U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Shad0wS3C claimed responsibility for the EJBCA data breach

Shad0w Security (Shad0wS3C) claimed responsibility for the data breach of the EJBCA that resulted in the exposure of credentials and certificates. Shad0w Security claimed responsibility for the data breach of the EJBCA – Open Source PKI Certificate Authority. Shad0w Security recently breached into a Switzerland Branch of EJBCA – Open Source PKI Certificate Authority and stole dozens of certificates […]

Shad0wS3C claimed responsibility for the EJBCA data breach

Shad0w Security (Shad0wS3C) claimed responsibility for the data breach of the EJBCA that resulted in the exposure of credentials and certificates.

Shad0w Security claimed responsibility for the data breach of the EJBCA – Open Source PKI Certificate Authority.

Shad0w Security recently breached into a Switzerland Branch of EJBCA – Open Source PKI Certificate Authority and stole dozens of certificates and credential in clear text.

“EJBCA® is a PKI Certificate Authority software, built using Java (JEE) technology. Robust, flexible, high performance, scalable, platform independent, and component based, EJBCA can be used stand-alone or integrated with other applications” states the description of the EJBCA.

Shad0wS3C EJBCA Shad0w Security

The group of hackers is politically motivated, they fight against government dragnet surveillance in the name of Homeland Security.
“We are here to send a message to your Government, Your government is spying on you on the name of national security.  The right to privacy is a human right, you deserve it as a human not as a citizen of a state. but your privacy is no the only thing that’s in risk.” states the message from the group. 

The group’s message also mentions the politic of the US that is accused of persecuting people like Snowden, because he revealed the surveillance machine of the Government of Washington.

“oh, and lets not forget the united nations a.k.a united states, do you really think the UN is some sort of peace keepers or guardians of some kind ? then you need to wake up.” continues the message. “you saw what happens to people who ask questions or fight for you and risk their selves, people like Snowden [they were once part of the system but they woke up], they told us the truth, they showed us the way, why haven’t we woke up yet ? what’s more damaging is not what the governments are doing, but your silence is their power, and as long as they are in power you are not free.”

Gh0s7 provided me evidence of the hack by showing data leak that belongs to EJBCA certificate authority breached by his team.

The leaked file with all the stolen certificates was published on paste.co, the hackers also published some usernames and passwords on .

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Shad0wS3C , hacking)

Update 28/9/2016

I was contacted by a representative of the PrimeKey Solutions, the company behind EJBCA who provided me further details on the incident

  • This was not a data breach on EJBCA, the breach was on the company server/database, which happens to use an old and non-updated security system, including EJBCA. It is however imperative that EJBCA was not breached, as this company is not related to EJBCA.
  • The leaked data belong to the EJBCA database of EveryWare, a Swiss-based company.
  • There was no “data leak that belongs to EJBCA certificate authority”, if there was a data leak this is data that belonged to the company and not EJBCA.
  • There is no Switzerland branch of EJBCA. EJBCA is the trademark of PrimeKey Solutions and has no branches.