Pierluigi Paganini
December 14, 2020
Last week, ZDnet reported in an exclusive that the tech unicorn UiPath admitted having accidentally exposed the personal details of some users. UiPath is a leading Robotic Process Automation vendor providing a complete software platform to help organizations efficiently automate business processes. The startup started reporting the security incident to its customers that had their data […]
Pierluigi Paganini
December 11, 2020
Spotify is informing users that their personal information might have been accidentally shared with some of its business partners. Spotify is informing users that their personal information might have been inadvertently shared with some of its business partners for several months. The company filed a notice of breach notice with the California Attorney General. “We deeply regret […]
Pierluigi Paganini
November 27, 2020
The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. This vulnerability resides in an improper limitation of a pathname to a restricted directory […]
Pierluigi Paganini
November 27, 2020
The personal and health details of more than 16 million Brazilian COVID-19 patients, including Government representatives, have been exposed online. Personal and health details of more than 16 million Brazilian COVID-19 patients has been accidentally exposed online due to an error of an employee of a Brazilian hospital. An employee of Albert Einstein Hospital in Sao Paolo […]
Pierluigi Paganini
November 26, 2020
The cyber-security firm Sophos is notifying customers via email about a security breach that took place earlier this week. ZDNet reported that the cyber-security firm Sophos is notifying customers via email about a security breach, the company became aware ot the incident on November 24. “On November 24, 2020, Sophos was advised of an access […]
Pierluigi Paganini
November 24, 2020
Two Baidu Android apps have been removed from the Google Play Store in October after they’ve been caught collecting sensitive user details. Two apps belonging to Chinese tech giant Baidu, Baidu Maps and Baidu Search Box, have been removed from the Google Play Store at the end of October after they’ve been caught collecting sensitive […]
Pierluigi Paganini
November 16, 2020
Researchers discovered an ElasticSearch database exposed online that contained data for over 100000 compromised Facebook accounts. Researchers at vpnMentor discovered an ElasticSearch database exposed online that contained an archive of over 100.000 compromised Facebook accounts. The archive was used by crooks as part of a global hacking campaign against users of the social network. “We […]
Pierluigi Paganini
November 11, 2020
The alleged decompiled source code for the Cobalt Strike post-exploitation toolkit has been leaked online in a GitHub repository. The decompiled source code for the Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Cobalt Strike is a legitimate penetration testing toolkit and threat emulation software that allows attackers to deploy […]
Pierluigi Paganini
November 10, 2020
Millions of hotel guests worldwide were impacted by a data leak caused by a misconfigured S3 bucket used by Prestige Software’s Cloud Hospitality. Researchers at Website Planet discovered a misconfigured S3 bucket used by the Prestige Software’s Cloud Hospitality that exposed millions of hotel guests worldwide. The reservation system Prestige Software’s “Cloud Hospitality” allows operators […]
Pierluigi Paganini
October 20, 2020
Researchers discovered that MMO game Street Mobster is leaking data of 1.9 million users due to SQL Injection critical vulnerability. Attackers could exploit the SQL Injection flaw to compromise the game’s database and steal user data. Original Post: https://cybernews.com/street-mobster-game-leaking-data-of-2-million-players The CyberNews.com Investigation team discovered a critical vulnerability in Street Mobster, a browser-based massively multiplayer online […]
