• img June 01, 2017

Insecure Backend Databases Blamed for Leaking 43TB of App Data

Insecure backend databases and mobile apps are making for a dangerous combination, exposing an estimated 280 million records that include a treasure-trove of private user data. According to a report by Appthority, more than 1,000 apps it looked at on mobile devices leaked personally identifiable information that included passwords, location, VPN PINs, emails and phone […]

Read More
  • img June 01, 2017

Crowdfunding Effort to Buy ShadowBrokers Exploits Shuts Down

Heeding the advice of attorneys, law enforcement and peers in the security industry, a crowdfunding campaign that spun up to purchase the next batch of ShadowBrokers leaks has been squashed. The group announced this week more details on its impending Dump of the Month Service in which it promises to leak additional exploits and stolen […]

Read More
  • img June 01, 2017

OneLogin Breach Compromised Customer Data, Ability to Decrypt Encrypted Data

A breach at OneLogin, a company that provides customers with a single sign on for logging into multiple sites and apps, appears to have compromised customer data, including the ability to decrypt encrypted data. The company notified customers via email Wednesday that the incident stemmed from unauthorized access to one of its U.S. data centers. “All […]

Read More
  • img June 01, 2017

Intelligence data, security credentials found exposed in the Amazon cloud

A data cache containing highly sensitive US military data has inadvertently been exposed online, UpGuard cyber risk analyst Chris Vickery has discovered last week. After downloading and analyzing the data, he tied it to the US National Geospatial-Intelligence Agency (NGA), and guessed that it likely belonged to private intelligence contractor Booz Allen Hamilton. The contents […]

Read More
  • img June 01, 2017

Hackers hosted tools on a Stanford University website for months

Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers, and a failure to keep them out can result in the servers hosting phishing and scam pages, spam mailers, exploit kits, or malware. Sometimes, these vulnerable servers are abused by different hackers, who vie for sole […]

Read More