A security researcher revealed today he found three misconfigured Amazon S3 servers belonging to the US Department of Defense (DOD) containing 1.8 billion social media and forum posts made by users from all over the world, including many by Americans.
The takedown of three major Dark Web markets by law enforcement officials over the summer has driven many vendors of illegal products to set up their own shops that, in many cases, are not properly configured and are leaking the underlying server's IP address.
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff.
Extortion can also be funny when it happens to the bad guys, and there's one extortion attempt going on right now that will put a big smile on your face.
Appleby, a Bermuda law firm that handles the finances for some of the world's richest people, admitted yesterday to a security breach that took place last year.
The Asia-Pacific Network Information Centre (APNIC), the organization that manages domain name information for the Asia-Pacific region, fixed on Monday an error that exposed password hashes needed to access and edit domain ownership details.
Even if a video streaming service is using HTTPS to encrypt its traffic, an attacker can still determine with a very high accuracy what content a user might be watching.
Security researchers, and what appears to be at least one hacker, have found an ElasticSearch server left exposed online that was hosting information about 1,133 National Football League (NFL) players and agents.
During the past year, there has been a surge in data breach reporting regarding Amazon S3 servers left accessible online, and which were exposing private information from all sorts of companies and their customers.
iTerm2, a popular Mac application that comes as a replacement for Apple's official Terminal app, just received a security fix minutes ago for a severe security issue that leaked terminal content via DNS requests.
Dutch security researcher Victor Gevers has discovered 2,893 Bitcoin miners left exposed on the Internet with no passwords on their Telnet port.
Wikileaks has released new files part of the Vault 7 series it claims it obtained from the CIA. The files dumped online yesterday reveal details about the inner workings of a biometrics system developed by the CIA, and which the agency has provided to various liaison services, such as the DHS, FBI, and NSA.
Episode 6 of Game of Thrones season 7 has leaked online on streaming, torrent, and file-sharing portals after HBO accidentally broadcast the episode via its on-demand streaming platform.
Earlier today, the hacker group that goes by the pseudonym of Mr. Smith has leaked more data from HBO servers. This time around the hackers leaked a plethora of unaired episodes from ten different HBO shows.
Sensitive corporate data from customers protected by Carbon Black endpoint detection and response (EDR) solutions has been found on multiscanner services, according to an investigation by DirectDefense, a provider of managed security strategies.
The group who announced they hacked HBO last week have leaked new files from the company's servers, via private emails to the press and a website for everyone else.
Earlier today, the hackers leaked the fourth episode of Game of Thrones season 7 on Vidme and Google Drive. HBO intervened and took down the Google Drive links, but the Vidme page is still up and streaming the leaked episode at the time of writing.
A hacker or group of hackers has breached the servers of HBO and have stolen over 1.5TB of information, some of which they leaked online over the weekend.
Earlier today, a hacker group named 31337 Hackers has leaked personal details and files belonging to a security researcher working for Mandiant, FireEye's breach investigation unit.