govts-swachh-city-platform-hacked-data-of-1-6-cr-people-at-risk-researchers"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-09-28" data-index="article_1">

政府窃听Swachh城市平台,数据1.6 cr人风险:研究人员

从数据样本所披露的演员来证实他黑暗的威胁网络,研究人员能够评估注册的电子邮件地址,密码散列,注册电话号码,OTP传播信息,登录IPs,个人用户令牌,受影响的用户和浏览器指纹信息。

  • 更新2022年9月28日09:25点坚持
阅读: 100年行业专业人士
读者的形象读到100年行业专业人士

新德里:网络安全研究人员周三透露,黑客swachh妥协。城市平台的计划Swachh巴拉特的使命在协会住房和城市事务,可以把“关键信息”近1.6卢比(约1600万)用户面临风险。

从数据样本所披露的演员来证实他黑暗的威胁网络,研究人员能够评估注册的电子邮件地址,密码散列,注册电话号码,OTP传播信息,登录IPs,个人用户令牌,受影响的用户和浏览器指纹信息。

广告
威胁情报组AI-driven Singapore-headquarteredCloudSEK说,违反Swachhata平台是演员一手造成的威胁LeakBase

这个发现显示关键信息的约1600万用户可以最终落入不法之徒手中。

“对手的名字下LeakBase小鸡,小鸡,Sqlrip地下论坛共享一个数据库,其中包含个人身份信息(PII)如电子邮件地址,据称哈希密码,用户id等,影响了1600万的用户swachh城市平台,”研究人员说。

LeakBase经常运行对经济利益和对其市场进行销售黑暗网络上论坛。

“1.25 GB大小的数据库已经披露根据职位和托管在一个受欢迎的文件托管平台,“通知团队。

LeakBase还提供了访问和服务器的管理面板CMS(内容管理系统)。

”作为个人的电话号码和电子邮件地址等个人信息出售广告,有很大可能被用来对付他们,“CloudSEKA说。

这些信息可以通过威胁演员进行钓鱼,收获的假违反通知电子邮件Swachh城市,社会工程揭示更多敏感信息。

广告
它将恶意演员装备细节要求推出复杂ransomware攻击,漏出数据,并维护持久性,研究人员警告说。

这些信息也可以聚合,进一步导致网络犯罪论坛上被出售。

“实现一个强大的密码策略,使在登录MFA(多因素身份验证)。补丁脆弱和可利用的端点和监控用户帐号异常,这可能表明可能的收购,”研究人员建议。
  • 发布于2022年9月28日09:20点坚持

加入2 m +行业专业人士的社区

订阅我们的通讯最新见解与分析。乐动扑克

下载ETTelec乐动娱乐招聘om应用

  • 得到实时更新
  • 保存您最喜爱的文章
扫描下载应用程序
是第一个发表评论。
现在评论

评论

现在评论 阅读评论(1)
  • 乐动扑克
  • 政府窃听Swachh城市平台,数据1.6 cr人风险:研究人员

\"\"
<\/span><\/figcaption><\/figure>New Delhi: Cyber-security researchers on Wednesday revealed that hackers have compromised the swachh.city platform, an initiative of the Swachh Bharat Mission<\/a> in association with the Ministry of Housing and Urban Affairs<\/a>, that could put \"critical information\" of nearly 1.6 crore (about 16 million) users at risk.

From the data sample that was disclosed by the threat actor to substantiate his claim on the Dark Web, researchers were able to assess registered email addresses, password hashes, registered phone numbers, transmitted OTP information, login IPs, individual user tokens, and browser fingerprint information of the affected users.

The threat intelligence team of AI-driven Singapore-headquartered CloudSEK<\/a> said the breach of the Swachhata Platform is the handiwork of threat actor LeakBase<\/a>.

The finding showed that critical information of approximately 16 million users could be ending up in the wrong hands.

\"The adversary, going under the monikers of LeakBase<\/a>, Chucky, Chuckies, and Sqlrip on underground forums has shared a database containing Personal Identifiable Information (PII) such as email addresses, hashed passwords, User IDs etc, that allegedly affects 16 million users of the swachh city<\/a> platform,\" the researchers noted.

LeakBase often operates for financial gain and conducts sales on its marketplace forum on the Dark Web.

\"The database of size 1.25 GB has been disclosed under the post and has been hosted on a popular file-hosting platform,\" informed the team.

LeakBase also offers access to admin panels and servers of most CMS<\/a> (content management systems).

\"As individuals whose personal details such as phone numbers and email addresses are advertised for sale, there is a strong possibility of it being used against them,\" said CloudSEKA.

This information can be harvested by threat actors to conduct phishing, in the form of fake breach notice emails from Swachh City<\/a>, and social engineering to reveal more sensitive information.

It would equip malicious actors with details required to launch sophisticated ransomware attacks, exfiltrate data, and maintain persistence, warned researchers.

This information can also be aggregated to further be sold as leads on cybercrime forums.

\"Implement a strong password policy and enable MFA (multi-factor authentication) across logins. Patch vulnerable and exploitable endpoints and monitor for anomalies in user accounts, which could indicate possible account takeovers,\" advised the researchers.
<\/body>","next_sibling":[{"msid":94515710,"title":"Russia demands Apple explain VK removal from App Store","entity_type":"ARTICLE","link":"\/news\/russia-demands-apple-explain-vk-removal-from-app-store\/94515710","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":94515911,"entity_type":"ARTICLE","title":"Govt's Swachh City platform hacked, data of 1.6 cr people at risk: Researchers","synopsis":"From the data sample that was disclosed by the threat actor to substantiate his claim on the Dark Web, researchers were able to assess registered email addresses, password hashes, registered phone numbers, transmitted OTP information, login IPs, individual user tokens, and browser fingerprint information of the affected users.","titleseo":"telecomnews\/govts-swachh-city-platform-hacked-data-of-1-6-cr-people-at-risk-researchers","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":170,"shares":0,"engagementtimems":628000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-09-28 21:20:24","lastupd":"2022-09-28 21:25:44","breadcrumbTags":["swachh city","leakbase","Swachh City platform hacked","Swachh Bharat Mission","ministry of housing and urban affairs","cms","cloudsek","1.25 GB data disclosed","internet"],"secinfo":{"seolocation":"telecomnews\/govts-swachh-city-platform-hacked-data-of-1-6-cr-people-at-risk-researchers"}}" data-news_link="//www.iser-br.com/news/govts-swachh-city-platform-hacked-data-of-1-6-cr-people-at-risk-researchers/94515911">