Security News

Source Code From Major Firms Leaked via Unprotected DevOps Infrastructure
2020-07-28 11:31

Source code belonging to tens of companies, including several major organizations, has been leaked online after it was found on unprotected DevOps infrastructure. Kottmann told SecurityWeek that the source code they've made public, much of which appears to be proprietary, mostly comes from improperly configured or exposed DevOps infrastructure.

7 VPNs that leaked their logs – logs that weren’t even supposed to exist
2020-07-20 16:58

VPNs are all the rage these days, because they're supposed to boost your privacy and stop you being tracked. Many VPNs tell you that "They don't keep any logs at all", and therefore that they would have nothing on you that they could hand over to law enforcement even if they wanted to.

Leaked Details of 142 Million MGM Hotel Guests Found for Sale Online
2020-07-14 13:38

Scope of last summer’s data leak at the hotel chain appears to be far more expansive than previously thought.

Leaked Details of 142 Million MGM Hotel Guests Found for Sale on Dark Web
2020-07-14 12:13

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the Dark Web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. In the ad, the hacker makes a connection between the newly advertised credentials and a previously known leak of personal details of more than 10.6 million guests who had stayed at MGM Resorts.

Half a Million IoT Passwords Leaked
2020-07-08 11:41

It is amazing that this sort of thing can still happen: ...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1)...

BlueLeaks: Data From Hundreds of Law Enforcement Organizations Leaked Online
2020-06-22 12:05

Hundreds of thousands of files belonging to more than 200 law enforcement organizations across the United States have been leaked online after they were stolen by hackers from a web development company. The leak, dubbed BlueLeaks, includes information collected and generated by over 200 police departments, fusion centers, the FBI and other law enforcement organizations in various U.S. states.

Hackers Leaked 269 GB of U.S. Police and Fusion Centers Data Online
2020-06-22 07:08

A group of hacktivists and transparency advocates has published a massive 269 GB of data allegedly stolen from more than 200 police departments, fusion centers, and other law enforcement agencies across the United States. Dubbed BlueLeaks, the exposed data leaked by the DDoSecrets group contains hundreds of thousands of sensitive documents from the past ten years with official and personal information.

AP Exclusive: Police Officers' Personal Info Leaked Online
2020-06-11 11:10

Personal information of police officers in departments nationwide is being leaked online amid tense interactions at demonstrations across the U.S. over the police custody death of George Floyd and others, according to an unclassified intelligence document from the U.S. Department of Homeland Security, obtained by The Associated Press. Multiple high-ranking police officials in a number of cities, including Washington, Atlanta, Boston and New York have had their personal information shared on social media, including their home addresses, email addresses and phone numbers, the report warns.

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked
2020-06-04 16:58

A U.S. military contractor involved in the maintenance of the country's Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports - with the hackers making off with reams of sensitive information. The cyberattackers first compromised the contractor's internal network, the company confirmed to Sky News, before encrypting files and exfiltrating data.

Hosting Provider’s Database of Crooked Customers Leaked
2020-06-01 14:37

A hacker has leaked online the database of the largest free hosting service popular with cybercriminals, the result of a breach that took down the service earlier this year, according to a published report. The database apparently was stolen on March 10 from the hosting service, operated by Daniel Winzen, a German software developer.