(1) Fowler's notification to Raptor was weeks after I sent RAPTOR multiple notifications that they had not responded to appropriately. And I verified: Fowler was notifying them about the same blob I had been notifying them about. So we know that blob was first exposed no later than November 3 when a researcher notified me about it. Did Raptor tell school districts when the blob was first unsecured?
(2) I have sent an inquiry to Raptor asking why they claim only Fowler and their staff had accessed files, as the first (November) researcher had accessed files in November and I had accessed them in December to verify and to check to see if Raptor locked it down after I notified them. I have now asked Raptor if they really have access logs.
Amazingly, I have gotten no response so far. Again.
(3) I also reached out to Ann Arbor Public Schools to ask what they did in response to the security alert I sent them on December 3 that they never responded to.... and to ask if Raptor told Angell Elementary that there was a file with every student's picture and information -- including parental phone numbers and emergency phone numbers that was leaking and downloaded.
So far, I haven't heard back from AAPS or Angell Elementary School either.
Aha, FLIR says the drywallers likely hit a pipe behind this wall. Reading cold on this stud. On the other side of the wall is a shower stall and supply. #plumbing#leak#flir
Telegram divulgue votre adresse #IP à n'importe qui parmi vos contacts lors d'un appel et un chercheur a créé un outil pour exploiter facilement cette #faille. #Telegram indique qu'il s'agit d'un comportement attendu, donc il n'y a rien à corriger.
C'est pourquoi la meilleure #alternative WhatsApp que je puisse vous conseiller est #Signal
VX-Underground had talked with the people who responsible with the leak. Finally they confirmed. There is a mediafire link winding around! The people who is behind the leak told that they did this because they want to fight scamming in the GTA V modding scene, according to VX-Underground. #leak#gta#gta5
In the months since, that draft turned into a #leak, then #law, then the rare #SCOTUS decision that affects the entire #country, reshaping #elections, the practice of #medicine & a fundamental aspect of being #female. The story of how this happened has seemed obvious: The #ConstitutionalRight to abortion effectively died w/Justice Ruth Bader Ginsburg (#RBG💔), whom #Trump replaced w/a favorite of the #AntiAbortion movement, Justice Barrett.
“Nebula Genomics – First to offer consumer anonymous sequencing” when I saw it. I was wondering about it and then I saw the “Protected By” on their website. Ok forget about this.
Does claiming you were hacked when you had really just screwed up violate the FTC Act?
New: I have followed up on my recent OpEd with another example of misleading and deceptive notifications and why HHS and FTC can and should do more enforcement, but why we also need legislation enacted.
Censys assesses that Russian company Raccoon Security is a brand of NTC Vulkan, an IT company contracted by Russian intelligence to create offensive cyber tools. NTC Vulkan documents were leaked, and they detail project requirements contracted with the Russian Ministry of Defense, including in at least one instance for GRU Unit 74455, also known as Sandworm Team, according to Mandiant. Censys assesses with high confidence that the NTC Vulkan hosts, certificates, and domains identified in this report belong to the same NTC Vulkan, and that Raccoon Security, and its related domains, host, and certificates belong to the Moscow-based cybersecurity development brand of the same name. Links:https://censys.com/discovery-of-ntc-vulkan-infrastructure/ and see semi-related Mandiant article.
@nblr
Sadly it was just a Matter of Time, when such a Hack would happen. 🙄
Security of Data is still an afterthought for many Companies, way after Thoughts about how to make the most Profits out of their Customers.😩
Mullvad VPN ( @mullvadnet ) dismissed allegations of a data breach involving dozens of its users' accounts being found on the dark web. The VPN provider explained that the accounts in question were not leaked but were given away for free to various organizations, some of which may have subsequently shared them on public forums. Mullvad's CEO emphasized that these accounts do not contain personally identifiable information like passwords, and they do not compromise user privacy. The company is known for its strong commitment to user privacy and security online and has previously demonstrated its no-log policy.