Bulgaria: Getting urgent IT experts for revealing vulnerabilities in software

Petko Petrov - a famous IT expert - was arrested on charges of arbitrarily exploiting and disclosing information about the security vulnerability of the software system used by local kindergartens.

Bulgaria: Getting urgent IT experts for revealing vulnerabilities in software

Recently Bulgarian lawmakers have decided to arrest a famous IT specialist in this country - Petko Petrov - on charges of arbitrarily exploiting and disclosing information about the system's security vulnerabilities. Software used by local preschools.

This vulnerability allowed Petko Petrov to download details of 235,543 people in Stara Zagora, a province in central Bulgaria with a population of only 333,000. Thus, the system gap made personal information of about two-thirds of Stara Zagora's population fall into the hands of this IT expert.

Hacker successfully stole 100,000 photos from border control database

Bulgaria: Getting urgent IT experts for revealing vulnerabilities in software Picture 1 Famous Bulgarian IT expert Petko Petkov

After successfully hacking into the vulnerability above, Petko Petkov did not hesitate to share the video recording the entire process on personal Facebook on June 25 last.

The video shows in detail how Petkov conducted an automated attack on the website where parents registered their children for kindergarten. At the same time this site is also under the management of the local government. Well-known IT professionals have used security vulnerabilities to collect personal data of Bulgarian citizens hosting on this site - mainly by parents.

In the video posted on Facebook, Petkov said he tried to contact the site management team as well as information storage software, and of course the local government but was ignored. At the same time, the video description of Petko Petkov also includes a link to the GitHub repository, where people can download the vulnerability exploit code, and it is this 'foolish' action that makes him entangled in the cycle. physical.

GoldBrute botnet campaign is trying to hack 1.5 million RDP servers worldwide

Bulgaria: Getting urgent IT experts for revealing vulnerabilities in software Picture 2 The act of publicly revealing how to exploit the vulnerability caused Petkov trouble

After Petkov's public disclosure of how to exploit the security breach, Stara Zagora provincial authorities collaborated with Bulgarian security authorities to make an emergency arrest of the IT researcher at the end. last week, June 29.

Petko Petkov was detained for 24 hours, then was released on bail, but was banned from leaving his residence to serve the investigation.

According to ZedNet's report, local prosecutors are still waiting to consolidate the allegations under Article 319A of Bulgaria's Criminal Code, regulations on personal sanctions and organizations trying to steal information under management. government through illegal acts. According to local media, if proven guilty, Petkov will face a sentence of 1 to 3 years in prison, and must pay a fine of up to 5,000 Bulgarian leva (about 2,900 USD).

Immediately after Petko Petkov's arrest, Stara Zagora provincial authorities also removed software containing this serious security hole. At the same time, it is said that the representative of the software company responsible for managing and maintaining the website could not answer well the question from the government officials in charge of the investigation, so this company will also be subject to a big penalty. However, the details of the fine have not been disclosed yet.

Start-up corner: Sell drugs on the dark web in exchange for Bitcoin, young men 'peel off calendar' for 10 years

The governor of Stara Zagora said the company was named Information Services AD - the company behind the site contained a vulnerability, would have to repair its software on its own, and report the consequences of the recovery to the authorities in detail.

As for Petkov, the expert thinks that the same software system is used in many other Bulgarian localities, which means that until the problem is resolved, hackers can absolutely Easily collect data from Bulgarian citizens through the above flaw.

Data collected through the vulnerabilities discovered by Petko Petkov including information that is usually stored in a central national database, maintained by the Office of Civil and Administrative Services Management Bulgaria (GRAO).

Power theft from oil rig to dig Bitcoin, a Chinese man is about to be "fed the State"

Bulgaria: Getting urgent IT experts for revealing vulnerabilities in software Picture 3 Bulgarian government building

It is known that the GRAO database has the same value and significance in determining social security index (or similar) in some other countries. This system is stored as personal data including name, age, address, marital status, parenting, passport data, nationality and relatives (children, siblings) of About 10.5 million Bulgarian citizens (including 2 million people died).

Security vulnerabilities - basic insights
software vulnerabilities can be interpreted as a malfunction or weakness in software or operating systems. with the development of new attack technologies, the severity of software vulnerabilities is growing exponentially.
How to use the urgent notification feature on iPhone
the urgent notification feature on iphone will help you not to miss any important notifications, when the notification continuously displays for 1 hour.
Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new version
rarlab, the developer of winrar, has just released an urgent update to patch a dangerous vulnerability in their software.
Microsoft releases urgent patches for VPN bugs and nasty Windows Server bugs
after more than a week of trying to fix it, microsoft has recently released a patch for the issues of the january 2022 patch tuesday update.
Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
in the past few months, security experts around the world have found that many vulnerabilities exist in 4g routers.
Intel's chip has eight new serious vulnerabilities
several weeks ago, google project zero security experts discovered eight new vulnerabilities in intel's chip design, which could directly lead to specter and meltdown, two vulnerabilities that negatively impacted performance. whole computer system.
IBM developed a new technology to patch security holes
top security researchers at ibm have recently developed a new technique to etch almost entirely the impact of security vulnerabilities before they are actually found.
Firefox releases urgent update to patch zero-day vulnerability being exploited by hackers
mozilla has just released urgent updates for firefox 97.0.2, firefox esr 91.6.1, firefox for android 97.3.0 and focus 97.3.0 to fix two critical zero-day vulnerabilities being exploited by hackers.
Stock of ancient silver coins found near Mezdra of Bulgaria
a treasure of 187 roman silver coins was discovered during excavations in the town of mezdra, northwest of the west bank. experts say it has great cultural-historical value.
Find bug in Emotet malware, prevent it from spreading for 6 months
according to researcher james quinn of the security firm binary defense, like other software, malicious code also has vulnerabilities, error codes. hackers can exploit software vulnerabilities to cause harm, security experts can also decompile the source code of malicious code to find the vulnerability to exploit and defeat the malicious code.
New worm attacks Windows
security experts have discovered a new dangerous virus, taking advantage of the latest vulnerabilities in windows to attack the system.
Google Chrome has an urgent update, patching a serious zero-day vulnerability being exploited by hackers
google has just released chrome 91.0.4472.101 emergency update for windows, mac and linux to patch 14 security holes. among these is a critical zero-day vulnerability (cve-2021-30551) that is being actively exploited by hackers.