Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

National Aids Research Institute NARI hacked by the Shad0w Security crew

The hacker @Sc0rp10nGh0s7 from the Shad0w Security group has broken in the server of the National Aids Research Institute NARI (India). The hacker @Sc0rp10nGh0s7 from the Shad0w Security crew has broken in the server of the National Aids Research Institute NARI (India). The hacker accessed a more than 1 GB archive containing the results for dozens […]

National Aids Research Institute NARI hacked by the Shad0w Security crew

The hacker @Sc0rp10nGh0s7 from the Shad0w Security group has broken in the server of the National Aids Research Institute NARI (India).

The hacker @Sc0rp10nGh0s7 from the Shad0w Security crew has broken in the server of the National Aids Research Institute NARI (India). The hacker accessed a more than 1 GB archive containing the results for dozens Hiv test.

The hacker just released a small portion of the compromised archive as proof of the data breach. They explained to me that they want to avoid problems with the patients, but this hack aims to demonstrate that the security staff at the Institute is not able to protect so sensitive information.

“this time we won’t leak everything, since our purpose is to hurt the gov not the people. The database file I have is more than 1Gb” told @Sc0rp10nGh0s7.

When I asked more technical details about the attack, the hacker told me that they prefer to keep secret the flaws.

I decided to avoid publishing the link to the data due to nature of the victim.

He also told me that the National Aids Research Institute NARI (India) has a good level of security despite the hack. The hacker breached an internal server of the organization and noticed the admin likes to put username & password in a text file.

“the way we choose the targets is random that helps us to not be expected, we will be in a place they least expect us to be” added the hacker.

The overall internal network was breached by the hackers.

In November 2016, the hacker Shad0wS3C hacked the Institute of the Registral Function of the State Mexico (FREM) and leaked the database online.

In August 2016, the group hacked the Paraguay’s Secretary of National Emergency (SNE) website and leaked online a dump from a PostgreSQL database.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Gh0s7, National Aids Research Institute NARI)