Security News
HarperDB releases HarperDB Cloud, its fully managed and hosted cloud offering. HarperDB Cloud instances can be spun up in minutes, featuring a built-in API, ACID compliant SQL and NoSQL capabilities, and standard interfaces for connecting to reporting and analysis tools.
Security researchers at vpnMentor found Kinomap's dribbly database during the firm's ongoing web-mapping project. You might have to pay for the subscription service to immerse you in forest greenery, but if you knew where to look, you wouldn't need to pay anything at all to get at the 42 million Kinomap users' records that the researchers found.
This solution is the first to integrate cloud applications and databases with legacy on-premises Hardware Security Modules to provide data security optimized for on-premises, public cloud and hybrid cloud environments. Fortanix is offering free licenses for the Fortanix HSM Gateway to new Fortanix customers with legacy HSMs that want to try this new path to flexible, comprehensive, cloud-friendly data security.
Researchers have found a database of Zoom video conferencing credentials ranging from just an email and password to also include meeting IDs, names and host keys. The latter is possible because Zoom users are remarkably lax about protecting the details - and of course it could be just a small subset of a larger collection of credentials not made available to others.
An exposed Amazon Web Services S3 bucket belonging to RigUp was found to expose tens of thousands of private files belonging to organizations and individuals in the U.S. energy sector, vpnMentor reports. Founded in 2014, United States-based RigUp is a labor marketplace and services provider for the country's energy sector.
A rival hacking forum has yet again hacked OGUsers - the second time in a year - and yet again doxxed its database for one and all to grab, fast on the heels of the attack. OGUsers is a forum devoted to trading stolen Instagram, Twitter and other accounts, with a special place in its dark heart for hackers who like to trade SIM swappers' stolen phone numbers and Bitcoin accounts.
MariaDB announced the immediate availability of MariaDB SkySQL, the first database-as-a-service to unlock the full power of MariaDB Platform for transactions, analytics or both, and optimized with a cloud-native architecture. "Existing services, long in the tooth, lock out community innovation, meaning patches, new versions and features are missing for literally years. MariaDB SkySQL is a next-generation cloud database, built by the world's top database engineers in the industry, allowing organizations large and small to know they have an always-on partner to not only roll out new applications, but ensure a consistent and enduring quality of service."
A vulnerability addressed recently in the WPvivid Backup Plugin could be exploited to obtain all files of a WordPress website, web security company WebARX reveals. WPvivid Backup Plugin is a free and open-source plugin that allows users to easily backup, migrate, and restore their WordPress installations to new hosts, or send backups to remote storage.
An Elasticsearch instance containing over 5 billion records of data leaked in previous cybersecurity incidents was found exposed to anyone with an Internet connection, Security Discovery reports. Most of the data, Diachenko says, appears to have been collected from previously known sources, but unrestricted access to such a collection would still represent a boon for cybercriminals, providing them with a great resource for phishing and identity theft.
Hackers have slurped biz comms customers' data from a database run by one of O2's largest UK partners. In an email sent to its customers, the partner, Aerial Direct, said that an unauthorised third party had been able to access customer data on 26 February through an external backup database, which included personal information on both current and expired subscribers from the last six years.