Security researchers from Imperva have found thousands of Docker hosts exposed to a new vulnerability and exposed remote Docker API. The new research describes the threat along with sample scripts and what can be done about it.
A massive data leak from an ElasticSearch server has exposed information on over 108 million bets, as well as personal information, deposits and withdrawals. The server was not configured with any password or authentication required to protect the data.
A massive data breach dubbed “Collection #1” exposed nearly 800 million email addresses and millions of passwords. Security expert Troy Hunt was alerted of the leaked data made available for free download from popular MEGA cloud storage service. The data consisted of over 12,000 separate files and more than 87GB of data.
Cybersecurity firm UpGuard has discovered an error in Amazon AWS bucket configuration that led to the exposure of internal GoDaddy infrastructure data.
A security researcher from TrustWave discovered multiple vulnerabilities in the Western Digital (WD) MyCloud network storage devices.
Three misconfigured AWS S3 buckets exposed US military archives of an astounding size.
Appthority has discovered a significant data exposure vulnerability called Eavesdropper that impacts nearly 700 enterprise apps associated with 85 Twilio developer accounts.
Nearly four million Time Warner Cable (TWC) customer records were left exposed online via a third party data leak.
In a recent cyber threat report, McAfee provided some good intelligence on how cybercriminals use Mirai attacks to infect poorly configured Internet of Things (IoT) devices and turn them into bots used for large scale network attacks.
Security firm Sucuri warned back in June how compromised CCTV devices were used in multiple denial-of-service (DDoS) attacks every day. In the report, nearly 25,000 compromised devices from all over the world were used in various attacks on small businesses.