Login

Register

Login

Register

Tag

million
A digital wallet app with millions of users has become the latest organization to be caught storing customer data in unsecured Amazon Web Services (AWS) S3 buckets.  Researchers at vpnMentor discovered five misconfigured buckets containing the personal data of 14 million users of the Key Ring app.  The Key Ring app allows users to upload and store scans and...
Read More
A company claiming to provide “the world’s most secure online backup” leaked metadata and customer information in over 135 million records after misconfiguring an online database, Infosecurity has learned. The team at vpnMentor discovered the privacy snafu as part of its ongoing web mapping project that has already uncovered major cloud data leaks at brands...
Read More
Marriott International has today announced that it has suffered a data breach affecting up to 5.2 million people. The hotel chain says it uses an application to help provide services to its guests. Beginning mid-January this year, the login credentials of two employees at a franchised property were used to access guest information on this...
Read More
Hotel chain Marriott International announced today that it has suffered a second data breach. According to an incident notification published on their website, the company spotted unusual activity occurring in an app that guests use to access services during their stay.  An investigation into the activity revealed that the login credentials of two Marriott employees had been...
Read More
Security researchers have discovered tens of millions of accounts from a third-party version of Telegram that were leaked online in another cloud misconfiguration. Bob Diachenko and the Comparitech team found the exposed data on March 21. It had been posted to an Elasticsearch cluster, password-free, by a group called “Hunting system” in Farsi. Although the...
Read More
The National Gallery was subjected to nearly two million email cyber-attacks last year, official data received by Absolute Software has revealed. Obtained via a Freedom of Information request, the figures displayed the lengths cyber-criminals went to try and steal the personal and financial data of members of the major tourist attraction. The gallery, which attracts over five million visitors...
Read More
The Student Loans Company (SLC) was hit by over five million email attacks last year, but appears to have weathered the cyber-storm from hackers. A Freedom of Information (FOI) request issued by law firm Griffin Law revealed the scale and nature of the email threat to the government-owned public body, which provides funding for over...
Read More
Nearly eight million sales records containing the personal information of UK shoppers have been discovered exposed to the public-facing internet, after another cloud misconfiguration. Noted researcher Bob Diachenko discovered the unsecured MongoDB database residing on an Amazon Web Services (AWS) server on February 3. It was secured five days later, after Diachenko identified and notified...
Read More
Almost one million Virgin Media customers may have had their personal details exposed to hackers after a database was left unsecured online. The British ISP, owned by US cable group, Liberty Global, informed customers by email this week that the database of 900,000 users was accessible from at least 19 April 2019. Worse still, it...
Read More
Let’s Encrypt has revealed that over one million of its HTTPS certificates containing a bug in its automatic validation code will not be revoked by the March 5 deadline, despite being non-compliant. The free TLS certificate organization discovered the flaw in late February. It lies in the code which checks for a Certificate Authority Authorization...
Read More
Let’s Encrypt was all over the news recently – the cybersecurity news, at any rate – for the laudable reason that it just issued its 1,000,000,000th TLS certificate. TLS certificates are the cryptographic sauce that puts the S in HTTPS, and the padlock in your browser’s address bar. The padlock doesn’t vouch for the actual...
Read More
French sporting retail giant Decathlon has become the latest big brand to expose user data via a misconfigured database, leaking over 123 million records including customer and employee information, according to researchers. A team at vpnMentor uncovered the 9GB database on an unsecured Elasticsearch server. It contained information from Decathlon’s Spanish, and potentially also its UK, businesses....
Read More
Security researchers have discovered a publicly exposed cloud database containing personal data and behavioral profiles on 120 million Americans. Security company UpGuard found the misconfigured Amazon S3 bucket on February 3 this year, eventually tracing it back to market analysis company Tetrad. Around half of the 747GB trove appears to have been sourced from client...
Read More
Estée Lauder is the latest big-name brand to suffer an embarrassing data leak after a researcher discovered 440 million records including plain text emails exposed via an online database. Security Discovery’s Jeremiah Fowler made the discovery on January 30, claiming the non-password protected database exposed a total of 440,336,852 records. It’s unclear how many user...
Read More
The Danish government is under fire after an audit revealed that the personal identity numbers of over a fifth of the country’s population were leaked to US tech providers for five years. The issue was discovered by the Agency for Development and Simplification (Udviklings-og Forenklingsstyrelsen) which maintains the country’s tax office IT systems. It is...
Read More
A data breach at Indian airline SpiceJet has exposed the personal information of over a million passengers. Access to the airline’s computer system was gained last month by a security researcher, who went on to report the breach to TechCrunch. Using a brute-force attack, the researcher busted into an unencrypted database backup file containing the private information of...
Read More
The British Council, which promotes wider knowledge of the UK and English language in over 100 countries worldwide, was hit by over 10 million malicious email attacks in 2019, according to official figures. The data was obtained by Nimbus Hosting under the Freedom of Information Act and showed that the British Council blocked a total...
Read More
As many as 31 million stolen payment card records from a 2019 breach at convenience store chain Wawa could soon be on sale on a notorious dark web marketplace. Stas Alforov and Christopher Thomas at threat intelligence firm Gemini Advisory claimed the upload of stolen data at the Joker’s Stash site began on Monday. Dubbed “BIGBADABOOM-III,” the...
Read More
Microsoft has today announced a data breach that affected one of its customer databases. The blog article, entitled Access Misconfiguration for Customer Support Databases, admits that between 05 December 2019 and 31 December 2019, a database used for “support case analytics” was effectively visible from the cloud to the world. Microsoft didn’t give details of...
Read More
Microsoft briefly exposed call center data on almost 250 million customers via several unsecured cloud servers late last year, according to researchers. Bob Diachenko spotted the major privacy snafu a day after databases across five Elasticsearch servers were indexed by the BinaryEdge search engine on December 28. Each contained a seemingly identical trove of Microsoft...
Read More
1 2
Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW