Tuesday, March 19, 2024

Verizon Wireless Confidential Data Leaked Accidentally by Its Employee

Verizon Wireless Confidential Data Discovered from Publicly Access Amazon AWS S3  Bucket contains the  Confidential information About internal Verizon Wireless system.

The File Size of the Bucket Around 100 MB of Data that contains the information of  DVS (Distributed Vision Services).

Also Read:  Auto Tracking Company Sever Misconfiguration Leaks Over a Half Million Personal Records Online

According to Kromtech Security researchers,  DVS is the middleware and centralized environment for all of Verizon Wireless (the cellular arm of VZ) front-end applications, used to retrieve and update the billing data.

Discovered Repository files named as  “VZ Confidential” and “Verizon Confidential” which contains some sensitive information such as usernames, passwords.

These Credential information helps to easily allow access to other parts of Verizon’s internal network and infrastructure.

Publicly Access Repository contained information about,129 saved Outlook messages with access info and internal communications, B2B payment server names and info, Command notes, logs including, Admin user info that could potentially allow access to other parts of the network.

Further Analysed Conformed that this information about the  Verizon Wireless was self-owned by Verizon Wireless engineer and it did not belong or managed by Verizon.

According to Bob Diachenko, chief security communications officer, Kromtech“Our primary goal is to notify and secure the data not dispute if they are being honest or not. As more and more data leaks occur it makes consumers, and average individuals more vulnerable online.”

“We believe that companies have an obligation to not only take the proper security measures but also protect the data their employee collect and store”.

Website

Latest articles

CryptoWire Ransomware Attacking Abuses Schedule Task To maintain Persistence

AhnLab security researchers detected a resurgence of CryptoWire, a ransomware strain originally prevalent in...

E-Root Admin Sentenced to 42 Months in Prison for Selling 350,000 Credentials

Tampa, FL – In a significant crackdown on cybercrime, Sandu Boris Diaconu, a 31-year-old...

WhiteSnake Stealer Checks for Mutex & VM Function Before Execution

A new variant of the WhiteSnake Stealer, a formidable malware that has been updated...

Researchers Hack AI Assistants Using ASCII Art

Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts...

Microsoft Deprecate 1024-bit RSA Encryption Keys in Windows

Microsoft has announced an important update for Windows users worldwide in a continuous effort...

Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data

The ongoing "free wedding invite" scam is one of several innovative campaigns aimed at...

Hackers Using Weaponized SVG Files in Cyber Attacks

Cybercriminals have repurposed Scalable Vector Graphics (SVG) files to deliver malware, a technique that...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles