Pierluigi Paganini
May 12, 2018
Security researchers from Kromtech Security discovered a MongoDB install belonging to the Russian-based video surveillance firm Did iVideon open online. The database included personal information for over 825,000 subscribers and partners. Leaked records include logins, email addresses, password hashes, server names, domain names, IP addresses, sub accounts, software settings, and payment settings information (we did not see any credit card […]
Pierluigi Paganini
May 11, 2018
Trello, when an error in the publishing strategy is able to put at risk the private data of a huge community of unaware users. A âSecurity enthusiasticâ found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from dozens of public Trello boards. Our […]
Pierluigi Paganini
May 03, 2018
Twitter is urging all of its more than 330 million users to change their passwords after a bug exposed them in plain text on internal systems. Twitter is urging its users to immediately change their passwords after a glitch caused some of them to be stored in plain text. We are sharing this information to […]
Pierluigi Paganini
April 30, 2018
Security experts at Kromtech discovered a MongoDB exposed personal details of 25,000 users tied to the Bezop cryptocurrency. Security researchers at cybersecurity firm Kromtech have discovered a MongoDB database containing the personal details of over 25,000 Bezop (BEZ) cryptocurrency users. There are 1384 cryptocurrencies as of Jan 2018. One of them had a database of 25K active […]
Pierluigi Paganini
April 26, 2018
Researchers at Trustwave have discovered that Western Digital My Cloud EX2 storage devices leak files. Security experts at Trustwave have discovered that Western Digital My Cloud EX2 storage devices leak files on a local network by default. The situation gets worse if users configure the device for remote access and expose them online, in this […]
Pierluigi Paganini
April 23, 2018
An IT professional has discovered that the US healthcare company Health Stream left exposed online contact information for roughly 10,000 medics. The IT expert Brian Wethern has discovered that the US healthcare company Health Stream left exposed online a database containing contact information for roughly 10,000 medics. Wethern reported his discovery to Health Stream ten days ago, he explained that […]
Pierluigi Paganini
April 19, 2018
The private intelligence agency LocalBlox has left unsecured online an AWS bucket containing 48 million records that were also harvested from Facebook, LinkedIn, and Twitter. Oops … another data breach made the headlines and once again it was discovered by data leak hunters at Upguard. The private intelligence agency LocalBlox has left unsecured online an AWS […]
Pierluigi Paganini
April 15, 2018
TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak, 46000 people’s data store on an AWS bucked were left on accessible online, including driving licenses and passports. Let’s speak about a new data breach, this time the victim is TrueMove H, the biggest 4G mobile operator in Thailand. The operator exposed online […]
Pierluigi Paganini
April 04, 2018
The website belonging to the Panera Bread restaurant chain, Panerabread.com, exposed personal information in plain text for months. The company has more than 2,100 retail locations in the United States and Canada, its customers could order food online for pickup in stores or for delivery. Panera Bread exposed the data at least for eight months after […]
Pierluigi Paganini
April 02, 2018
The security researcher Dhiraj Mishra (@mishradhiraj_) has studied how VPNs & Privacy Browsers leak users’ IPs via WebRTC Hi Internet, You might have heard about VPN’s & Privacy Browsers leaking users’ IPs via WebRTC [1] [2] Summary: Got CVE-2018-6849 reserved, wrote a Metasploit Module for this issue which uses WebRTC and collects the leak private IP address, however this module may […]
