Browsing tag
Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction. Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity. Described as an SQL injection flaw, it’s rooted in a dependency called […]
Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data store that could be abused to achieve remote code execution on the underlying machine. […]
The clients affected by the incident involving a misconfigured Amazon S3 bucket include Global 500 company Ericsson and Fortune 500 company Cisco. IT security researchers at Website Planet Security Team discovered a misconfigured Amazon S3 bucket that was owned by D.W. Morgan, a supply chain management and logistics giant D.W. Morgan. The company is headquartered […]
Working from home (WFH) is not a piece of cake especially when cybercriminals exploited every possible vulnerability to break into your workstation. Cybercriminals are improving and refining their methods for preying on people’s anxieties about COVID-19. As a result, working from home has opened the door to new types of data theft. A lack of […]
The vulnerability existed in the WP Reset PRO WordPress plugin which is used by more than 400,000 websites. The IT security researchers at Patchstack (previously known as WebARX) have discovered a high severity security vulnerability in the WP Reset PRO WordPress plugin that allows ‘authenticated’ users to wipe data from vulnerable websites. According to their […]
The database was left exposed on an Elasticsearch Cluster without any password or security authentication. StripChat is one of the top five adult cam sites on the internet. Earlier this month, this site suffered a database mess up that leaked sensitive data, including payment details and chat messages of roughly 200 million of the site’s […]
Reportedly, the database also contains personal information of Argentinian President Alberto Fernández, football superstars Sergio Aguero and Lionel Messi. After the infamous La Gorra Leaks in 2017 and the exposure of Argentinian politicians and law enforcement officials in 2019, Argentine is back in the news for all the wrong reasons. This time, hackers have reportedly […]
The Quickfox VPN is mainly used by Chinese citizens living abroad who need to access Chinese websites as most of these sites are geo-restricted. Wizcase’s team of ethical researchers, led by Ata Hakcil, discovered a “critical leak” that the researchers found to be exposing personally identifiable information of at least one million users of a […]
According to FarFaria, its apps are “created for children ages 2-9” meaning that the incident exposed children to cybercriminals. Another day, another data leak incident involving misconfigured and exposed MongoDB database – This time it is FarFaria, a San Francisco, CA-based company that offers storybooks for children service through Android and iOS apps. It all happened […]
The misconfigured S3 bucket was owned by SeniorAdvisor, a consumer ratings and reviews website. WizCase’s cybersecurity researchers discovered a misconfigured Amazon S3 bucket owned by SeniorAdvisor, one of the leading consumer ratings and reviews websites for senior care/services in the USA and Canada. The company aids senior citizens in finding care options in their localities. […]
LinkedIn has not suffered data breach but the records being sold are collected through data scraping technique. Two months back, Hackread.com exclusively reported a staggering data leak compiled as a result of data scraping involving LinkedIn where threat actors posted 500 million and over 800 million LinkedIn user profiles up for sale on a hacker […]
The alleged AT&T database is being sold for starting price of $200,000. ShinyHunters, the notorious hacker is claiming to have access to the AT&T database containing personal and sensitive records of more than 70 million customers. For your information, AT&T Inc. is the largest provider of mobile telephone services in the U.S. and also the […]
The total size of the exposed data was 86.15 GB with 814,709,344 total records from the past 3 years. In recent news, the IT security researchers at Website Planet found an unsecured database owned by Los Angeles-based web hosting provider and domain name registrar DreamHost. The database belonged to DreamHost’s DreamPress managed WordPress hosting that […]
It took Wegmans a month to respond and secure its data after the Website Planet Security Team’s alerted the company about the issue. In recent news, Wegmans Food Markets, Inc., a private US supermarket chain with 106 stores across the country, exposed sensitive credentials and through a misconfigured Microsoft Azure Blob Storage Server. The total […]
Reportedly, Carter’s failure to implement proper authentication protocols on the store’s parcel tracking pages exposed data and shoppers to scams. VpnMentor analysts report that the US-based baby clothing retailer Carter’s exposed personally identifiable information (PII) of hundreds of thousands of its customers because of inadequate security of Linc, the automatic online purchases software the company […]
Cybersecurity firm Cognyte fails to secure its database exposing 5 billion records comprise of previous data breaches. In recent news, a cybersecurity analytics firm, Cognyte was found to be responsible for leaving a huge database unsecured which led to more than 5 billion records being exposed online. The database could be accessed by anyone and […]
Bergen Logistics, a New Jersey-based company exposed its database back in December 2020 but Lolz when alerted about the incident. Recently, the IT security researchers at Website Planet uncovered an exposed database belonging to Bergen Logistics that stored 467,979 records all relevant to their shipments and customers. This means that any clients that conducted business […]
The company was informed about the exposed data in December 2020 but it only responded and secured the data in March 2021. FastTrack Reflex Recruitment firm recently joined the ranks of other companies that have been affected by data leaks due to misconfigured AWS S3 buckets. This data breach majorly affected the applicants whose CVs […]
Programs work with databases, and if the database crashes essential information can be lost and this will be disastrous to the user. So what are your options? Programmers say that every program has an error, even if it’s just one and if you’ve ever been in close contact with computer software, you’ll understand that even […]
OGUsers was also hacked in May 2019, April 2020, and December 2020. Another day, another data breach hits OGUsers, a cybercrime forum, and marketplace for stolen credentials and financial data. Yes, OGUsers has suffered another data breach in which its entire database has been dumped on a rival hacking forum. It is worth noting that […]
The exposed database was being updated in realtime with new logs while 1.48 million robocall logs were accessed by researchers initially. The WebsitePlanet research team alongside Jeremiah Fowler, an IT security researcher, discovered an insecure database that had no password protection and contained a large number of phone call records as well as VOIP (Voice […]