Browsing tag
The IT security researchers at Kromtech Security Center discovered a trove of personal and sensitive data belonging to around 15,000 to 20,000 Indian applicants participating in cricket seasons 2015-2018. The authority responsible for protecting this data was The Board of Control for Cricket in India (BCCI) but it was left exposed to the public in two […]
EE, a British mobile network giant owned by BT Group has been accused of leaving a critical code repository on an open-source tool protected by default username and password. A security researcher going by the Twitter handle of “six” found two million lines of code including access to the company’s private employee and developer APIs and AWS secret […]
A team of security researchers at Checkmarx have created a “skill” that can turn Amazon’s virtual assistant Alexa into an eavesdropping device. It abuses the built-in request capabilities of the device to record your conversation indefinitely and send the transcripts to any third party website or Amazon. Alexa has been designed to detect sound at all times to […]
Facebook has been at the receiving end of backlash and criticism from security fraternity for being embroiled into one data exposure scandal after another lately. The Cambridge Analytica data scandal is still fresh in our minds, where private data of nearly 87 million Facebook users got compromised. It seems like data breaches season is far […]
The IT security researchers at Trend Mirco have discovered that on March 25th, 2018, malicious hackers compromised AOL’s advertising platform and modified its script to mine Monero cryptocurrency. The researchers also found MSN’s web portal’s Japanese domain was also infected by a similar script to mine Monero coins from the computing power of site’s visitors. More: Hackers Hide Monero Cryptominer […]
Unsecured Amazon S3 Bucket Claims Another Victim – This Time, Private Data of 1.3 Million Limogés Jewelry Customers Have Been Exposed. Have you heard about MBM Company INC.? Probably you haven’t because not many are familiar with this name but you must be familiar with the brand name Limogés Jewelry. Limogés Jewelry is actually the […]
The vulnerability in Memcached Servers has been exposed to the masses since its proof of concept (PoC) code was recently published online. That exposure would now allow script kiddies to conduct large-scale DDoS attack as if the recent massive DDoS attack on Github and the world’s largest 1.7Tbps attack on an American firm weren’t enough. […]
Another day, another Monero cryptocurrency miner – This time, the target was LA times’ The Homicide Report website. Troy Mursch, a Las Vegas-based security researcher (“Bad Packets” on Twitter) identified that hackers compromised LA Times website to mine Monero cryptocurrency. The incident took place on February 21st on The Homicide Report, a website run by the LA Times […]
It is 2018 and the easiest way to make quick money at someones else’s expense is mining cryptocurrency. This time, however, researchers have found two new victims of cryptojacking including Tesla, Inc. (formerly Tesla Motors) and Wikipedia, an online content based encyclopedia. These findings came from two separate IT security firms. First, according to researchers at California based Cloud Threat Defense […]
It is just another day with just another privacy invasion – This time it is FedEx whose customer data has been exposed online, thanks to unsecured AWS S3 bucket. In July 2017, FedEx Corporation, a multinational courier delivery services company based in the United States announced that its subsidiary company TNT Express was facing issues due to the infection […]
A critical security flaw or bug in Motorola Moto G5 Plus lets anyone easily bypass the lockscreen without going through the authentication process. Amazon’s Prime Exclusive program has been running successfully from quite some time now; under this program, Amazon partners with mobile phone vendors to sell their phones on a considerably low price if customers choose to […]
Another day, another malware scam – This time, the pirated version of Fire and Fury book has been found infecting devices with a backdoor. An IT security researcher at Kaspersky Labs, Michael Molsner, has pointed out in his latest research that hackers are trying to benefit from the hype that the new book from Michael […]
The group, which embodies countless tech organizations including Google, Amazon, Facebook, Etsy and various companies, stated that the organization will not only compete in the coming lawsuits which should come shortly after the repeal hits the Federal Register but would carry a “legislative solution” to help make net neutrality permanent. “The final report of Chairman […]
The prosecutions were filed in California, Oregon, and Indiana, according to The News. The three incidents focus on the setback in Intel disclosing the Meltdown and Spectre cyber-flaws, which make it and others firms’ parts vulnerable to hackers. The company was first published of the two vulnerabilities in June 2016 but did not openly disclose […]
The devastating discovery about security flaws (namely Meltdown and Spectre) identified in various generations of Intel CPUs, probably all processors manufactured over the past decade, has taken the tech world by storm. Every day we get to learn about alarming new details, which reinforce the fact that the problem is bigger than we initially thought. […]
Meltdown and Spectre vulnerabilities haunting users and Tech Giants worldwide – Now the Giants have addressed the issue. Recently, we reported about the security flaws that render the inner workings of multiple generations of Intel CPUs vulnerable to exploitation. Now there are new details available about the flaws. These flaws were identified by Google’s Project Zero […]
In September this year when Equifax servers were hacked it allowed attackers to steal personal details of more than 143 million Americans – That was over 40% of the entire population of the United States. Now, the Cyber Risk Team at UpGuard have discovered a massive trove of data belonging to households in which personal and sensitive details […]
It’s the latest movement in a clash between Amazon and Google, which has seen the two businesses hold their products off the rival’s programs and services. It’s not the first time Google has molded Amazon from the traditional video platform. In September, Google dragged YouTube from Echo Show, Amazon’s voice-enabled artificial intelligence product. The business […]
Some quick tips if you use S3 buckets: Randomise your bucket names! There is no need to use company-backup.s3.amazonaws.com. Set appropriate permissions and audit regularly. If possible create two buckets – one for your public assets and another for private data. Be mindful about your data. What are suppliers, contractors and third parties doing with […]
Another day another massive trove of sensitive NSA data exposed online – This time, security firm UpGuard’s Cyber Risk team has identified yet another unsecured AWS (Amazon Web Service) S3 cloud storage bucket containing sensitive, confidential data that belongs to the joint command of National Security Agency (NSA) and US Defense Department called the United States […]
Rhino Security Labs’ researchers have discovered a vulnerability in Amazon’s Key delivery service and Cloud Cam security camera. This vulnerability allows an attacker to manipulate the functioning of the camera to make it go offline due to which it will not be possible to monitor if someone entered a home or not. It is worth […]