Category

Policy Enforcement

Policy Enforcement page 1

Prestige Software data leak misconfigured storage

Prestige Software hotel reservation system Data Leak

Approximately a whopping 25 GB of sensitive personal information was leaked on the net from a misconfigured AWS S3 bucket of Prestige Software. The company is based in Barcelona, Spain that caters to software-based solutions mostly for Cloud Hospitality. The company’s few well-known clients are Expedia, Amadeus, Booking.com, Hotels.com, Agoda, Omnibees, and other similar businesses...
Continue Reading
hospitals healthcare ryuk trickbot ransomware malware trojan

Hospitals still targeted by the Ryuk Trickbot Ransomware

With the ongoing battle with the Covid-19 pandemic, so is the exploitation of many health institutions being compromised by many adversaries. On the recently submitted report, which is based on the collaborative investigation performed by Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation, and Department of Health and Human Services of the United...
Continue Reading
iranian hackers US voter's data hacking FBI

State-sponsored Iranian Hackers infiltrated and stole US Voter’s Data

A recent advisory from the United States Cybersecurity Agency reveals another alarming incident related to US election activities. It was known that a group of Iranian hackers infiltrated and accessed a large number of US voters’ registration information and attempted to access similar contents from other states. According to undisclosed sources, the attacks were coordinated,...
Continue Reading
true social media mobile app compromised data exposed database

True social media mobile app exposed private data and messages

The True social media mobile app that prides itself on protecting user privacy had a security lapse that left their servers exposed to the public. The spilled private data were left for anyone on the internet to read. The social media mobile app was launched in 2017 by Hello Mobile, a small virtual cell carrier...
Continue Reading
Pfizer customer prescription call transcript data leak compromised data

Pharma Giant Pfizer leaks customer prescription info, call transcripts

Cybersecurity Researchers have uncovered a misconfigured Google Cloud Storage bucket that belongs to a Pharma giant, Pfizer. The newly discovered leak holds private medical data of hundreds of patients that take various Pfizer drugs such as Lyrica, Chantix, Viagra, and other cancer treatment drugs. Moreover, the exposed data also includes conversations from Pfizer’s Interactive Voice...
Continue Reading
finfisher surveillance spyware germany malware

FinFisher tech firm raided by Authorities over Spyware claims

A Munich-based company, FinFisher, was raided by the German investigating authorities because of alleged illegal exporting of its software outside UE, including Turkey. FinFisher is the firm behind the commercial surveillance spyware dubbed as “FinSpy.” This software is a spying tool that was legitimately intended for Law enforcement investigation and intelligence agencies. Its well-known customers include...
Continue Reading
Operation SideCopy Report Espionage Indian Army indie apt actor

Operation SideCopy Report – Espionage against the Indian Army?

A recent analysis report from an Indian cybersecurity expert exposed an over a year of surveillance by an unknown adversary targeting the Indian government – specifically its military service and notable defense organization. They named the report as – Operation SideCopy. According to the report, the adversary had used a different methodology to pursue its...
Continue Reading
fitbit spyware intrusion social engineering malware mobile app

Fitbit just got fitted with Spyware for social engineering attack

The infamous mobile exercise and fitness app Fitbit was just given a rather “malicious” upgrade. Call it an alarming discovery from a security researcher, who found out that hackers and other threat actors can spike the app with malware, powerful enough to phish out personal and other information from its user. Fitbit advertises their app...
Continue Reading
Public Health Wales data leak compromised data infosec information security privacy

Public Health Wales says data of 18,000 COVID patients accidentally published

On August 30, 2020, the Public Health Wales (PHW), a private health organization, has posted accidentally of more than 18,000 patients’ information on their website. The information has been available from 2 PM until the morning of 10 AM before it was taken down. According to the report, the information was viewed publicly by 56...
Continue Reading
tutanota email distributed denial of service dns ddos

Tutanota encrypted email service suffers DDoS Attack

Series of distributed denial of service (DDoS) was experienced by Tutanota mid of this month. The attack was able to completely halt its use entirely and affects over 2 million of its users. Unknown cyber attackers not only attack the company itself but also spread its malicious activity to the DNS provider of the company,...
Continue Reading
1 2 3 5