Cybersecurity News


Unlocked S3 Bucket Lets 36,077 Jail Files Escape

The leaky repository belongs to JailCore, a cloud management and compliance platform used in several states' correctional facilities.
10 February 2020

Unlocked S3 Bucket Lets 36,077 Prison Files Escape

The leaky repository belongs to JailCore, a cloud management and compliance platform used in several states' correctional facilities.
10 February 2020

6 Factors That Raise The Stakes For IoT Security

6 Factors That Raise The Stakes For IoT Security Developments that exacerbate the risk and complicate making Internet of Things devices more secure.
10 February 2020

Docker Registries Expose Hundreds of Orgs to Malware, Data Theft

Docker Registries Expose Hundreds of Orgs to Malware, Data Theft Misconfigured Docker registries could leak confidential data, lead to a full-scale compromise and interrupt the business operations.”
10 February 2020

Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm

Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm The new tactic used by Emotet allows the malware to infect nearby insecure Wi-Fi networks - and their devices - via brute force loops.
10 February 2020

DOJ charges four Chinese military hackers for Equifax hack

DOJ said the hackers stole data on Americans and Equifax's intellectual property.
10 February 2020

Day in the Life of a Bot

A typical workday for a bot, from its own point of view.
10 February 2020

Altsbit plans exit after hack leaves cryptocurrency exchange out of pocket

Only a token amount of cryptocurrency was kept safe in cold wallets.
10 February 2020

Lock My PC takes on tech scammers with free recovery key offering, software withdrawal

The legitimate software is being abused by scammers seeking to exhort payment from victims.
10 February 2020

Two-Step Verification

Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.
10 February 2020

Netanyahu's party exposes data on over 6.4 million Israelis

The app's website exposed a link to an API endpoint that was left without a password, allowing third-parties to obtain passwords for admin accounts.
09 February 2020

FBI is investigating more than 1,000 cases of Chinese theft of US technology

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property.
08 February 2020

Dangerous Domain Corp.com Goes Up for Sale

As an early domain name investor, Mike O'Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years O'Connor refused to auction perhaps the most sensitive domain in his stable -- corp.com. It is sensitive because years of testing shows whoever wields it would have access to an unending stream of passwords, email and other proprietary data belonging to hundreds of thousands of systems at major companies around the globe.
08 February 2020

Windows 7 bug prevents users from shutting down or rebooting computers

Another major bug hits Windows 7 after the January 14 end-of-life (EOL) deadline.
07 February 2020

Hackers deface Facebook's official Twitter and Instagram accounts

After hitting the NFL and ESPN, OurMine returns to strike at Facebook properties.
07 February 2020

Wacom Tablet Data Exfiltration Raises Security Concerns

Wacom Tablet Data Exfiltration Raises Security Concerns Wacom stated that its data collection is done only in aggregate -- but that doesn't fix the issues, according to security experts.
07 February 2020

Google Takeout Serves Up Video Files to Strangers

A limited number of user videos were shared with others in a five-day incident from November.
07 February 2020

Critical Android Bluetooth Bug Enables RCE, No User Interaction Needed

Critical Android Bluetooth Bug Enables RCE, No User Interaction Needed The flaw was recently patched in Android's February Security Bulletin.
07 February 2020

Apple deprecating macOS kernel extensions (KEXTs) is a great win for security

Apple kernel extension APIs to be deprecated in macOS 10.15.4.
07 February 2020

CCPA and GDPR: The Data Center Pitfalls of the 'Right to be Forgotten'

Compliance with the new privacy rules doesn't always fall on data center managers, but when it does, it's more difficult than it may sound.
07 February 2020