Underground marketplace and hacker forum, RaidForums, recently exposed internal pages from its website, meant for staff members only.
RaidForums is a data breach marketplace where threat actors often sell or leak illicitly obtained data dumps.
RaidForums is an underground place where private databases obtained from data breaches, vulnerability exploits, and credit card information sets are illegally traded by threat actors, or sometimes leaked for free.
On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, this private section was accidentally left open for viewing by anyone.
Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup
As seen by BleepingComputer, some of the private pages, as recent as September 20th, were indexed by Google:
The indexed post, shown below, contains “advice for account [security]” geared towards communicating security best practices to forum admins and moderators. The note contains tips on using password managers, enabling two-factor authentication for an account, and using VPNs.
“Create a false personality, use it when signing up to services that ask for this information, or even just use the information of celebrities or random people,” suggests the note posted by a RaidForums admin.
Also Read: How To Secure Your WiFi Camera: 4 Points To Consider
Other topics seen in the private area have included discussions on bans, the preferred place for hosting staff chat, and miscellaneous requests.
BleepingComputer observed a timestamp at the bottom of the page stating the current time to be “September 20, 2021, 05:17 AM,” indicating the page was left exposed up until this week.
At the time of our tests today, though, the “Staff General” section is now, once again, restricted to authorized personnel.
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.