Microsoft accidentally internet-exposed for three weeks 250 million customer support records stored in five misconfigured Elasticsearch databases. While the company rapidly locked them down after being alerted, it's an embarrassing gaff for the technology giant, which has pledged to do better.
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.
The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent encryption; the cyberattack risks posed by IoT devices.
The security company Check Point has revealed several vulnerabilities in TikTok, the popular Chinese video app that has raised concerns lately from the U.S. military and lawmakers. The issues are fixed, and TikTok says it doesn't appear the issues were exploited for a breach.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
The U.S. Army reportedly is following the lead of the Navy in banning soldiers from using TikTok, a Chinese-made video sharing and social media app, on their government-issued phones.
Human error looks to be the obvious culprit in an accidental data breach by Britain's Cabinet Office, which published the home addresses of celebrities such as Elton John and Olivia Newton-John when it released a list of individuals set to be recognized for their contributions to British society.
Because open source components have known vulnerabilities, it's important for companies to invest in the right tools to help developers build the right applications, says Patrick Pitchappa of BNP Paribas banking group.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.
The user-friendly aspects of apps can enable malicious bots to infiltrate, says Eddie Doyle of Check Point Research, who offers insights on addressing the issue.
11 Best Practices to Minimize Risk and Protect Your Data
By now, we are all too aware of the consequences of a data breach:
Brand damage
Loss of customer confidence
Potentially costly litigation
Regulatory fines
However, most organizations are not as familiar with how to prevent these attacks. They still spend...
The Federal Bureau of Investigation warns that the photo-editing app FaceApp and other applications developed in Russia could be a "potential counter-intelligence threat" to the U.S.
Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.
An unsecure database belonging to PayMyTab, a company that provides U.S. restaurants with mobile payment apps and devices, left payment card and other customer data exposed, according to a new report from two independent security researchers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
