New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


SQL Dump Shared on Hacker Forum

A large SQL dump was found by the team at Under the Breach that contained about 21.5 GB of uncompressed data from at least two different sites. The SQL, which is a method of communicating with a database, were obtained from unsecured Amazon Simple Storage Services (S3). This dump includes usernames, emails, and hashed passwords that belong to the popular Indian news site BGR. A “full SQL dump” refers to all posts on the site which includes the credentials of authors and administrators. The researchers say that hashed passwords are traditionally cracked by attackers who pay to have them cracked.

Analyst Notes

Misconfigured S3 buckets are a frequent source of data leaks. The Amazon buckets are private by default and administrators have set them to allow public access. Admins unfortunately sometimes forget to rescind the public access, which leaves them open to attackers that wish to steal the information. Attached are instructions from Amazon on how to properly secure S3 buckets. Administrators are recommended to familiarize themselves with best practices and apply themselves to avoid the ramifications from leaked databases.

Amazon S3 link: