Earlier this week, a cybersecurity Twitter account inadvertently revealed a zero-day vulnerability flaw affecting software company Atlassian. According to @SwiftOnSecurity, Atlassian provided a domain that resolved to a local server with a common SSL certificate for its Confluence cloud service. This vulnerability would allow anyone with sufficient technical knowledge to conduct a man-in-the-middle attack, redirecting […]
It has been reported that a contractor working for mobile giant Sprint stored hundreds of thousands of cell phone bills of AT&T, Verizon and T-Mobile subscribers on an unprotected cloud server. The AWS storage bucket had more than 261,300 documents, the vast majority of which were phone bills belonging to cell subscribers dating as far […]
Experts commented below on Sweaty Betty’s data breach caused by cyber-criminals inserting malicious code into its eCommerce website to capture customer card details during the checkout process.
Cybersecurity firm AppRiver released its Q4 Cyberthreat Index for Business Survey, highlighting the threats facing small- and medium-sized businesses (SMBs) as we transition into 2020. The survey features the opinions of more than 1,000 cybersecurity officials working at SMBs throughout the United States. According to the survey, 93% of all executives think nation-states outside of […]
HackerOne, a leading vulnerability reporting platform that has paid hackers more than $23M on behalf of 100+ customers, has paid a $20,000 bounty out of its own pocket after accidentally giving an outside hacker the ability to read and modify some customer bug reports. The outsider was a HackerOne community member who had a proven track record […]
The Data Care Act was introduced in the Senate on Tuesday, to add a new layer of accountability for companies that fail to secure users’ personal data online. Senators Renew Effort to Safeguard People’s Data Online The bill would make companies subject to fines from the Federal Trade Commission if they poorly protect data.
It is being reported that Nebraska Medicine’s data breach caused by former employee accessing sensitive patient data. The demographic information of patients that may have been exposed includes names, dates of birth, medical record numbers, Social Security numbers, driver’s license numbers, and clinical information. Hospital network Nebraska Medicine has disclosed a data #breach after a […]
Ars Technica has reported that a group of international researchers have reached a new milestone in the annals of cryptography with the factoring of the largest RSA key size ever computed and a matching computation of the largest-ever integer discrete logarithm. New records of this type occur regularly as the performance of computer hardware increases over time. […]