CNN reports: A researcher says the Pentagon exposed huge amounts of web-monitoring data in a security failure. Anyone with a free Amazon Web Services account could have looked at the hoard of information stored in the cloud by the U.S. Defense Department, according to Chris Vickery, a researcher at cybersecurity firm UpGuard who discovered the exposure. Read more…
Category: Of Note
Google: Our hunt for hackers reveals phishing is far deadlier than data breaches
Liam Tung reports: Google has released the results of a year-long investigation into Gmail account hijacking, which finds that phishing is far riskier for users than data breaches, because of the additional information phishers collect. Hardly a week goes by without a new data breach being discovered, exposing victims to account hijacking if they used…
Eavesdropper: The Mobile Vulnerability Exposing Millions of Conversations
Michael Bentley writes: Appthority has discovered a significant data exposure vulnerability we’ve named Eavesdropper that affects almost 700 apps in enterprise environments. The vulnerability is caused by including hard coded credentials in mobile applications that are using the Twilio Rest API or SDK. By hard coding their credentials, the developers have effectively given global access…
Cracking the Code
Jason Leopold reports: One late morning in May 2016, the leaders of the Democratic National Committee huddled around a packed conference table and stared at Robert Johnston. The former Marine Corps captain gave his briefing with unemotional military precision, but what he said was so unnerving that a high-level DNC official curled up in a…
Exclusive: Government attempt to compromise us with NIT failed – TheDarkOverlord
In an exclusive interview with DataBreaches.net, TheDarkOverlord discusses government attempts to compromise them and the commercial success of their operations. While reporting on TheDarkOverlord hack involving the information of Flathead, Montana students, Matt Hoffman of the Billings Gazette included a somewhat surprising detail: At one point, unsuccessful raids were conducted in London attempting to locate hackers,…
“We’ve maintained access to Line 204’s network for a year” – TheDarkOverlord
First it was Larson Studios. Then an attempt to extort its clients, like Netflix. And now it’s Line 204. Lest there be any doubt, TheDarkOverlord wants you to know it is serious about attacking Hollywood “with prejudice.” And despite what Line 204’s owner claimed, the hack on Line 204 was not last week. It occurred…