Pierluigi Paganini
January 05, 2018
The Tribune announced to have “purchased” a service that provided it an unrestricted access to the residents’ records in the Aadhaar system. According to The Tribune, hackers have breached the Unique Identification Authority of India’s Aadhaar biometric system and gained access to personally identifiable information (i.e. names, addresses, phone numbers) of more than 1 billion […]
Pierluigi Paganini
December 29, 2017
The popular expert Troy Hunt notified the Ancestry.com security team of an unsecured file on a RootsWeb server containing “email addresses/username and password combinations as well as usernames from a RootsWeb.com server”. When you think of personal security questions, you might think of your mother’s surname or other family information that normally isn’t shared — […]
Pierluigi Paganini
December 16, 2017
Voter registration data for more than 19 million California residents stored in an unsecured MongoDB instance has been deleted and held for ransom. Voter registration data for more than 19 million California residents that was stored in an unsecured MongoDB database has been deleted and held for ransom by attackers. The incident was discovered by researchers at […]
Pierluigi Paganini
December 12, 2017
A 41-gigabyte archive containing 1.4 Billion credentials in clear text was found in dark web, it had been updated at the end of November. Another monster data dump was found online, the huge archive contains over 1.4 billion email addresses, passwords, and other credentials in clear text. The huge trove of data, a 41-gigabyte archive, has been […]
Pierluigi Paganini
December 06, 2017
Another day, another clamorous data breach, this time let’s discuss a data breach that exposes personal data collected by the Keyboard App AI.type. This story reminds us that every time we download an app we are enlarging our surface of attack, in the majority of cases we are not aware of exact amount of data they […]
Pierluigi Paganini
December 02, 2017
In an astonishing move, Anonymous leak public sector entities infrastructure topology data for the people of Brazil in the midst of Lava Jato scandal. The compromised data includes IP addresses from the public sector, ranging law enforcement agencies and local municipality. This data leak comes at a moment where a strong fight against corruption is […]
Pierluigi Paganini
November 28, 2017
The experts from the security firm UpGuard have discovered another S3 bucket containing documents from INSCOM, that is a joint US Army and NSA agency. A couple of weeks ago sensitive data from the US Army’s CENTCOM and PACOM divisions was exposed on an unsecured Amazon S3 bucket, experts from the security firm UpGuard found terabytes of US military social media […]
Pierluigi Paganini
November 24, 2017
Mozilla developer revealed the Firefox browser will soon include a new feature to notify users who visit sites that suffered a data breach Firefox browser is going to introduce a new security feature to make the users’ experience online more secure, it will warn users if they visit websites that have experienced data breaches. The news was […]
Pierluigi Paganini
November 20, 2017
According to the Unique Identification Authority of India (UIDAI), details for Aadhaar system were displayed on 210 government websites. The state government websites publicly displayed personal details such as names and addresses of Aadhaar users. The Aadhaar system is the world’s largest biometric ID system, with over 1.123 billion enrolled members as of 28 February 2017. The role of the […]
Pierluigi Paganini
November 18, 2017
Three AWS S3 buckets containing dozen of terabytes resulting from surveillance on US social media were left wide open online. It has happened again, other three AWS S3 buckets containing dozen of terabytes resulting from surveillance on US social media were left wide open online. The misconfigured AWS S3 buckets contain social media posts and similar pages […]
