Since 2015, this site has been reporting on data leaks due to misconfigured databases or devices that are indexed on shodan.io or other specialized search engines. Many of the leaks I have reported on involve AWS S3 buckets. And despite the fact that Amazon has issued reminders and guidance to its customers about securing buckets,…
Category: Commentaries and Analyses
Protenus releases its Breach Barometer report for September
You can access their report here. Once again, we saw insider wrongdoing breaches taking a long time to discover. Hacking accounted for 50% of the 46 breaches we recorded for the month, and eight of the hacks also involved extortion demands. If you’re thinking, “That sounds like TheDarkOverlord,” give yourself a pat on the back….
UK: NHS data loss scandal deepens with further 162,000 files missing
Rajeev Syal and Denis Campbell report: The scandal over the biggest ever loss of NHS medical correspondence has deepened with the revelation that a further 162,000 documents went missing, in addition to the 702,000 pieces of paperwork already known to have gone astray. MPs said they were “dumbstruck” to learn that even more material relating…
Chase Brexton Health Care notifies more than 16,000 patients after phishing incident
Chase Brexton Health Care in Maryland recently notified 16,562 patients after four employees fell for a phishing attack. The phishing emails were sent on August 2 and 3, and by August 4, the attackers had re-routed employees’ paychecks. Of note, there was no evidence that the attackers were seeking – or ever accessed or viewed –…
New attack works against all WPA2 WiFi networks: Android & Linux most vulnerable, but iOS and macOS too
Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can…
Ransomware On The Rise: Dark Web Market Demand Up 2,500%
AJ Dellinger reports: The demand for ransomware attacks on dark web skyrocketed in the last year, with the marketplace showing a growth of more than 2,500 percent, according to a new report. United States-based cybersecurity company Carbon Black published a study titled “the Ransomware Economy” earlier this week that shows ransomware attacks are becoming increasingly…