data breach

Security misconfigurations are one of the most common gaps hackers look to exploit. One bad configuration setting in a popular cloud platform can have far-reaching consequences, allowing threat actors to access an abundance of valuable, personal inform…

Read More Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings

Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand. The expert discovered the unsecured database on August […]

The post Data of 106 million visitors to Thailand leaked online appeared first on Security Affairs.

Read More Data of 106 million visitors to Thailand leaked online

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The Biden administration plans to target exchanges supporting ransomware operations with sanctions Threat actor has been targeting the aviation industry since at least 2018 Expert discloses details and PoC […]

The post Security Affairs newsletter Round 332 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 332

Anonymous claims to have hacked the controversial web hosting provider Epik, known for allowing far-right, neo-Nazi, and other extremist content. Anonymous hacktivist collective claims has claimed to have hacked the controversial web hosting provided Epik and stolen its data, including information of the clients of the company, as part of an operation codenamed EPIKFAIL. The hosting […]

The post Anonymous hacked the controversial, far-right web host Epik appeared first on Security Affairs.

Read More Anonymous hacked the controversial, far-right web host Epik

Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The […]

The post Revil ransomware operators are targeting new victims appeared first on Security Affairs.

Read More Revil ransomware operators are targeting new victims

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Cisco released security patches for High-Severity flaws in IOS XR software New SOVA Android Banking trojan is […]

The post Security Affairs newsletter Round 331 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 331

The United Nations this week confirmed that its computer networks were hit by a cyberattack earlier this year, as first reported by Bloomberg. The United Nations on Thursday confirmed that its computer networks were hit by a cyberattack earlier this year. “We can confirm that unknown attackers were able to breach parts of the United […]

The post Experts confirmed that the networks of the United Nations were hacked earlier this year appeared first on Security Affairs.

Read More Experts confirmed that the networks of the United Nations were hacked earlier this year

A threat actor that goes online with the moniker ‘Sangkancil’ claims to have stolen the personal information of 7 million Israelis. A threat actor that goes online with the moniker ‘Sangkancil’ claims to have stolen the personal information of 7 million Israelis from the CITY4U website. The hacker is offering the data for sale, but […]

The post Personal information of 7 million Israelis available for sale appeared first on Security Affairs.

Read More Personal information of 7 million Israelis available for sale

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services The bank was hit by AVOS Locker […]

The post Pacific City Bank hit by AVOS Locker Ransomware appeared first on Security Affairs.

Read More Pacific City Bank hit by AVOS Locker Ransomware

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. SEC warns of investment scams related to Hurricane Ida Apple will delay the rollout of new child […]

The post Security Affairs newsletter Round 330 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 330

The U.S. Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. The U.S. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. The companies were not able to protect the confidential information of their customers. “The Securities […]

The post SEC announces sanctions against entities over email account hacking appeared first on Security Affairs.

Read More SEC announces sanctions against entities over email account hacking

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Cloud hosting provider Swiss Cloud suffered a ransomware attack Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle WeSteal, a shameless commodity cryptocurrency […]

The post Security Affairs newsletter Round 313 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 313

CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. Most organizations use databases to store sensitive information. This includes passwords, usernames, document scans, health records, bank account and credit card details, as well as other essential data, […]

The post 19 petabytes of data exposed across 29,000+ unprotected databases appeared first on Security Affairs.

Read More 19 petabytes of data exposed across 29,000+ unprotected databases

Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses andconsumers. If you look at Verizon’s 2020 Data Breach Investigations Report, you canfind some of the most common causes of data breaches. However, you will also […]

The post Most Common Causes of Data Breach and How to Prevent It appeared first on Security Affairs.

Read More Most Common Causes of Data Breach and How to Prevent It

Experian API exposed credit scores of tens of millions of Americans due to a weakness with a partner website. Anyone was able to look up the credit score of tens of millions of Americans just by providing their name and mailing address. The issue was reported to KrebsOnSecurity by the independent security researcher Bill Demirkapi, […]

The post Experian API exposed credit scores of tens of millions of Americans appeared first on Security Affairs.

Read More Experian API exposed credit scores of tens of millions of Americans

The City of Toronto says it suffered a “potential cyber breach” from a hack of data in its Accellion FTA file transfer server in January that may have involved the health information of individuals.

The post Toronto hit by ‘potential cyber breach’ from Accellion file transfer software first appeared on IT World Canada.

Read More Toronto hit by ‘potential cyber breach’ from Accellion file transfer software

Settlement will cost BMO up to $21 million and CIBC $1.7 million in class action lawsuit In addition they paid millions to cover money stolen from accounts and other compensation

The post Two Canadian banks could pay up to $23 million to settle lawsuits in 2018 hacks first appeared on IT World Canada.

Read More Two Canadian banks could pay up to $23 million to settle lawsuits in 2018 hacks

Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket. The server contained 55,000 court papers regarding over 15,000 legal cases, which affected hundreds of thousands of people. What’s Going On? Our online security team has uncovered a massive data breach originating from a misconfigured […]

The post Data Breach: Turkish legal advising company exposed over 15,000 clients appeared first on Security Affairs.

Read More Data Breach: Turkish legal advising company exposed over 15,000 clients

Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. On Friday, The Register become aware of the compromise of the NurseryCam network. NurseryCam is produced by the companies FootfallCam Ltd and Meta Technologies Ltd. In response to the incident, the company shut down its IoT […]

The post NurseryCam daycare cam service shut down after security breach appeared first on Security Affairs.

Read More NurseryCam daycare cam service shut down after security breach

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. PayPal addresses reflected XSS bug in user wallet currency converter The kingpin behind Jokers Stash retires with a […]

The post Security Affairs newsletter Round 302 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 302

Sequoia Capital, one of the most prominent venture capital firms, told its investors that an unauthorized third party had access to their information. Sequoia Capital, one of the most prominent venture capital firms that focus on the technology industry, discloses a data breach. The company informed its investors that an unauthorized third party had access to their […]

The post Sequoia Capital Venture Capital firm discloses a data breach appeared first on Security Affairs.

Read More Sequoia Capital Venture Capital firm discloses a data breach