Porn Cam Archive
🛑 ALL INFORMATION CLICK HERE 👈🏻👈🏻👈🏻
Porn Cam Archive
Hack Brief: An Adult Cam Site Exposed 10.88 Billion Records
CAM4 has taken the server offline, but not before it leaked 7TB of user data.
The list of data that CAM4 leaked is alarmingly comprehensive. Photograph: Getty Images
Everything you ever wanted to know about Equifax, Mariott, and the problem with social security numbers.
Ebola Is Back—and Vaccines Don’t Work Against It
The Bruce Willis Deepfake Is Everyone’s Problem
How the World Will Know If Russia Is Preparing to Launch a Nuke
If You Don’t Already Live in a Sponge City, You Will Soon
Brian Barrett is Executive Editor, News at WIRED, overseeing day to day coverage across the site. Prior to WIRED he was the editor in chief of the tech and culture site Gizmodo and was a business reporter for the Yomiuri Shimbun, Japan’s largest daily newspaper.
How the World Will Know If Russia Is Preparing to Launch a Nuke
While tensions over a possible nuclear attack on Ukraine remain high, experts say surveillance will likely catch Russia if it plans to do the unthinkable.
You Need a Password Manager. Here Are the Best Ones
Keep your logins locked down with our favorite apps for PC, Mac, Android, iPhone, and web browsers.
The Hunt for Wikipedia's Disinformation Moles
Custodians of the crowdsourced encyclopedia are charged with protecting it from state-sponsored manipulators. A new study reveals how.
How to Use Passkeys in Google Chrome and Android
Google wants to make your digital life—in its ecosystem, anyway—passwordless and more secure.
Elon Musk’s SpaceX Bails on Starlink Funding for Ukraine
Plus: Hackers hit the Mormon Church, Signal plans to ditch SMS for Android, and a Fat Bear election erupts in scandal.
The Infowars host now knows the cost of “free speech”—but does the landmark judgment signal a crackdown on disinformation?
Celsius Exchange Leak Is a Gift to Crypto Sleuths—and Thieves
By releasing half a million users’ transactions in a bankruptcy court filing, the company has opened a vast breach in its users’ financial privacy.
Google’s Pixel 7 Packs a Beefed-Up Security Chip
The company says it hardened the security of its new flagship phones—and plans to release a built-in Android VPN.
WIRED is where tomorrow is realized. It is the essential source of information and ideas that make sense of a world in constant transformation. The WIRED conversation illuminates how technology is changing every aspect of our lives—from culture to business, science to design. The breakthroughs and innovations that we uncover lead to new ways of thinking, new connections, and new industries.
Select international site United States LargeChevron UK Italia Japón
To revist this article, visit My Profile, then View saved stories .
To revist this article, visit My Profile, then View saved stories .
To revist this article, visit My Profile, then View saved stories .
To revist this article, visit My Profile, then View saved stories .
It’s all too common for companies to leave databases chock full of sensitive information exposed to the great wide internet. But when that company operates an adult livestreaming service, and that data comprises 7 terabytes of names, sexual orientations, payment logs, and email and chat transcripts—across 10.88 billion records in all—the stakes are a bit higher.
The site is CAM4, a popular adult platform that advertises “free live sex cams.” As part of a search on the Shodan engine for unsecured databases, security review site Safety Detectives found that CAM4 had misconfigured an ElasticSearch production database so that it was easy to find and view heaps of personally identifiable information, as well as corporate details like fraud and spam detection logs.
“Leaving their production server publicly exposed without any password,” says Safety Detectives researcher Anurag Sen , whose team discovered the leak, “it’s really dangerous to the users and to the company.”
First of all, very important distinction here: There’s no evidence that CAM4 was hacked, or that the database was accessed by malicious actors. That doesn’t mean it wasn’t, but this is not an Ashley Madison–style meltdown . It’s the difference between leaving the bank vault door wide open (bad) and robbers actually stealing the money (much worse).
"The team concluded without any doubt that absolutely no personally identifiable information, including names, addresses, emails, IP addresses or financial data, was improperly accessed by anyone outside the SafetyDetectives firm and CAM4’s company investigators," the company said in a statement.
The company also says that the actual number of people who could have been identified was much smaller than the eye-popping number of exposed records. Payment and payout information could have exposed 93 people—a mix of performers and customers—had a breach occurred, says Kevin Krieg, technical director of Smart-X, which manages the CAM4 database. Safety Detectives put the number at "a few hundred."
The mistake CAM4 made is also not unique. ElasticSearch server goofs have been the cause of countless high-profile data leaks . What typically happens: They’re intended for internal use only, but someone makes a configuration error that leaves it online with no password protection. “It’s a really common experience for me to see a lot of exposed ElasticSearch instances,” says security consultant Bob Diachenko, who has a long history of finding exposed databases. “The only surprise that came out of this is the data that is exposed this time.”
And there’s the rub. The list of data that CAM4 leaked is alarmingly comprehensive. The production logs Safety Detectives found date back to March 16 of this year; in addition to the categories of information mentioned above, they also included country of origin, sign-up dates, device information, language preferences, user names, hashed passwords , and email correspondence between users and the company.
Out of the 10.88 billion records the researchers found, 11 million contained email addresses, while another 26,392,701 had password hashes for both CAM4 users and website systems.
"The server in question was a log aggregation server from a bunch of different sources, but server was considered non-confidential," says Krieg. "The 93 records got into the logs due to a mistake by a developer who was looking to debug an issue, but accidentally logged those records when an error happened to that log file."
It’s hard to say exactly, but the Safety Detectives analysis suggests that roughly 6.6 million US users of CAM4 were part of the leak, along with 5.4 million in Brazil, 4.9 million in Italy, and 4.2 million in France. It’s unclear to what extent the leak impacted both performers and customers.
Again, there’s no indication that bad actors tapped into all those terabytes of data. And Sen says that CAM4's parent company, Granity Entertainment, took the problematic server offline within a half hour of being contacted by the researchers. That doesn’t excuse the initial error, but at least the response was swift.
Moreover, despite the sensitive nature of the site and the data involved, it was actually fairly difficult to connect specific pieces of information to real names. “You really have to dig into the logs to find tokens or anything that would connect you to the real person or anything that would reveal his or her identity,” says Diachenko. “It should not have been exposed online, of course, but I would say it’s not the scariest thing that I’ve seen.”
Which is not to say that everything’s totally fine. If anyone were to have done that digging, they could have found out enough about a person—including sexual preferences—to potentially blackmail them. On a more mundane level, CAM4 users who reuse their passwords would be at immediate risk for credential stuffing attacks , potentially exposing any accounts where they don’t use strong, unique credentials.
Or consider the inverse: If you have the email address of a CAM4 user, Sen says, there’s a decent chance you can find an associated password from a previous data breach, and break into their account.
The data in the leak could have potentially put CAM4 at risk, as well; privileged fraud and spam detection information would have given potential attackers a road map for how to get around those defenses.
Krieg says that the CAM4 has already taken steps to prevent a repeat of the data leak. "It’s a server that should not have an outward facing IP in the first place," he says. "We’re going to be moving it to our internal LAN to make it a lot harder for people to get access to this type of server, while making sure that nothing is on it that should not be on it, which includes any personally identifiable information."
Data leaks happen. They’re not as bad as breaches, but with information this sensitive, the onus is on companies to take every precaution to protect it—not the bare minimum.
This story has been updated to include a statement from CAM4 and comments from Kevin Krieg of Smart-X.
© 2022 Condé Nast. All rights reserved. Use of this site constitutes acceptance of our User Agreement and Privacy Policy and Cookie Statement and Your California Privacy Rights. WIRED may earn a portion of sales from products that are purchased through our site as part of our Affiliate Partnerships with retailers. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé Nast. Ad Choices
October 12, 2020 published at 12:01 AM By David Sun
A screen shot of a video taken by a security camera in what looks like a Housing Board flat in Singapore. Other videos were more explicit.
Security cameras in Singapore homes have been hacked, with the footage stolen and shared online.
Clips from the hacked footage have been uploaded on pornographic sites recently, with several explicitly tagged as being from Singapore.
The videos, which can last from under a minute to more than 20 minutes, feature couples, breastfeeding mothers and even children.
Most of them are in various states of undress or compromising positions.
Many faces can be clearly seen in locations such as the living room and bedrooms. Some are seen using the toilet with the door ajar.
In one video, time-stamped March 2020, a teenage girl can be seen in a white T-shirt and panties with school books around her. One of them is an O-level Ten-Year Series book used by students preparing for the exam.
In many videos tagged as being from Singapore, the homes have layouts typical of a Housing Board flat.
The footage appears to be from Internet Protocol (IP) cameras that are common in homes here. They are installed for security purposes or to remotely monitor children, the elderly, domestic workers and pets.
A closer check of the videos revealed that a group dedicated to hacking IP cameras was behind the hacking.
The group, which can be found on social messaging platform Discord, has almost 1,000 members across the globe.
As of Saturday, it has claimed to have shared more than 3TB of clips with over 70 members who paid a subscription fee of US$150 (S$203) for lifetime access.
The victims appear to be from various countries, including Thailand, South Korea and Canada. A 700MB "sample", containing about 4,000 videos and pictures from the hacked footage, is provided free.
A significant portion of the clips seemed to be from IP cameras in Singapore.
The group claims to have a list of more than 50,000 hacked cameras that members can access. It also claims that VIP members will be taught how to "explore, watch live and even record" hacked cameras through tutorials and personalised sessions.
Mr Clement Lee, the solution architect for Asia-Pacific for Check Point Software Technologies, said many IP cameras are at risk as they are typically installed to be accessed remotely via the Internet.
"Hacking of IP cameras is possible if they are accessible from a central cloud service or exposed to the Internet," he said.
"Usually, it is the result of poor password management."
He advises those with such cameras at home to ensure their software is up to date and to avoid using simple passwords.
"Never assume your camera is secure," he said. "The best way to avoid falling victim to hackers is to avoid sharing personal details online."
Criminal lawyer James Ow Yong said that anyone who hacks such cameras will run afoul of the law even if they are outside Singapore.
"The Computer Misuse Act has extra-jurisdictional reach, and applies as long as either the accused was in Singapore, or the computer, program or data was in Singapore at the time of the offence," he said.
Those who share or watch such videos can be prosecuted for offences relating to voyeurism.
He added: "Where the victim is under the age of 16, the material may be considered child pornography, and such offences attract a higher range of sentences.
"We also know that international and regional outfits like Interpol are quite active in finding such offenders."
Mr Ow Yong said those who distribute or sell child pornography can be jailed for up to seven years, fined and/or caned.
Those who advertise or seek such material can be jailed for up to five years, fined and/or caned.
A police spokesman said the public should make a police report if they are aware of anyone engaging in such activities.
The public are advised to take these precautions to secure their IP cameras:
This article was first published in The New Paper . Permission required for reproduction.
Porn Pov Incest Therapy
Shotacon Nurse
Anime Porn Compilation