BlueLeaks: Data from 200 police departments and FBI groups in the US have been hacked and released online. A total of 296GB of data has been collected, and all evidence suggests it’s the real deal. Distributed Denial of Secrets (DDoSecrets) is the group responsible for publishing the data DDoSecrets, who do not wish to be referred to as a hacking group describe themselves as “a transparency collective, aimed at enabling the free transmission of data in the public interest.”
The information released includes masses of personal data and confidential police tactics.
DDoSecrets have confirmed that the leaked data was provided by Anonymous, who last week disabled Atlanta’s Police Department’s site over the shooting of unarmed Rayshard Brooks on June 12th, 2020.
Google Analytics API used to steal financial credentials. Google’s Content Security Policy is there to protect the application, but ironically CSP has a vulnerability allowing thieves to cypher funds using a separate Google Analytics Tag ID.
A reminder that application vulnerability is an ever threat in the security world.
Twitter has confirmed a significant breach that has compromised the personal details of its business clients. The offense was discovered on May 20th and involved the exposure of email addresses, telephone numbers, and credit card digits: more than enough information to run targeted scams. The confidential information was stored in the browser’s cache, making it viewable to other users of a shared device.
Twitter is not new to breaches; in June 2016, 33million account details were hacked and posted online, and there have been several significant incidents since.
Ethnic Minority Report?
Just when you think the journey of facial recognition technology can’t get any stranger.
There is concern about a study to be published in Berlin, Germany, by researchers in Pennsylvania that claims to have created algorithms to identify individuals who are more likely to commit a crime – based on their facial features. – Yes, that’s right!
The justified concern is that evidence shows that it will be black citizens who are most likely to bear the brunt if used. MIT, Microsoft, Google, and Harvard have denounced the study as there are fears that this may be a tool that law enforcement may at some point implement. Given that tensions are heightened enough, and coupled with the many flaws in this facial recognition theory, there is a strong argument that publishing such material will prove very harmful.
The attempted prediction of behaviour based on race using “technology” is nothing new.
“Scientific” illustration from 19th century Phrenology studies
Group compensation claim following EasyJet data breach. Being able to work effectively within a team is a good trait. However, EasyJet may disagree. With 10,000 customers in over 50 countries coming together, firms would be well advised to consider group-compensations as a new operational risk following cyber breaches.
The struggling airline has announced that it will cut 30% of its workforce – 15,000 staff.
Playstation is the latest to offer a bounty for users to find vulnerabilities on their platform. With rewards of over $50,000 for severe bug-finds, it’s a great way to get your customers working for you.
“ We believe that through working with the security research community, we can deliver a safer place to play. We have partnered with HackerOne to help run this program, and we are inviting the security research community, gamers, and anyone else to test the security of PlayStation 4 and PlayStation Network. Our bug bounty program has rewards for various issues, including critical issues on PS4. Critical vulnerabilities for PS4 have bounties starting at $50,000. “
Geoff Norton, Senior Director, Software Engineer – PlayStation
Thoughts? Comments? Want more intel? Don’t be shy – reach out: email@example.com