Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

RaidForums Data Marketplace Accidentally Exposes Private Staff Page

RaidForums Data Marketplace Accidentally Exposes Private Staff Page

Underground marketplace and hacker forum, RaidForums, recently exposed internal pages from its website, meant for staff members only.

RaidForums is a data breach marketplace where threat actors often sell or leak illicitly obtained data dumps.

Oops! RaidForums makes its staff area public

RaidForums is an underground place where private databases obtained from data breaches, vulnerability exploits, and credit card information sets are illegally traded by threat actors, or sometimes leaked for free.

On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, this private section was accidentally left open for viewing by anyone.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

As seen by BleepingComputer, some of the private pages, as recent as September 20th, were indexed by Google:

google indexes raidforums private page
Google search indexes private RaidForums staff page (BleepingComputer)

The indexed post, shown below, contains “advice for account [security]” geared towards communicating security best practices to forum admins and moderators. The note contains tips on using password managers, enabling two-factor authentication for an account, and using VPNs.

raidforums internal staff post
An internal RaidForums staff announcement that was previously visible (BleepingComputer)

“Create a false personality, use it when signing up to services that ask for this information, or even just use the information of celebrities or random people,” suggests the note posted by a RaidForums admin.

Also Read: How To Secure Your WiFi Camera: 4 Points To Consider

Other topics seen in the private area have included discussions on bans, the preferred place for hosting staff chat, and miscellaneous requests.

Topics in private staff forum
Some topics found in RaidForums private staff area (BleepingComputer)

BleepingComputer observed a timestamp at the bottom of the page stating the current time to be “September 20, 2021, 05:17 AM,” indicating the page was left exposed up until this week.

At the time of our tests today, though, the “Staff General” section is now, once again, restricted to authorized personnel.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us