18 Jan 2019

Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets

Due to a bug in Twitter for Android, the app has exposed the private Tweets of an unknown number of users for over 4 years. The issue caused the app to make changes to the accounts of affected users, such as turning off the “Protect your Tweets” setting. The bug

Read More
17 Jan 2019

Massive Oklahoma Government Data Leak Exposes 7 Years of FBI Investigations

In the latest data leak stemming from an unsecured web server, 3 terabytes of data belonging to the Oklahoma Securities Commission has been found exposed to the Internet. The millions of unencrypted files included highly sensitive government information, such as details of FBI investigations, email archives and social security numbers. An UpGuard

Read More
17 Jan 2019

An Astonishing 773 Million Records Exposed in Monster Breach

A data set containing a whopping 772,904,991 email addresses and more than 21 million passwords has been found on a hacker forum by a security researcher. The data set, dubbed Collection #1, was first reported by Troy Hunt, the researcher behind Have I Been Pwned, a website where people can check

Read More
17 Jan 2019

Over 140 International Airlines Affected by Major Security Breach

A security researcher with Safety Detective has found a major security flaw in Amadeus, a ticket booking system covering 44% of worldwide online flight ticket reservations. The flaw, which has been fixed, could have allowed threat actors to gain access to flight booking information and even change details of bookings

Read More
17 Jan 2019

VOIPO Database Exposes Millions of Texts, Call Logs

Once again a major data leak has happened due to a misconfigured server. This time, a security researcher found an ElasticSearch database that had been exposing millions of call logs, SMS/MMS logs, and plaintext names, login credentials and API keys for internal systems to the Internet for over half a year. Threat actors

Read More
14 Jan 2019

NASA internal app leaked employee emails, project names

A NASA server running Jira, an application used by the space agency to track internal bugs for apps and projects, was leaking sensitive information including staff usernames, names and project names last year. Bug hunter Avinash Jain detected and reported the issue in early September 2018, but NASA only fixed the

Read More
11 Jan 2019

CVs containing sensitive info of over 202 million Chinese users left exposed online

Once again a security research has discovered an unsecured database that left sensitive information affecting millions of people exposed online. Instances like this are increasingly common since more and more organizations are storing data online, quite often without following proper security practices. In this case, Bob Diachenko of Hacken Proof

Read More