US data analytics provider Alteryx has left an Amazon S3 storage bucket exposed online, leaking the sensitive details of over 123 million US households in the process.
The details of over 19 million California voters were left exposed online in an unsecured MongoDB database and were later held for ransom, according to researchers from the Kromtech Security Center.
The US Department of Justice (DOJ) has formally charged a former NSA employee for taking classified documents home. The man, Nghia Hoang Pho, 67, of Ellicott City, Maryland, pleaded guilty today, according to court documents released by the DOJ.
A security researcher has identified thousands of Serial-to-Ethernet devices connected online that leak Telnet passwords that could be used to attack the equipment that is placed behind them.
Ten days after an Amazon S3 server exposed data from the US Army's CENTCOM and PACOM divisions, security researchers have identified another S3 server instance that leaked files from INSCOM, a joint US Army and NSA agency tasked with conducting intelligence, security, and information operations.
A security researcher revealed today he found three misconfigured Amazon S3 servers belonging to the US Department of Defense (DOD) containing 1.8 billion social media and forum posts made by users from all over the world, including many by Americans.
The takedown of three major Dark Web markets by law enforcement officials over the summer has driven many vendors of illegal products to set up their own shops that, in many cases, are not properly configured and are leaking the underlying server's IP address.
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff.
Extortion can also be funny when it happens to the bad guys, and there's one extortion attempt going on right now that will put a big smile on your face.
Appleby, a Bermuda law firm that handles the finances for some of the world's richest people, admitted yesterday to a security breach that took place last year.
The Asia-Pacific Network Information Centre (APNIC), the organization that manages domain name information for the Asia-Pacific region, fixed on Monday an error that exposed password hashes needed to access and edit domain ownership details.
Even if a video streaming service is using HTTPS to encrypt its traffic, an attacker can still determine with a very high accuracy what content a user might be watching.
Security researchers, and what appears to be at least one hacker, have found an ElasticSearch server left exposed online that was hosting information about 1,133 National Football League (NFL) players and agents.
During the past year, there has been a surge in data breach reporting regarding Amazon S3 servers left accessible online, and which were exposing private information from all sorts of companies and their customers.
iTerm2, a popular Mac application that comes as a replacement for Apple's official Terminal app, just received a security fix minutes ago for a severe security issue that leaked terminal content via DNS requests.
Dutch security researcher Victor Gevers has discovered 2,893 Bitcoin miners left exposed on the Internet with no passwords on their Telnet port.
Wikileaks has released new files part of the Vault 7 series it claims it obtained from the CIA. The files dumped online yesterday reveal details about the inner workings of a biometrics system developed by the CIA, and which the agency has provided to various liaison services, such as the DHS, FBI, and NSA.
Episode 6 of Game of Thrones season 7 has leaked online on streaming, torrent, and file-sharing portals after HBO accidentally broadcast the episode via its on-demand streaming platform.
Earlier today, the hacker group that goes by the pseudonym of Mr. Smith has leaked more data from HBO servers. This time around the hackers leaked a plethora of unaired episodes from ten different HBO shows.