Today, Amazon announced a new offering named "AWS Secret Region," which is a cloud server region for use only by US intelligence agencies and their third-party contractors.
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
Security researchers, and what appears to be at least one hacker, have found an ElasticSearch server left exposed online that was hosting information about 1,133 National Football League (NFL) players and agents.
A malware author (or authors) has made around $63,000 during the past five months by hacking unpatched IIS 6.0 servers and mining Monero.
According to Avast, the database where the CCleaner hackers were collecting data from infected hosts ran out of space and was deleted on September 12, meaning information on previous victims is now lost to investigators and the number of computers infected with the second-stage backdoor payloads may be larger than initially believed.
The Kromtech Security Center has identified over 4,000 instances of ElasticSearch servers that are hosting files specific to two strains of POS (Point of Sale) malware — AlinaPOS and JackPOS.
The recent wave of ransom attacks on MongoDB databases happened because database owners forgot to set passwords on their administrator accounts, according to Davi Ottenheimer, Senior Director of Product Security at MongoDB, Inc.
Ransom attacks on MongoDB databases rekindled last week and over the weekend with the emergence of three new groups that hijacked over 26,000 servers, with one group hijacking 22,000.
A PHP ransomware project open-sourced on GitHub is still spawning active threats, more than a year after it was released in early 2016.
The Daily Stormer, the most well known of all white supremacy online portals, was forced to move today to the Dark Web after various service providers dropped the site from their infrastructure.
An Internet-wide scan carried out by security researchers from Rapid7 has discovered over 11 million devices with 3389/TCP ports left open online, of which over 4.1 million are specifically speaking the RDP protocol.
Google's BBR algorithm for handling TCP traffic congestion has gained huge ground this week after Google announced integration with Google Cloud, a cloud hosting platform offered by Google to thousands of companies and which serves millions of websites on a daily basis.
Servers and infrastructure belonging to Intellect Service, the company behind the M.E.Doc accounting software, were grossly mismanaged, being left without updates since 2013, and getting backdoored on three separate occasions during the past three months.
WikiLeaks dumped today a manual describing a new CIA malware strain. Called OutlawCountry, this is malware designed for Linux operating systems.
Britain's Internet regulator, the Information Commissioner's Office (ICO), has fined the city council of Gloucester with £100,000 ($125,000) after local authorities failed to apply a security update for almost three months.
Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, suffered a catastrophic outage after a former administrator deleted all customer data and wiped most of the company's servers.
A joint operation between various industry actors has led to tens of thousands of shadow domains being shut down and removed from the infrastructure of the RIG Exploit Kit (RIG EK).