vpnMentor researchers discovered an unsecured server belonging to the Chinese e-store LightInTheBox.com containing 1.3TB of web server logs. Infosec researchers have uncovered an unsecured Elasticsearch database containing 1.3TB of web server log entries held by Chinese e-commerce website LightInTheBox.com. LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its […]
Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019. The company collected […]
Facebook informed its employees that hard drives containing information about its workers’ payroll were stolen from a car last month. On Friday, Facebook announced that hard drives containing information about its workers’ payroll were stolen from a car last month. According to the company, a thief stole unencrypted hard drives containing banking data belonging to […]
Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products. Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers. The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions. The three vulnerabilities are: The first […]
NPM, the biggest package manager for JavaScript libraries, has addressed a vulnerability that could be exploited to execute “binary planting” attacks. NPM maintainers have addressed a vulnerability that could allow a package publisher to modify and/or gain access to arbitrary files on a userâs system when the package is installed, so-called “binary planting” attacks. The vulnerability […]
New evidence suggests that in the recent attack against the systems at the City of New Orleans was used the Ryuk ransomware. Over the weekend, New Orleans officials announced in a press conference that the city was hit by a ransomware attack, the incident was discovered in the morning of December 13, 2019. The IT […]
From iPhone to NT AUTHORITY\SYSTEM – As promised in my previous post, I will show you how to exploit the âPrintconfigâ dll with a real world example. But what does Appleâs iPhone have to do with it?? Well, keep on readingâŠÂ (sorry no) Some time ago, me and my âbusiness partnerâ @padovah4ck, were looking for possible privileged […]
Iran telecommunications minister announced that for the second time in a week Iran has foiled a cyber attack against its infrastructure. Iran has foiled a new cyber-attack, the country’s telecommunications minister Mohammad Javad Azari-Jahromi says. A few days ago, the Iranian telecommunications minister Mohammad Javad Azari Jahromi, announced that the Islamic Republic had recently thwarted […]
The largest hospital in New Jersey announced on Friday that a ransomware attack last week disrupted its network and that it paid a ransom. The largest hospital in New Jersey, the Hackensack Meridian Health, was the victim of a ransomware attack last week that disrupted its network, the IT staff decided to pay the ransom […]
Rooster Teeth Productions has suffered a data breach that exposed payment card information from shoppers on the company’s online store. The popular production company Rooster Teeth Productions has suffered a data breach, hackers have stolen credit card and other payment data from users that made purchases on the company’s online store. Rooster Teeth Productions, LLCÂ is […]