NTreatment, a technology company that manages electronic health and patient records for doctors and psychiatrists, left thousands of sensitive health records exposed to the internet because one of its cloud servers wasn’t protected with a password. The cloud storage server was hosted on Microsoft Azure and contained 109,000 files, a large portion of which contained lab test results from third-party providers like LabCorp, medical records, doctor’s notes, insurance claims, and other sensitive health data for patients across the U.S.
Author: ISBuzz Team
Some of the world’s most popular singers have had their Spotify pages defaced by a hacker who posted messages about Donald Trump and Taylor Swift including Lana Del Rey and Dua Lipa had their biographies replaced by the attacker. Daniel, the hacker, replaced these photos with photos of himself. The attacker also asked people to add him on Snapchat, and added the words “Trump 2020”. In News: https://www.bbc.co.uk/news/technology-55158317
It has been reported that Google Project Zero security researcher Ian Beer has revealed that, until May, a variety of Apple iPhones and other iOS devices were vulnerable to an incredible exploit that could let attackers remotely reboot and take complete control of their devices from a distance — including reading emails and other messages, downloading photos, and even potentially watching and listening to you through the iPhone’s microphone and camera.
It was reported that the nonprofit U.S. healthcare provider AspenPointe has notified patients of a data breach. In a media statement, AspenPointe said they discovered unauthorised access to their network in September 2020. The patients affected are over 295K.
Public key infrastructure (PKI) is a core building block of IT in an enterprise, providing secure digital identities for people, devices, and applications. Many organizations build and deploy their own PKI to support things like data protection and network authentication. Furthermore, PKI today is expected to support new use cases like the Internet of Things (IoT), DevOps and Cloud initiatives. But, if PKI is so critical to enterprise security, then why do so many PKI deployments fail?
It has been reported that a new security analysis of 4 million container images hosted on the Docker Hub repository revealed that over half contained at least one critical vulnerability and thousands contained malware or potentially harmful applications.
A Cayman Islands-based investment fund has exposed its entire backups to the internet after failing to properly configure a secure Microsoft Azure blob.
Towards the end of 2017, there was a major shift in the malware scene. As cloud-based technologies became more popular, cybercrime gangs began targeting Docker and Kubernetes systems. Most of these attacks followed a very simple pattern where threat actors scanned for misconfigured systems that had admin interfaces exposed online in order to take over servers and deploy cryptocurrency-mining malware. Over the past three years, these attacks have intensified, and new malware strains and threat actors targeting Docker (and Kubernetes) are now being discovered on a regular basis. But despite the fact that malware attacks on Docker servers are…
In response to new research that the DarkIRC bot exploits recent Oracle WebLogic vulnerability to drop attacks such as a browser stealer, a keylogger, a Bitcoin Clipper, a worm and other threats, cybersecurity experts offer perspective below.
Homebase CEO has been the victim of a sophisticated social media scam. The spoof targets Christmas shoppers and could have damaging effects on the Homebase brand.
