Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SocialEngineered forum hacked and data leaked online

SocialEngineered.net is a forum dedicated to social engineering discussions, it has been compromised data of its users was leaked on a hacker forum. SocialEngineered.net, the forum dedicated to social engineering topics, announced it has suffered a data breach two weeks ago. Hackers accessed data from tens of thousands of members and leaked them online on […]

SocialEngineered forum leak post

SocialEngineered.net is a forum dedicated to social engineering discussions, it has been compromised data of its users was leaked on a hacker forum.

SocialEngineered.net, the forum dedicated to social engineering topics, announced it has suffered a data breach two weeks ago.

Hackers accessed data from tens of thousands of members and leaked them online on a hacker forum.

The hackers exploited a vulnerability in the MyBB forum to access forum data.

“Mybb had a vulnerability yet again and the site got breached along other websites using Mybb . We moved over to xenforo i suggest changing your passwords immideately.” said owner of SocialEngineered.net forum.

Owner of the SocialEngineered forum decided to move to the XenForo forum platform after the incident. The administrator urges members of changing their login passwords.

In June, experts at RIPS Tech discovered security flaws (a stored cross-site scripting (XSS) and file write issue) in MyBB prior to version 1.8.21 that could allow attackers to take over any board hosted by sending a malicious private message to an administrator or by creating a malicious post.

MyBB has already released a patched version, but evidently, administrators are slow in updating their websites.

On June 13, the attacker leaked data on a hacker forum claiming that he had “uploaded the full database and root directory of this website.”

SocialEngineered forum leak post

The dump includes data of 55,121 forum users, compromised info includes usernames, passwords stored as salted MD5 hashes, email addresses, IP addresses, and private messages.

A post published on a rival forum also revealed that the dump includes the source code of the website, along with data and logs.

The HaveIBeenPwned websites added the leaked data to its system, data set includes 89,000 unique email addresses from 55,000 forum users.

“In June 2019, the “Art of Human Hacking” site Social Engineered suffered a data breach. The breach of the XenForo forum was published on a rival hacking forum and included 89k unique email addresses spread across 55k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes.” states HaveIBeenPwned.

Breach date: 13 June 2019
Date added to HIBP: 23 June 2019
Compromised accounts: 89,392
Compromised data: Email addresses, IP addresses, Passwords, Private messages, Usernames”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – SocialEngineered forum, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]