-
Over 1,000 ServiceNow instances found leaking corporate KB data
Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.
- September 17, 2024
- 05:00 AM
1
-
FlightAware configuration error leaked user data for years
Flight tracking platform FlightAware is asking some users to reset their account login passwords due to a data security incident that may have exposed personal information.
- August 19, 2024
- 10:05 AM
3
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
OWASP discloses data breach caused by wiki misconfiguration
The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server.
- April 01, 2024
- 03:25 PM
- 0
-
Misconfigured Firebase instances leaked 19 million plaintext passwords
Three cybersecurity researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase, a Google platform for hosting databases, cloud computing, and app development.
- March 19, 2024
- 07:25 PM
- 2
-
Researchers expose Microsoft SCCM misconfigs usable in cyberattacks
Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller.
- March 11, 2024
- 03:15 PM
- 0
-
Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts.
- March 06, 2024
- 07:09 AM
- 0
-
CISA shares vulnerabilities, misconfigs used by ransomware gangs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware gangs, aiming to help critical infrastructure organizations thwart their attacks.
- October 13, 2023
- 10:55 AM
- 0
-
NSA and CISA reveal top 10 cybersecurity misconfigurations
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations.
- October 05, 2023
- 02:08 PM
- 0
-
Bing search results hijacked via misconfigured Microsoft app
A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS attacks to potentially breach the accounts of Office 365 users.
- March 30, 2023
- 01:05 PM
- 0
