Misconfigurations in Artwork Archive, a platform used to connect artists to potential buyers, allegedly led to a data leak in which the personally identifiable information (PII) of users was exposed. The WizCase team reported that they discovered a misconfigured Amazon S3 bucket belonging to the platform. The researchers stated that
More than one billion records pertaining to customers at CVS have been exposed due to a misconfiguration error on the service’s cloud database. The database was left unprotected, without a password required to access the sensitive data. The leak was discovered by researcher Jeremiah Fowler, who determined the size of
A misconfigured database has allegedly exposed a coordinated scheme by Amazon vendors to boost product ratings through utilizing fake accounts and reviews. Security researchers at SafetyDetectives located a China-based Elasticsearch server that was exposed to the public online, lacking any password protection or encryption. After looking further into the exposed
The Defense Intelligence Agency (DIA) currently uses an old system called the Modernized Intelligence Database (MIDB) to store and retrieve information on foreign intelligence – everything from Country order-of-battles (tanks, airplanes, etc.), infrastructures (runways, ports, etc.) to general foreign military capabilities. They will replace it with a system called the Machine-Assisted Analytic Rapid-Repository System (MARS). As they do, will they leverage the great capabilities of American industry or seek to code things themselves?
A data breach at a legal software provider has reportedly affected over 190 law firms, according to the organization that discovered it, TurgenSec. The beach was publicly disclosed on April 27, and TurgenSec reports that the identities of the ownr3 of the database and affected parties have become public knowledge.
Indian airline SpiceJet has been hit by a cyberattack resulting in a massive data breach, exposing the personal information of over a million of its passengers. The computer system of the airline was compromised last month when a security researcher used brute force attack to gain access to an unencrypted