Atlassian Zero-day Vulnerability Exposed
Earlier this week, a cybersecurity Twitter account inadvertently revealed a zero-day vulnerability flaw affecting software company Atlassian. According to @SwiftOnSecurity, Atlassian provided a domain that resolved to a local server with a common SSL certificate for its Confluence cloud service. This vulnerability would allow anyone with sufficient technical knowledge to conduct a man-in-the-middle attack, redirecting […]
Sprint Contractor Left AWS Bucket Containing Thousands Of Mobile Phone Bills Exposed
It has been reported that a contractor working for mobile giant Sprint stored hundreds of thousands of cell phone bills of AT&T, Verizon and T-Mobile subscribers on an unprotected cloud server. The AWS storage bucket had more than 261,300 documents, the vast majority of which were phone bills belonging to cell subscribers dating as far […]
Security Expert On Sweaty Betty’s eCommerce Data Breach
Experts commented below on Sweaty Betty’s data breach caused by cyber-criminals inserting malicious code into its eCommerce website to capture customer card details during the checkout process.
Security Experts On Report Highlights Nation-State Cyberthreats Facing SMBs In 2020
Cybersecurity firm AppRiver released its Q4 Cyberthreat Index for Business Survey, highlighting the threats facing small- and medium-sized businesses (SMBs) as we transition into 2020. The survey features the opinions of more than 1,000 cybersecurity officials working at SMBs throughout the United States. According to the survey, 93% of all executives think nation-states outside of […]
Comments On HackerOne Breach Lets Outside Hacker Read Customers’ Private Bug Reports
HackerOne, a leading vulnerability reporting platform that has paid hackers more than $23M on behalf of 100+ customers, has paid a $20,000 bounty out of its own pocket after accidentally giving an outside hacker the ability to read and modify some customer bug reports. The outsider was a HackerOne community member who had a proven track record […]
Security Expert Re: Data Care Act introduced To Help Protect Consumers’ Personal Data Online
The Data Care Act was introduced in the Senate on Tuesday, to add a new layer of accountability for companies that fail to secure users’ personal data online. Senators Renew Effort to Safeguard People’s Data Online The bill would make companies subject to fines from the Federal Trade Commission if they poorly protect data.
Security Expert On Nebraska Medicine’s Insider Data Breach
It is being reported that Nebraska Medicine’s data breach caused by former employee accessing sensitive patient data. The demographic information of patients that may have been exposed includes names, dates of birth, medical record numbers, Social Security numbers, driver’s license numbers, and clinical information. Hospital network Nebraska Medicine has disclosed a data #breach after a […]
New Crypto-cracking Record – Expert Comments
Ars Technica has reported that a group of international researchers have reached a new milestone in the annals of cryptography with the factoring of the largest RSA key size ever computed and a matching computation of the largest-ever integer discrete logarithm. New records of this type occur regularly as the performance of computer hardware increases over time. […]
