Organizations Expose Sensitive Data via Malware Analysis Sandboxes
Companies are leaking data by uploading sensitive files to online malware analysis sandboxes that verify if the documents are safe, but may also make them publicly accessible, a recent Cyjax study found.
Researchers scrutinized three popular online malware analysis solutions, all of which let users access certain files that were uploaded by others. Over a period of three days, hundreds of invoices and purchase orders were available on the public feeds of the sandbox services. The researchers also found resumes, passport copies as well as health care and legal documents containing personally identifying information (PII).