InfoSecBulletin Cybersecurity for mankind
Renowned cybersecurity researcher Jeremiah Fowler uncovered a non-password-protected database having over 1.1 million records linked to Conduitor Limited (Forces Penpals). This platform provides dating services and social networking for US and UK military personnel and their supporters.
Jeremiah Fowler revealed that the publicly accessible database lacked password protection and encryption. It comprised a staggering total of 1,187,296 documents. In a brief review of the contents, it was noted that the majority of the documents were user images, alongside other potentially sensitive proof of service photos.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
The documents contained full names, mailing addresses, Social Security Numbers, National Insurance Numbers, and Service Numbers. They also included sensitive details like rank, branch of service, dates, and locations that must remain confidential.
Fowler stated that the dataset was from Forces Penpals, a dating service and social network for military members and their supporters. The researcher reported an issue to the authorities, who restricted access of the dataset on the next day.
It is not clear how long the dataset was publicly available. Only an internal forensic audit can reveal any additional access or suspicious activity.
Source: VPNmentor
Maxar Space Data Leak, Company admit, Investigation ongoing!
