Category Archives: Hacking

Here we deal with all current topics related to piracy. You will be informed of the latest news on COMPUTER security and we will give each time a solution or advice to protect yourself.

8000 Decathlon employees have their personal data exposed

In a recent survey conducted by VPNmentor, it was discovered that several personal data, including emails, names and surnames, photos, identification tokens belonging to employees of the decathlon company, are available online without any protection.

This exposed data is believed to be due to a poor bucket S3 configuration on a server used by one of the company's partners

"The bucket S3 also contained security tokens that could have provided additional access to private accounts or other internal areas of the Decathlon system," VPNmentor said.

This article will also interest you: Microsoft Azure Blob: what lessons learned from data leakage?

This umpteenth data leak is in addition to another that was discovered a little over a year ago, this time again Decathlon Spain, where 123 million records were exhibited on an Elasticsearch server. The data leak was also discovered by VPNmentor.

According to the company's security researcher, the recent data leak affects nearly 8% of Decathlon employees. The partner who would have been involved in the poor configuration of bucket S3, would be a consulting company named Bluenove.

According to figures provided by VPN Mentor, exactly 7883 Decathlon employees are affected by this exhibition. However, the company stated that the majority of the data exposed had nothing to do with its investigation, which was conducted by the consulting firm that was singled out.

"The photos can be illustration photos of the platform, by no means personal photos of the respondents. As for the "city" or "country," the data is linked to the locations of Decathlon stores not the personal information of respondents," a Bluenove spokesperson said in a recent interview.

However, the sensitivity of the majority of the data affected by this leak cannot be denied. "The bucket S3 also contained security tokens that could have provided additional access to private accounts or other internal areas of the Decathlon system. However, we have not attempted to use these tokens for ethical reasons, but we urge Decathlon to investigate further to avoid abuse by malicious third parties," VPNmentor said.

"Token keys are not linked to Bluenove's information system," the consulting company's spokesman added. "We have removed the offending .xls files, which are denser exports of this nature. The[VPNmentor]y may have read them to another level on the way to the bucket. Our exports do not contain token. We export metadata such as those on the file: time stamping, author's name, contribution url," he adds.

According to VPNmentor, the security flaw has been discovered since March 2021. However, there is a good chance that the data will be available since November 2020. This greatly exposes victims to a phishing campaign.

"If hackers had accessed this data, they could have targeted thousands of Decathlon employees and customers with various forms of online fraud and viral attack. By combining an individual's personal data, investigation information and other details exposed, hackers could have created highly effective phishing campaigns posing as Bluenove or Decathlon via email or phone. By doing so, they could easily convince people to provide even more sensitive data for fraudulent purposes or by clicking on built-in links with malware, spyware or other vectors," VPNmentor said in its blog post.

According to the latter, the consulting firm employed by Decathlon, could have avoided this situation, by implementing some very simple methods to secure its servers. "Make the bucket private by adding authentication protocols, follow AWS best access and authentication practices, and add more layers of protection to S3 compartments to further restrict who can access them from each entry point," notes VPNmentor.

For his part, Bluenove argues: "All of our buckets for our consultations are encrypted. When debates are public, we create buckets for public resources that are published and accessible. We have prioritized the implementation of encrypted key and profile management via the secure IAM system since we hosted our steps on AWS."

Now access an unlimited number of passwords:

Check out our hacking software

Belgium hit by mysterious computer attack

Last week, the Belgian parliament was the target of a computer attack.

The institution's computer networks were affected by a malicious attempt to intrusion. But it is not only that in the Walloon parliament, several institutions have also been affected by this wave of cybercrime. At this time the identity or motive of the hackers has not been clearly defined. In reality it is the Belnet network that has been blocked by hackers.

This article will also interest you: Computer hacking: about 400 computer systems in Belgium affected by the Microsoft Exchange security flaw

"Three days ago, on Tuesday, May 4, the Belnet national search network was the victim of a large-scale cyberattack. Some 200 institutions connected to this internet access network have been affected. The House, the Walloon Parliament and universities have suddenly faced a slowdown in their computer systems. explains Max Helleff from Brussels.

In practice it can be clearly meant that hackers seem much more interested in the lucrative aspect of their computer attacks.

"Hackers mainly motivated by the "profitable aspect"

While the closure of Cactus outlets is the latest example of a cyberattack, this phenomenon is not growing exponentially," according to some IT experts. However, a much greater impact of the cyberattack is to be expected.

We know, for example, that the attack that targeted the Belgian parliament is of the type of Distributed Service Denial. This means that hackers were not intended to steal data, for example, or to actually break into the computer system. Their goal was simply to make the services they targeted out of ability. This by saturating Belnet.

In addition, the operator concerned announced that it had managed to repel the computer attack. Since then things seem to be back to normal. However, there are still areas of shadow. Who could have launched this computer attack against the Belgian institutions. Why the protection system in this situation has not been sufficiently resistant. Assumptions have been made in this regard.

For example, on 4 May, he should have been held in the hearing chamber to make motions for a resolution against the Chinese government's repression in Xinjiang province. In particular, with regard to the treatment of Uighurs. As luck would have it, a cyberattack occurs, and the hearings have been cancelled. On the agenda of these hearings was a proposal to "recognize the crime of genocide perpetrated by the government of the People's Republic of China against the Uighurs".

Samuel Cogolati, Green MP, Pierre at the head of this resolution means that it is legitimate to ask questions about this coincidence between the hearings and the computer attack. He told the press that "this was the first time that a Uighur survivor had to testify before a parliamentary assembly in a public, overdrawn manner." For him it is an attempt at intimidation.

Now access an unlimited number of passwords:

Check out our hacking software

Ransomware: The Boutin Group Targeted

Last week, the Canadian carrier was targeted by a computer attack.

Despite some constraints due to the cyberattack, the Boutin Group managed to continue its activities.

Note that the Boutin Group specializes in road freight transport. According to several cybersecurity experts, one needs to be created on the impact that this security incident could have on the entire supply chain of the various Quebec companies.

This article will also interest you: Is the Maze hacker group gone?

To deal with the cyberattack, the trucking company had to restart all of these computer systems. An internal investigation was launched and the security of Quebec was also involved.

With these 100 trucks and 350 employees, the company continued to operate. Although some of the latter's portals remain paralyzed for the time being

"It happened on April 16. We have hired specialists to investigate, but we have not yet had the report," explained the president, Bernard Boutin, he concedes that it has "disrupted" his activities.

Through his statement he hopes to be able to raise awareness among other business leaders about its scourges of cybercrime, especially ransomware attacks.

"There is no border. It sends viruses to the left and right," warns the entrepreneur, "and the targets are multinationals, but also SMEs. The consequence is the same for all. We need to rebuild our servers. adds

The cyberattack was revealed by participants from the Hackfest community. This after having documents on the website of the CL0P group. It is the same organization that attacked Bombardier in February 2021. It's time for Sam Harper. He's a freelance journalist. He also claimed that there are 13 files available on the dark web involving the trucking company.

The issue the officials of the road transport company said they were already aware of this situation.

"We know about where they were in our systems, but wh[on ne sait pas exactement]at data could have been affected and what data could have been exfiltrated," boutin says.

"It's so well done that I don't know if we're going to know beyond a doubt," the group's boss said. He said he refused to pay the ransom demanded. Moreover, he believes that the proliferation of cryptographic currencies facilitates the expansion of the June cyberattacks. "It's going to give opportunities to people who by embezzlement have become rich with cryptocurrency," Boutin says. "We're going to have to find barriers. »

For Patrick Mathieu, the organizing course of Hackfest, also a computer security consultant, computer attacks by this people who specifically target transportation companies is getting shorter and shorter in both the United States and Canada. He says it is important for governments to continue to invest in the security of critical infrastructure but also in increasing supply chain protection against ever-on-the-go cyber malice.

"It's a shame that there's nothing done at the government level to try to help the supply chain structure," notes The COMPUTER security expert. "If hackers are able to get into systems that handle logistics, such as orders, into companies, it could certainly have a real physical impact."

It should be noted that the Boutin Group is one of the companies that facilitates the movement of essential products such as building materials or food.

The company Boutin transports every week various products, including building materials and food.

Now access an unlimited number of passwords:

Check out our hacking software

Ransomwares: Societe Generale decides to defend its assets against cyber criminals

The proliferation of computer attacks is attracting everyone's attention.

Because piracy is a pity. Billions go up in smoke every year in these kinds of conditions. And all sectors are hit hard. Faced with this situation the actors stand up and seek to act.

This article will also interest you: Banks, Prisons, Tesla… thousands of surveillance cameras from hacked warehouses

Recently, the French financial group decided to strengthen the protection of its IT assets.

It should be noted that Societe Generale's investments are not now new in the digital sector. Lately with the proliferation of digitization plans and strategies, the issue of computer security is more than ever on the table. The idea is to focus on specific sectors, including:

– hunts for security breaches

– prevention against exclusions

– the fight against phishing campaigns

Of course these are realities that have literally exploded because of the coronavirus pandemic.

For the past 3 months, the Teams of Computer Scientists at the Société Générale have been working to set up a set of computer programs based on artificial intelligence, which will easily detect fraudulent practices related to the credit card. To do this, he relies on customer habits as well as the most common transactions to determine which one seems more suspicious and their location to stop them in time.

"As part of the new strategic plan initiated in early 2021, ISD is now prioritizing cybersecurity alongside the development of new digital services and workflow automation. explains Christophe Leblanc, Director of Resources and Digital Transformation at Societe Generale.

One of the first threats deemed relevant by the Société Générale is nothing but the famous ransomware. For its part, the banking company is doing everything possible to create the maximum obstacle in the face of hackers who want to attack its system as a whole.

Over the next few years, Société Générale plans to invest nearly 650 million euros. $50 million will be earmarked for securing the Active directory, whose security flaw could be highly damaging. "We want to ensure that this system and the employees who administer it are grouped in one secure centre," says Christophe Leblanc.

For the latter, "ransomware represents the number one cyber risk for societe generale group", a very normal concern, when we know that according to a study by the National Agency for Security of Information Systems, cyberattacks of this kind exploded by almost 250 percent only between 2019 and 2020. Unfortunately, "The payment does not ensure that the decryption key is received or that potentially exfiltrated data will be erased or will not be used for malicious purposes," as described by the administrative and independent cybersecurity authority.

In one way or another, cyber malice threatens the strategic assets of large companies. The Societe Generale we are well aware.

"Not a week ago without my IT security manager alerting me to another ransomware attack on the market," notes Christophe Leblanc.

"Not a week ago without my IT security manager alerting me to another ransomware attack on the market," he adds. "The techniques of cybercriminals are industrializing. They are sweeping the Internet and all networks in search of vulnerabilities to use. ».

Now access an unlimited number of passwords:

Check out our hacking software

Thousands of Quebecers see their administrative court data exposed online

Recently, hundreds of millions of Quebec-owned data were exposed near the Quebec Housing Administrative Tribunal.

According to one computer expert, who is also a co-founder gives an annual event that brings together computer programmers, his data contains enough information to allow hackers to initiate a phishing campaign or to be able to extort money from his people.

This article will also interest you: Mobile tracing: the Quebec government reassures the security of the application on reliability

"A tenant who is challenging a rent increase with the Quebec Administrative Housing Tribunal is not the only one who can view his file on the organization's website. In fact, anyone armed with an Excel spreadsheet and a little patience can retrieve from the court site thousands of files of current and past tenants, left without any protection. explains Alain McKenna.

"A person who is a little unintent can do a lot of damage with what is found on this site," notes Patrick Mathieu, a computer expert and the other co-founder of Hackfest. "If you want to go after someone, what you find here is a lot more important than any Facebook account breach. he adds.

Indeed, it may be that with this data in circulation it would be possible to build a whole database. This is that can be easily marketable on the Darkweb. "You can build a whole database from that data. A hacker could then resell them on the specialized sites of the dark web. Explains Steve Waterhouse, a Canadian computer security specialist who is also a former computer security officer at the Department of Defence.

"It's appalling that the government is neglecting simple data security issues by failing to protect these documents. They contain confidential information from tenants and people who can easily become victims of phishing or identity theft. ».

"When the tenant and the landlord have a dispute, they ask the Administrative Housing Tribunal — the former Quebec Housing Authority — to decide for them. The court then builds a file with the names, postal addresses and e-mail of the parties involved. The file may contain several other personal documents, notices of hearing and minutes of these hearings. The complainant receives a six-digit number that he can then use to find his digitized file on the court website. A search using this number returns a summary of the court's actions, and ends with a PDF document to download. Simply repeatedly enter the web address leading to this document, altering the file number, to retrieve PDF files related to other files. In front of Le Devoir, a source was able, using a simple script programmed in an Excel binder, to locate in less than two minutes more than a thousand of these PDF files that are not protected by any security measures. explains Patrick Mathieu.

A folder rich enough to initiate a computer attack campaign. The possibilities under these conditions are plural. Indeed, one can consider here companion of identity theft of the court, with the aim of extracting money in exchange for the study of a file for example.

For a hacker, this data represents a lot of value. The ability to collect them in large numbers makes it much more interesting for them. And the fact that they come from a public administration source makes them even more reliable.

"You can build a whole database from that data. A hacker could then resell them on the specialized sites of the dark web. As this is verified information, they would go looking for a very good price … Waterhouse says.

Yet on the other hand, we learn from all the housing courts in Quebec that we had no choice but to make their computer data public. Indeed, according to some provisions of the law, all the information and personal information that may have been collected in the course of a judicial function are public natures and the files must also be accessible to all "as is the case in the courts of the judicial order such as the Court of Quebec", the court recalled.

It should also be noted that extensive searches of other people's personal information through documents and court are prohibited. "This is certainly an important issue in a context where the government is in the midst of a digital shift," says Pierre Trudel, professor of cyberspace law. "It is easier to commit an illegal act. There is probably a precaution that the court — or the government — could take to prevent that. he adds.

Now access an unlimited number of passwords:

Check out our hacking software