According to foreign media quoted the article on ZDNet rainbowtabl.es security blog reported that Shanghai Jiaotong University configure a database for failing to public access right, which led to the leak of email metadata 8.4TB. The server is exposed by the CloudFlare security director Justin Paine on 22 May 2019 found.
The leak allegedly database contains 9.5 billion rows of data, it is active in the discovery, because of its size increased from 7TB one day May 23 of the 8.4 tb. The database belongs to the Shanghai Jiaotong University, which is a large academic institution based in China. The university is 41, offers more than 000 undergraduate doctorate students.
Information contained in the database is packaged by Zimbra, zimbra is the world's more than 200,000 businesses using the popular open source email solution.
According to the researchers say, bulk e-mail cache associated with the "specific people" seems to send e-mail e-mail also includes the IP address and user agent.
You can see the flow of e-mail between specific users, but it is worth noting that involve only the metadata, and neither disclosed subject matter, nor open e-mail body content.
After discovering the leak day, Shanghai Jiaotong University received a notification database leak. It is commendable that the leak is repaired within 24 hours.
"When searching for Shodan, I recently discovered a no ElasticSearch database authentication," Paine said. "This database contains metadata associated with a large number of e-mail. I want to thank the school's security team, once notified, they quickly take action to ensure the safety of these data. However, to my knowledge, they did not inform the affected student."
Source: himp4.com
More info
Cathay Pacific has suffered two information systems intrusion
In October last year, Hong Kong's Cathay Pacific to disclose information contained 9.4 million passenger information system is unauthorized access. Because unauthorized acquisition of personal identification information, including flight records and, in addition to part of the credit card. Hong Kong Privacy Commissioner for Personal Data released last week, the survey report that Cathay Pacific's network has suffered two invasions.
Source: solidot.org
Details: http://www.dbsec.cn/zx/20190612-2.html
successful jailbreak iOS 12.4 - jailbreak developers show iPhone SE execution Cydia screen
iOS 12.4 in the testing phase, I believe that before long will be released, but recently jailbreak iOS 12 to bring the latest developments, jailbreak developers iBSparkes show iPhone SE is performing iOS 12.4 Beta and successful jailbreak on Twitter, also Cydia is being performed showed off a screen to confirm.
Source: Mac telegram
Details: http://www.dbsec.cn/zx/20190612-3.html
Voting machine manufacturers consider a paper ballot is one way to ensure safe elections
According to foreign media reports CNET, now many things can be done electronically, "paperless" has appeared in a number of areas. However, Tom Burt Election Systems & Software CEO believes the vote should not be part of this trend. In Roll Call's last column, Burt said his company will no longer be paperless voting machines as the primary voting equipment for sale.
Source: cnBeta.COM
Details: http://www.dbsec.cn/zx/20190612-4.html
US Customs agency data was invaded: Visitor arrivals by land fear of information theft
Beijing on June 11 morning news, according to US technology media TechCrunch reported that US Customs and Border Protection (CBP) agency confirmed that the data has been compromised, resulting in photos and pictures out of the US passenger vehicle leak. A spokesman for CBP said in an e-mail, these photos were first transferred to a sub-company of the network, after the adoption of a "malicious network attack" stolen.
Source: Sina Technology
Details: http://www.dbsec.cn/zx/20190612-5.html
(Information from the network, Anwar gold collected more)