[ad_1]
From TecMundo:
The Brazilian multinational Vale was invaded and supposedly confidential internal documents were removed and fled by invaders. Hackers would have benefitted from an open door in Microsoft SharePoint, a team-based software tool for retrieving minutes, to retrieve security incidents and incidents around the world.
TecMundo received the documents Tuesday (29) from an anonymous source. There are approximately 40,000 files in a 500MB file. Security incidents can be found between 2017 and 2019 in the Vale regions of Brazil, Canada, Mozambique, New Caledonia and Indonesia.
"One of the documents reports armed robbery in a conduit, later police file," said the source in the email in which he had sent the documents. The TecMundo found the document cited in the document in question, but not the problem of the police incident cited.
Vale was contacted about the incident. However, she did not provide any response before the publication of this article – update: after publication, the company sent a note that you check below. On the other hand, the hackers did not explain in detail how the company had been hacked, they only noticed that the documents were extracted via a loophole in the hidden URL open to the public – "Indexing secret documents in a hidden subdomain, search. "
Hackers also sent a note to TecMundo about the reasons for the invasion. Complete Accompaniment: " What is life worth?" For Vale do Rio Doce, life is just a number, a number, a statistical figure, a measurable risk for the brand's reputation. They would have learned from past experiences, but it is simply impossible for them to realize the value of a lifetime.If I kill 65 people, I am removed from circulation, if a company of this size kills, she is fined and continues to function normally.A fine! No wonder life also has a price.You and I all have a price on this table, it is a matter of time to be the next, so it's profitable.We will not be silent, we will fight against stupidity with information.What is life worth? "
Vale's Positioning
Vale told TecMundo that" ] there was no technical failure on the SharePoint site or the invasion of its computing environment "]" And that " to the information contained in the documents are records and deal with incidents and near misses. This registry is mandatory at Vale and is part of our Occupational Health and Safety Management System . "
The company also stated that" the files for internal use having been badigned to a leak in fact, were available in the public part of our website vale.com
(…) [19659013] Minutes
In the safety incident report, Vale makes the following separations: "Personal Accident", "Material Accident", "Environmental Accident" and "Near Accident". In addition, there are ranks between the "severity" of the crash that always involves "real" and "potential". In the document you see below, a "near miss" in Mato Grosso do Sul has no consequence, but can be "catastrophic".
<img src = "https://img3.ibxk.com.br/2019/01/30/doc-30155733686310.jpg?w=700" alt = "<img src =" https: // img3. ibxk.com.br/2019/01/30/doc-30155733686310.jpg?w=700 "alt ="
! function (f, b, e, v, n, t, s)
{if (f.fbq) return; n = f.fbq = function () {n.callMethod?
n.callMethod.apply (n, arguments): n.queue.push (arguments)};
if (! f._fbq) f._fbq = n; n.push = n; n.loaded =! 0; n.version = 2.0 & # 39 ;;
n.queue = []; t = b.createElement (e); t.async =! 0;
t.src = v; s = b.getElementsByTagName (e) [0];
s.parentNode.insertBefore (t, s)} (window, document, 'script',
& # 39; https: //connect.facebook.net/en_US/fbevents.js');
fbq (& # 39 ;, & # 39; 301448060382165 & # 39;);
fbq ('track', 'Pageview');
[ad_2]
Source link
