News • Insights • Analysis
NHS Digital has scored a classic Mail All own-goal by dispatching not one, not two, not three, but four emails concerning an infosec breakfast briefing, each time copying the entirety of the invite list in on the messages. The first Read More …
The St. Louis Post-Dispatch newspaper recently found a huge security blunder: The Missouri educational agency’s site was displaying 100,000+ clearly visible Social-Security numbers for school teachers, administrators and counselors in its HTML source code. The newspaper verified its findings with Read More …
‘The Telegraph’, one of the UK’s largest newspapers and online media outlets, has leaked 10 TB of data after failing to properly secure one of its databases. The exposed information includes internal logs, full subscriber names, email addresses, device info, Read More …
Underground marketplace and hacker forum, RaidForums, recently exposed internal pages from its website, meant for staff members only. RaidForums is a data breach marketplace where threat actors often sell or leak illicitly obtained data dumps. Read more… Source: Bleeping Computer Read More …
Bugs in the implementation of Microsoft Exchange’s Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide. In a new report by Amit Serper, Guardicore’s AVP of Security Research, the researcher reveals how the incorrect implementation Read More …
A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week. Bob Diachenko, head of cybersecurity research at product-comparison website Comparitech, said the Elasticsearch data Read More …
There’s a fine line between getting hold of data that may be in the public interest and downright stealing data just because you can. And simply because the data is out there – having been stolen by online intruders and Read More …
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. Since 2019, the REvil ransomware operation, aka Sodinokibi, has been conducting attacks on organizations worldwide where they Read More …
Data from Japanese tech giant Fujitsu is being sold on the dark web by a group called Marketo, but the company said the information “appears related to customers” and not their own systems. On August 26, Marketo wrote on its Read More …
Researchers with vpnMentor have uncovered a data breach involving the COVID-19 test and trace app created by the Indonesian government for those traveling into the country. The ‘test and trace app’ — named electronic Health Alert Card or eHAC — Read More …
