Tag Archive for: 200M

200M Twitter records released on hacking forum

/in


Data relating to more than 200 million Twitter Inc. users have been published on a hacking forum two weeks after data relating to 400 million Twitter users was offered for sale on the same forum.

The data is available to download from BreachForums, the successor site to the now-shuttered RaidForums. The listing describes the data as a “DB/Scrape Leak,” meaning that the data was gathered through access to Twitter and scraping public information. The database includes email addresses, names, screen names, the number of followers each Twitter user has and the date each joined Twitter.

Although the listing comes from a different user than the previously offered 400 million Twitter records, Privacy Affairs claimed today that the data appears to be from the same source. The earlier data was believed to have been gathered by exploiting an application programming interface vulnerability that Twitter fixed in January 2022.

The database includes information on notable Twitter users such as Alphabet Inc. Chief Executive Office Sundar Pichai, Donald Trump Jr. and SpaceX Inc.

Bleeping Computer reported that the database still includes duplicates. Some of the sample data provided has also been confirmed to be legitimate.

A second listing from a different user on Breach Forums claims to have taken the same data dump and cleaned it up, including removing duplicates. The second listing also claims that the records indicate that the information was collected from early November 2021 through Dec. 14, 2021.

“This is a common example of how an unsecured API that developers design to ‘just work’ can remain unsecured because when it comes to security, what is out-of-sight is often out-of-mind,” Jamie Boote, associate software security consultant at application security company Synopsys Inc.’s Software Integrity Group, told SiliconANGLE. “Humans are terrible at securing what they can’t see.”

Sammy Migues, principal scientist at Synopsys Software Integrity Group, noted that the core of the story are the issues around API security.

“As cloud-native app development explodes, so does the world of refactoring monolithic apps into hundreds and thousands of APIs and…

Source…

This Hacker Stole Data From 200M Americans. Now He’s Infiltrating Scam Gangs.

/in


Sitting in court, Ngo Minh Hieu knew he had fucked up big time. 

In July 2015, the 25-year-old was sentenced to 13 years in prison for stealing personal information from approximately 200 million Americans—over 60 percent of the U.S. population—and selling it on the dark web. 

That day in court, the judge told him that they had received some 10,000 complaint letters from his victims. Among them was a woman who had lost her house and was struggling to feed her children after her personal information was hijacked by malicious actors, landing her in crippling debt.

It was then that the gravity of what he had done dawned on him. 

“I felt like a serial killer,” he told VICE World News. “When I was still making money and living a good life in Vietnam, I thought that information was just numbers.”

“I couldn’t imagine that stealing U.S. identities would bring so much damage to a person’s life.”

Today, his life is unrecognizable from that of the prolific hacker he was 10 years ago. After a seven-year stint in U.S. federal prison, the 33-year-old today is still trawling the dark web, but now working for the Vietnamese government to hunt cybercriminals like he once was. As part of this grand redemption arc, the past year has also seen him tackling a disturbing new breed of cyber scammer in Cambodia, where thousands of human trafficking victims are trapped and tortured in industrial-scale centers, forced to lure internet users into online frauds. 

Fueling these attempts to make amends is the nagging guilt over his crime spree, described by U.S. authorities as one of the most prolific identity thefts in U.S. history, which he says continues to haunt many of his victims today.

“Every time I have a chance to speak with the media, I always try to apologize to American people as much as possible,” Hieu said. “Because I know the damage is already done and it’s very difficult to recover when your identity gets traded or sold to bad people on the dark web.”

Hieu grew up in Cam Ranh, a city in south Vietnam, where his parents owned a small electronics store. He got his first computer when he was 13, and by age 14, the curious teen was already dipping his toe into the world of hacking,…

Source…

Israeli Cybersecurity Firm Cato Networks Raises $200M At A Valuation Of $2.5B

/in


Israeli cybersecurity firm Cato Networks announced its latest funding round on Tuesday, raising $200 million at a market valuation of $2.5 billion.

The round was led by Lightspeed Venture Partners with the participation of existing investors Greylock, Acrew Capital, Coatue, Singtel Innov8, and Shlomo Kramer.

The company said the new funds will fuel Cato’s sales, technology, and business growth to further support the security and global networking needs of large enterprises.   

Founded in 2015 by Shlomo Kramer, also the co-founder of cybertech giant Check Point, and Gur Shatz, Cato has developed what is considered the world’s first SASE platform. SASE, which stands for Secure Access Service Edge (SASE), has been promoted for computer security in wide area networks by delivering both as a cloud computing service directly to the source of connection rather than a data center.

Cato Networks develops network security-as-a-service, integrating secure web gateway, firewall-as-a-service, advanced threat protection, next-generation firewall, and secure, global SD-WAN (software-defined WAN) into a single, cloud service called Cato Cloud.

“Cato is at the forefront of SASE transformation,” said Kramer, also the company’s current CEO, “Large enterprises are deploying Cato as their global network to reap the operational and business benefits of Cato’s proven and mature SASE platform. Cato is rapidly expanding its service capabilities, global footprint, and sales and marketing teams, while preserving our unique DNA of agility, simplicity, and ease of doing business that is so valued by customers and partners.”

Cato has said over 300 enterprises worldwide rely on the company to connect and secure their corporate networks. The company has offices in Singapore and the US, in addition to Israel.

The company’s last funding round raised $130 million at an over $1 billion valuation in November 2020, securing the company’s position as a unicorn, or private company worth over $1 billion.

“Cato has seen an amazing adoption of its SASE platform by increasingly larger enterprises,” said Yoni Cheifetz, a partner at Lightspeed Venture Partners. “What started as disruptive innovation…

Source…