HackDig : Dig high-quality web security articles for hackers

Patch Tuesday, January 2020 Edition

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency. This month also marks the end of mainstream support for Win
Publish At:2020-01-15 03:35 | Read:502 | Comments:0 | Tags:Time to Patch CVE-2020-0601 Johns Hopkins University Kenneth

MongoDB improves security amid new wave of ransom-attacks

MongoDB company implements new data security features in response to the recent wave of ransom attacks that hit installations worldwide. You have to admit that the bad actors are very good at leveraging a vulnerability into a lucrative opportunity. The latest example comes from MongoDB,  a popular, open source database commonly deployed for big data applicat
Publish At:2017-09-12 14:55 | Read:3433 | Comments:0 | Tags:Breaking News Hacking Cybercrime MongoDB ransom attacks

Unsecure Hadoop Distributed File System installs 5 PB of Data

According to Shodan search, unprotected Hadoop Distributed File System installations expose 5 PB of data. Hadoop servers that are not securely configured expose vast amounts of data, according to an analysis conducted using the Internet search engine Shodan. A study conducted by Shodan revealed that nearly 4,500 servers with the Hadoop Distributed File Syste
Publish At:2017-06-04 02:20 | Read:3317 | Comments:0 | Tags:Breaking News Hacking Cybercrime Elasticsearch Hadoop Distri

Get Serious About Data Protection to Secure MongoDB

The inevitable happened — attackers stole data from thousands upon thousands of misconfigured MongoDB databases and are now demanding ransom money to get it back. These cybercriminals are going after even more misconfigured systems on the internet. Don’t say we didn’t warn you. The IT community has known for some time that default settings can le
Publish At:2017-01-25 10:20 | Read:4438 | Comments:0 | Tags:Data Protection Data Security Database Security IBM Security

Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed

Tens of thousands of personal and possibly proprietary databases that were left accessible to the public online have just been wiped from the Internet, replaced with ransom notes demanding payment for the return of the files. Adding insult to injury, it appears that virtually none of the victims have paid the ransom have gotten their files back because multi
Publish At:2017-01-11 04:20 | Read:4965 | Comments:0 | Tags:Other extortion MongoDB Niall Merrigan Victor Gevers

Hello Kitty database leaked online, 3.3 million fans affected

The Hello Kitty MongoDB database leaked online one year ago recently surface on the web, it includes 3.3 million records belonging to Hello Kitty fans. The security researcher Chris Vickery discovered a Sanrio database that was misconfigured and exposed to the public in 2015. On December 2015, Vickery reported the discovery to Databreaches.net and Salted Has
Publish At:2017-01-10 19:20 | Read:3242 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking Cybercrime dat

Number of MongoDB ransom attacks peaked 27,000 in a day

According to the Australian Communications and Media Authority Antipodes the number of hacked MongoDB databases more than double to 27,000 in just a day. MongoDB ransom attacks soar, according to the Australian Communications and Media Authority Antipodes the number of hacked systems more than double to 27,000 in just a day. According to the experts, the hac
Publish At:2017-01-09 23:05 | Read:4569 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime databases Mongo

Online databases dropping like flies, with >10k falling to ransomware groups

reader comments 62 Share this story More than 10,000 website databases have been taken hostage in recent days by attackers who are demanding hefty ransoms for the data to be restored, a security researcher said Friday.The affected data is created and stored by the open source MongoDB database application, according to researchers who h
Publish At:2017-01-07 09:50 | Read:6685 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab mongodb ransom

11GB archive of Top Secret US SOCOM data accidentally leaked

The popular security expert Chris Vickery discovered a 11GB archive of Top Secret US SOCOM data that was accidentally leaked. A subcontractor of the Pentagon has exposed top-secret information of the US Military Special Operations Command (SOCOM) medics. Exposed records include names, locations, Social Security Numbers, and salaries of the Military SOCOM
Publish At:2017-01-05 05:05 | Read:4264 | Comments:0 | Tags:Breaking News Data Breach Cybercrime databases Hacking Mongo

Unprotected MongoDB Databases Wiped and Held for Ransom by Attacker

An attacker is obtaining access to unprotected MongoDB databases, stealing and erasing their content, and holding them for ransom.On 27 December, security researcher Victor Gevers came across a MongoDB server that was open to external connections and that lacked a password on its admin account.This database didn’t contain a lot of information. In fact,
Publish At:2017-01-05 03:17 | Read:6126 | Comments:0 | Tags:Latest Security News Bitcoin data breach Harak1r1 MongoDB Vi

Hacker held open MongoDB databases for ransom

A mysterious hacker is breaking into unprotected MongoDB databases, stealing their content, and asking for a ransom to return the data. Co-founder of the GDI Foundation Victor Gevers is warning of poor security for MongoDB installations in the wild. The security expert has discovered 196 instances of MongoDB that were wiped by crooks and being held for ranso
Publish At:2017-01-04 10:40 | Read:3815 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime databases Mongo

Hacker grabs over 58 million customer records from data storage firm

At least 58 million people have had their personal information published on the internet – including their names, dates of birth, email and postal addresses, job titles, phone numbers, vehicle data, and IP addresses – after a hacker stole a massive unsecured database.And, if you think that sounds bad, there may be yet more hacked data still to be
Publish At:2016-10-13 08:40 | Read:4190 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data breac

System Profiling for Lazy Developers

Measuring latency within my code is something that I do very very often. Occasionally I resort to tools like profilers to help me out but, honestly, most of the time I just put timers in my code and print the results to the console or a log file. The reasons are: Running a profiler requires quite a bit of setup, which often is not justified or I’m t
Publish At:2016-09-13 14:35 | Read:3263 | Comments:0 | Tags:Uncategorized docker mongodb Sysdig tracers

The global terror database World-Check was leaked online

The Thomson Reuters terrorist database World-Check used by banks and intelligence agencies worldwide was leaked online, 2.2 million records exposed. There is a terrorist database used by banks and intelligence agencies worldwide, it is called World-Check and unfortunately, it was leaked online. The leaked database is dated back 2014 and contains some 2.2 mil
Publish At:2016-06-30 07:45 | Read:3805 | Comments:0 | Tags:Breaking News Hacking Security Terrorism Chris Vickery data

Crooks Steal, Sell Verizon Enterprise Customer Data

Verizon Enterprise Solutions, a B2B unit of the telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is reeling from its own data breach involving the theft and resale of customer data, KrebsOnSecurity has learned. Earlier this week, a prominent member of a closely guarded underg
Publish At:2016-04-01 11:45 | Read:3510 | Comments:0 | Tags:Data Breaches Data Breach Investigations Report DBIR MongoDB


Share high-quality web security related articles with you:)


Tag Cloud