Fake Email Campaign Demanding Ransom in Cryptocurrency – Disposable mail news

Internet users have been alerted by national federal cybersecurity agency against a fake email campaign that is going on in the country; the authors behind the campaign are threatening to post a personal video of a victim that they claim to have recorded if the demanded ransom in the form of cryptocurrency is not paid to them.

While assuring users that there’s nothing major to worry about these emails as the claims made in it are fake, the Computer Emergency Response Team of India (CERT-In) in a related advisory, suggested users assign new passwords to all their online platforms including their social media handles.

CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology security organization. It has been designated as the national agency to respond to computer security incidents. The purpose of CERT-In is to issue guidelines, advisories, and promote effective IT security practices throughout the country.

A number of emails have been sent as a part of the campaign, claiming that the receiver’s computer was compromised and a video was recorded via their webcam and that the sender has access to their passwords, as per the CERT-In latest advisory on the matter. The attacker attempts to convince the user into falling in his trap by mentioning his previous password in the email, then by strategic use of computer jargon, the attacker comes up with a story to appear as a highly-skilled scammer to the recipient. The story tells the victim that while he was surfing a porn website, his display screen and webcam was compromised by a malware placed by the hacker onto the website. It states that all of the user’s contacts from Facebook, email, and messenger have been hacked alongside.

As these emails are scams and claim false information, users are advised to not get tricked into paying the demanded ransom in haste as even if the password mentioned by attackers in the email seems familiar it’s because they accessed it via leaked data posted online and not through hacking their account. All you have to do is change or update your password for all the online platforms where it is being used.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Nintendo Confirms Around 160,000 User Accounts Affected in Recent Hacks – Disposable mail news

On Friday, the Japanese gaming giant, Nintendo confirms that around 160,000 user accounts of Nintendo Switch users have been affected in the recent hacking attempts.

Nintendo’s Switch game console is immensely popular among avid gamers and its demand has risen dramatically amid the lockdown forced by COVID-19 pandemic, making it out of stock almost everywhere. As the number of people turning to Nintendo is rapidly increasing, the number of hackers targeting digital accounts has also increased as a result.

In the wake of the breach, Nintendo has disabled the option of logging into a Nintendo account via Nintendo Network ID (NNID)– login IDs and passwords of the users have been acquired in an unauthentic way by some means other than Nintendo’s service, the company confirmed. Notably, these attempts to access accounts illegally have been made since the beginning of April. The information compromised during the breach includes usernames, DOB, email addresses, and country.

The company has notified all the affected users of the breach through an email, alerting them to reset their passwords.
Meanwhile, the company also warned the users in case they have used a common password for their NNID and Nintendo account, and said, “your balance and registered credit card / PayPal may be illegally used at My Nintendo Store or Nintendo eShop.”

The company further recommended the users to enable two-factor authentication as some accounts are already being used to make fraudulent purchases. Affected users are advised to contact Nintendo so that the company can examine their purchase history and cancel fraudulent purchases.

“We will soon contact users about resetting passwords for Nintendo Network IDs and Nintendo Accounts that we have reason to believe were accessed without authorization,” the company said.

While apologizing to the customers, Nintendo said,
“We sincerely apologize for any inconvenience caused and concern to our customers and related parties,”

“In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur.” the company added.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Biometric Data Exposure Vulnerability in OnePlus 7 Pro Android Phones Highlighted TEE Issues – Disposable mail news

In July 2019, London based Synopsys Cybersecurity Research Center discovered a vulnerability in OnePlus 7 Pro devices manufactured by Chinese smartphone maker OnePlus. The flaw that could have been exploited by hackers to obtain users’ fingerprints was patched by the company with a firmware update it pushed in the month of January this year. As per the findings, the flaw wasn’t an easy one to be exploited but researchers pointed out the possibility of a bigger threat in regard to TEEs and TAs.

Synopsys CyRC’s analysis of the vulnerability referred as CV toE-2020-7958, states that it could have resulted in the exposure of OnePlus 7 pro users’ biometric data. The critical flaw would have allowed authors behind malicious android applications with root privileges to obtain users’ bitmap fingerprint images from the device’s Trusted Execution Environment (TEE), a technique designed to protect sensitive user information by keeping the Android device’s content secure against illicit access.

As it has become increasingly complex for malicious applications to acquire root privileges on Android devices, the exploitation of the flaw would have been an arduous task and might also be an unlikely one given the complexity of the successful execution. Meanwhile, the fix has been made available for months now–
ensuring the protection of the users.

However, the issue with Trusted Execution Environments (TEEs) and Trusted Applications (TAs) remains the major highlight of Synopsys’s advisory released on Tuesday, “Upon obtaining root privileges in the REE [Rich Execution Environment], it becomes possible to directly communicate with the factory testing APIs exposed by Trusted Applications (TAs) running in the TEE. This attacker invokes a sequence of commands to obtain raw fingerprint images in the REE,” it read.

While explaining the matter, Travis Biehn, principal consultant at Synopsys, told, “Of course, people’s fingerprints don’t usually change. As attackers become successful in retrieving and building large datasets of people’s fingerprints, the usefulness of naïve fingerprint recognition in any application as a security control is permanently diminished,”

“A further possible consequence is that fingerprints become less trustworthy as evidence in our justice systems.”

“…this vulnerability shows that there’there are challenges with Trusted Execution Environments (TEEs) and Trusted Applications (TAs); these are software components that are opaque to most (by design), expertise is limited, and typically involve long supply chains. These factors together mean there’there are opportunities for organizations to make a mistake, and hard for security experts to catch at the right time,” he further added.

The flaw would have allowed attackers to recreate the targeted user’s complete fingerprint and then use it to generate a counterfeit fingerprint that further would have assisted them in accessing other devices relying upon biometric authentication.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

1.1 Million Customers Records of SCUF Gaming Exposed Online – Disposable mail news

The database of more than 1 million customers was exposed online by ‘SCUF Gaming’, a subsidiary of Corsair that develops high-end gamepads for Xbox, PS4, and PC. The incident led to the exposure of clients’ names, payment info, contact info, repair tickets, order histories, and other sensitive information. Other data belonging to the company’s staff and internal API keys were also compromised as a result.

The data was left unprotected for two days before being discovered by the security researcher, Bob Diachenko who reported the same to Scuf Gaming. The team led by the researcher found the data on the web without any password protection or authentication.

The database was taken down by the company in less than two hours of being notified. Meanwhile, bot crawlers got enough time to locate the exposed database and a ransom note was found demanding 0.3 BTC from the company. The note says that the data had been downloaded by the cybercriminals, however, no such action is being detected by the systems. “Your Database is downloaded and backed up on our secured servers. To recover your lost data, Send 0.3 BTC to our BitCoin Address and Contact us by eMail.” The note read.

Experts are of the belief that the involved criminals did not get enough time to delete or encrypt the data present in the database, hence, it’s unlikely that they would have been able to download it either. However, SCUF clients and staff could face a risk of phishing attacks, identity theft, and fraud by the cybercriminals who might have downloaded some pieces of
the leaked database.

In a conversation with Comparitech, a spokesperson for Corsair, parent company to SCUF gaming told, “…Once notified, we identified the root cause of this exposure and secured the database within two hours. While investigating Mr. Diachenko’s warning, we also discovered that a bot had connected to the database’s server and placed a ransom note there. We have no evidence that either the bot or any other actor was able to misappropriate customer data.

This issue was specific to one system, being operated off-site due to work-from-home precautions resulting from the current COVID-19 pandemic.”

To stay on a safer side, SCUF Gaming customers are advised to keep an eye for any suspicious activity in regard to their bank accounts as scammers who were to able gather whatever bits of information they could, are likely to attempt targeted phishing attacks.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

‘Paranoid’ Blocks your Smart Speakers from Spying on you – Disposable mail news

Smart speakers have proven to be one of the most versatile gadgets of the era, the high-tech AI companions can do everything from playing music to ordering a meal with just the sound of your voice. They come with virtual assistants ready to answer all your queries, other features include reminding you of appointments, telling about the weather and news along with helping you to control your smart home devices.

Amazon’s Echo and Google’s Nest are two of the widely employed smart speakers. However, these devices also raise security concerns in regard to the voice captured by the speakers but in order to avail services of a voice assistant that as a matter of fact operates on voice commands, you can’t block it from listening to your voice.

To make the experience easier and safer, a new device known as ‘Paranoid’ is made to enter the tech space, it is designed to block your Amazon Echo or Google Home smart speaker from listening to your voice until you say the word, “Paranoid” which is the device’s wake word. After saying the word, the gizmo allows your smart speaker to listen.

Another thing to take notice of is the simplicity in the operations of Paranoid, it’s extremely easy to use, it simply needs to be connected to the smart speaker in order to block it from spying upon you –meanwhile,  it still allows the speaker to be voice-activated. In order to activate it, all you have to do is to say “Paranoid” every time before you say “Okay, Google!” or “Alexa!”

The device comes in three different variants, The Home Button, Home Wave, and Home Max. It has no antenna, no SIM card slot, no Bluetooth, no Wi-Fi and no kind of wireless capability. As per its website, the makers claim that their device is “hack-proof”.

The Home Button is the simplest model, it is placed on Amazon Echo’s mute button and presses it manually. The second one, the Home Wave is designed to jam the microphones on your smart speakers and the most sophisticated one, the Home Max requires you to send your Amazon Echo or Google Home Devices to Paranoid headquarters stationed at Edmonton, Alberta. There, experts will attach your speaker’s microphone cable to an external Paranoid device by cutting off the original cable. After the completion of the process, your smart speakers will be sent back to your address.

All the three models of Paranoid can be purchased from its official website; the original charges of the device and services are $49, however, as of now it will cost only $39.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Dutch Government Loses Hard Drive Containing Data of 6.9 Million Donors – Disposable mail news

Officials from the Dutch Ministry of Health, Wellness, and Sport confirmed this week that the government has lost two external hard disk storage devices that contained electronic copies of all donor forms filled with the Dutch Donor Register between February 1998 to June 2010, it was used to store personal information such as the first and the last name, date of birth, ID card numbers, address while filling the form, gender, copy of signatures and choice of organs being donated of about 6.9 million organ donors.

It was when authorities decided to sweep out old donor registration paper forms and wanted to get rid of electronic copies of all these donor forms, they discovered that the two aforementioned disks are nowhere to be found. There have been no comments made onto the encryption of data, it’s not in public knowledge that whether the data was encrypted not.

The disks were last accessed almost four years ago and were put securely inside a safety vault for keeping a record, as per the statements given by the Dutch Donor Register, the hard disks were no longer to be found in the security vault and are still unaccounted for. Reportedly, the data stored into the disks belonged to over 6.9 million Dutch people – a few out of whom may no longer be alive, as per the authorities.

Although there is no proof regarding the data being stolen or misused by anyone, officials claimed that the lost donor forms do not consist of Dutch ID copies and other official documents of the people of Dutch which automatically reduces the likability of fraud or an identity theft taking place amid the incident of lost hard drives. The Minister for Health, Wellness, and Sport confirmed that the event did not affect the Donor Register’s ability to deliver accurate donor data.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Financial and Customer Info being Exposed in Slickwraps Data Breach – Disposable mail news


Slickwraps, a mobile device case retailer that specializes in designing and assembling the most precision-fitted phone cases in the world has suffered a major data breach that exposed the personal information of employees including their API credentials, resumes and much more.

In January 2020, a security researcher named Lynx attempted to gain access to Slickwraps’s systems, he acquired full access to the company’s website employing a path traversal vulnerability present in a script which is used by them for customizing cases.

After exploiting the vulnerability, Lynx sent emails stating the same to the company and upon receiving no response to those emails, he decided to make public disclosure of the vulnerability and how he exploited it to acquire access to the systems and the data that was compromised.

While giving insights of the incident, Lynx told that it allowed them to acquire access to 9GB of personal customer data that included employee resumes, customers’ pictures, API credentials, ZenDesk ticketing system along with more sensitive data such as hashed passwords, transactions, and contact-related information.

As per the reports, multiple attempts made by Lynx to report the data breaches to Slickwraps were blocked by the company. Even though Lynx made it clear that they don’t want any bounty and are just trying to get Slickwraps to publicly disclose the breach.

In a post made by Lynx on Medium, he stated, “They had no interest in accepting security advice from me. They simply blocked and ignored me.”

While accepting the shortcomings of the company in terms of user security, Jonathan Endicott, Slickwraps CEO, apologized for the data breach and said, “There is nothing we value higher than trust from our users. In fact, our entire business model is dependent on building long-term trust with customers that keep coming back.”

“We are reaching out to you because we’ve made a mistake in violation of that trust. On February 21st, we discovered information in some of our production databases was mistakenly made public via an exploit. During this time, the databases were accessed by an unauthorized party.”

“Upon finding out about the public user data, we took immediate action to secure it by closing any database in question. As an additional security measure, we recommend that you reset your Slickwraps account password. Again, no passwords were compromised, but we recommend this as a standard safety measure. Finally, please be watchful for any phishing attempts.”

“We are deeply sorry about this oversight. We promise to learn from this mistake and will make improvements going forward. This will include enhancing our security processes, improving the communication of security guidelines to all Slickwraps employees, and making more of our user-requested security features our top priority in the coming months. We are also partnering with a third-party cybersecurity firm to audit and improve our security protocols.”

“More details will follow and we appreciate your patience during this process.” the statement further read.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

SoPo Nonprofit Told, Unknown Number of Clients Affected by Data Breach – Disposable mail news

A South Australian company, PSL Services, also known as Peregrine Corporation involved in the operation of service stations, convenience retail outlets and tobacconists recently disclosed a data breach to Mainebiz.

The company administered from its head office in Kensington Park, South Australia told that personal data of its employees including their names, email accounts, some medical information along with other sensitive information may have been accessed illegally between December 16 and December 19, 2019. Other information accessed without authorization includes address, DOB, Driving License Number, Social Security Number and Identifying Numbers of clients for participation in Mainecare.

There have been no speculations made by the corporation as to who is behind the public breach of its confidential data, however, the officials told in an email that there are chances that the criminal behind the incident was trying to force the agency in sending funds electronically which they did not.

Post-incident, the company was subjected to back to back investigations and it refused to specify the number of employees being affected. PSL did not provide other details regarding the incident such as whether the individuals were clients, employees, family members or others. As per some news releases, PSL came to know about the breach on 17th December after some suspicious activity was observed in an employee’s email account, it immediately reported the same to its information services department.

The corporation told that it had “notified the Office of Civil Rights at U.S. Department of Health and Human Services, the Maine Attorney General, and prominent news media outlets throughout the state of Maine.”

Referencing from the statements given by Lori Sanville, executive director, “The contents of a small number of email accounts were exposed,”

“The number is unknown until the data mining is completed. We will then contact anyone affected.”

In regard of the same incident, PSL also contracted with a cybersecurity vendor to further investigate the matter and come up with security measures, as per Sanville. In addition, she told Mainebiz, “We want our clients and the community to know that we take this matter very seriously and that we remain committed to assisting our clients first and foremost.”


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.