430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Password for systems at a London rail station revealed during a TV documentary

The passwords for the signal system of the control room at the Waterloo rail station in London were disclosed during a TV documentary. We cannot think of lock down the house if we leave the keys in the lock outside, something of similar occurred recently to at French network TV5Monde. Following the successful attack against the network […]

Password for systems at a London rail station revealed during a TV documentary

The passwords for the signal system of the control room at the Waterloo rail station in London were disclosed during a TV documentary.

We cannot think of lock down the house if we leave the keys in the lock outside, something of similar occurred recently to at French network TV5Monde.

Following the successful attack against the network of the TV French Channel TV5Monde, law enforcement and French Intelligence started to investigate the attack chain. One of the hyphotesis formulated  by the investigators on the possible ways hackers obtained credentials for systems at TV French Channel TV5Monde is the view of an interview that accidentally revealed the precious information. While a TV5Monde reporter was filming David Delos in front of a staffer’s desk, it was visible in the background a paper reporting a list of usernames and passwords.

Another interview, another possible password disclosure … this time during a BBC documentary on Wednesday night was disclosed alleged passwords for systems at one of the principal rail stations in London, the Waterloo station.

The credentials were attached to the top of a controller’s monitor used at the rail station, the passwords in the vicinity of the minute 44th minute mark in the documentary Nick and Margaret: The Trouble With our Trains.

rail station passwords

The passwords are stucked to a monitor and are visible during a scene where the two business experts went into the control room at the rail station Waterloo in London.

‪The above image shows a workstation on a signaller’s control desk‬ that is running a software used to control rail traffic at the Waterloo station‬. ‪
Waterloo rail station 2

The complete documentary, starring Nick Hewer and Margaret Mountford, is available via YouTube.

Unfortunately, similar incidents are quite common, I suggest you to give a look to the blog post titled “Nine ways not to share a password” to understand how many cases have accidentally exposed users’ credentials through broadcasters.

Pierluigi Paganini

(Security Affairs  rail station Waterloo, passwords)