Pierluigi Paganini
July 01, 2018
Security expert Vinny Troia has found a huge trove of data belonging to millions of Americans that were left unsecured online. The security researcher Vinny Troia was analyzing the level of security for Elasticsearch installs exposed online when discovered millions of records belonging to Americans that were left unsecured online. The expert used Shodan to find U.S. […]
Pierluigi Paganini
June 30, 2018
Experts discovered a third-party quiz app, called NameTests, that was found exposing data of up to 120 million Facebook users. A bug on the Nametests.com exposed data of over 120 million users who took personality quizzes on Facebook, the good news is that the flaw was addressed as part of the Facebook’s Data Abuse Bounty Program launched […]
Pierluigi Paganini
June 04, 2018
Security experts reported widespread Google Groups misconfiguration exposes sensitive information. Administrators of organizations using Google Groups and G Suite must review their configuration to avoid the leakage of internal information. Security researchers from Kenna Security have recently discovered that 31 percent of 9,600 organizations analyzed is leaking sensitive e-mail information. The list of affected entities also includes […]
Pierluigi Paganini
May 27, 2018
A flaw in T-Mobile’s website allowed anyone to access the personal account details of any customer by providing their mobile number. The bug discovered by the researcher Ryan Stevenson resides in the T-Mobile subdomain promotool.t-mobile.com used by the staff as a customer care portal to access the company’s internal tools. The promotool.t-mobile.com subdomain contained a hidden API that would […]
Pierluigi Paganini
May 19, 2018
FireEye iSIGHT Intelligence discovered on the underground market a dataset allegedly containing 200 million unique sets of personally identifiable information stolen from several popular Japanese websites. Security experts from FireEye iSIGHT Intelligence have discovered on underground forums a dataset allegedly containing 200 million unique sets of personally identifiable information (PII) stolen from several popular Japanese website databases. It’s […]
Pierluigi Paganini
May 13, 2018
The EE operator, the British largest cell network in the UK with some 30 million customers, has left a critical code system exposed online with a default password. EE, a British mobile network giant owned by BT Group has been accused of leaving a critical code repository on an open-source tool protected by a default username and […]
Pierluigi Paganini
May 12, 2018
Security researchers from Kromtech Security discovered a MongoDB install belonging to the Russian-based video surveillance firm Did iVideon open online. The database included personal information for over 825,000 subscribers and partners. Leaked records include logins, email addresses, password hashes, server names, domain names, IP addresses, sub accounts, software settings, and payment settings information (we did not see any credit card […]
Pierluigi Paganini
May 11, 2018
Trello, when an error in the publishing strategy is able to put at risk the private data of a huge community of unaware users. A “Security enthusiastic” found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from dozens of public Trello boards. Our […]
Pierluigi Paganini
May 03, 2018
Twitter is urging all of its more than 330 million users to change their passwords after a bug exposed them in plain text on internal systems. Twitter is urging its users to immediately change their passwords after a glitch caused some of them to be stored in plain text. We are sharing this information to […]
Pierluigi Paganini
April 30, 2018
Security experts at Kromtech discovered a MongoDB exposed personal details of 25,000 users tied to the Bezop cryptocurrency. Security researchers at cybersecurity firm Kromtech have discovered a MongoDB database containing the personal details of over 25,000 Bezop (BEZ) cryptocurrency users. There are 1384 cryptocurrencies as of Jan 2018. One of them had a database of 25K active […]
