"Cybersecurity company watchTowr Labs said it captured a dataset of over 80,000 files on these sites, uncovering thousands of usernames, passwords, repository authentication keys, Active Directory credentials, database credentials, FTP credentials, cloud environment keys, LDAP configuration information, helpdesk API keys, meeting room API keys, SSH session recordings, and all kinds of personal information. This includes five years of historical JSONFormatter content and one year of historical CodeBeautify content, totalling over 5GB worth of enriched, annotated JSON data."
"Both tools also offer the ability to save a formatted JSON structure or code, turning it into a semi-permanent, shareable link with others - effectively allowing anyone with access to the URL to access the data. As it happens, the sites not only provide a handy Recent Links page to list all recently saved links, but also follow a predictable URL format for the shareable link, thereby making it easier for a bad actor to retrieve all URLs using a simple crawler - https://jsonformatter.org/{id-here}"
Research found that many organizations paste passwords and credentials into online code-formatting and validation tools such as JSONFormatter and CodeBeautify. A dataset of over 80,000 files was captured, revealing thousands of usernames, passwords, authentication keys, Active Directory, database, FTP, cloud, LDAP, API keys, SSH recordings, and personal data. The dataset includes five years of JSONFormatter content and one year of CodeBeautify content, totaling over 5GB of annotated JSON. Affected organizations span critical infrastructure, government, finance, healthcare, telecoms, and cybersecurity. The tools create semi-permanent shareable links and expose Recent Links with predictable URLs, enabling simple crawls to harvest secrets.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]