exposed

  • Blog
    digitpatrox1 week ago
    23

    1.1 Million UK NHS Employee Records Exposed

    Over a million NHS employee records — including email addresses, phone numbers, and home addresses — were exposed online due to a misconfiguration of the low-code website builder Microsoft Power Pages. In September, researchers with the software-as-a-service security platform AppOmni identified a large shared business service provider for the NHS that was allowing unauthorised access to sensitive data through insecure…

    Read More »
  • Blog
    digitpatrox1 week ago
    22

    D-Link won’t fix critical bug in 60,000 exposed EoL modems

    Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user’s password and take complete control of the device. The vulnerability was discovered in the D-Link DSL6740C modem by security researcher Chaio-Lin Yu (Steven Meow), who reported it to Taiwan’s computer and response center (TWCERTCC).…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    28

    800,000 users exposed in Landmark Admin data breach

    Insurance administrative services company Landmark Admin is warning 800,000 people that their sensitive data has been exposed, following a cyber attack earlier this year. According to the firm’s filing with the Attorney General of Maine, the breach involved an extremely broad range of personal data, including full names and addresses, Social Security numbers, tax identification numbers, drivers’ license numbers, and…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    29

    The National Public Data breach exposed nearly three billion users – now the company has filed for bankruptcy

    Data broker National Public Data has filed for bankruptcy, claiming it cannot sustain the mounting financial and reputational damage associated with a major data breach it suffered in December 2023. The background-checking service filed for bankruptcy in Florida under its parent company Jerico Pictures Inc, and explicitly cited the 2023 data breach as a direct contributor to its downfall. NPD…

    Read More »
  • Blog
    digitpatroxOctober 11, 2024
    51

    Over 31 Million User Accounts Exposed

    The Internet Archive, a non-profit digital library best known for its Wayback Machine, has disclosed a major data breach affecting over 31 million users as well as a series of distributed denial-of-service attacks. On the afternoon of Oct. 9, visitors of The Internet Archive started seeing pop-up messages that read: “Have you ever felt like the Internet Archive runs on…

    Read More »
  • Blog
    digitpatroxOctober 9, 2024
    53

    New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks

    An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. The flaw, which enables attackers to perform arbitrary remote code execution if certain conditions are met, was disclosed late last month by the person who discovered it, Simone Margaritelli. Although its RCE aspect…

    Read More »
  • Blog
    digitpatroxOctober 3, 2024
    143

    Critical flaws left 700,000 DrayTek routers exposed – but don’t worry, there’s a fix

    Security researchers have uncovered 14 vulnerabilities in DrayTek routers that left hundreds of thousands of devices exposed. The flaws affect 24 DrayTek router models, with more than two-thirds either end-of-sale (EoS) or end-of-life (EoL) products, making them more difficult to patch and protect. More than 425,000 are in the UK and EU, with over 190,000 in Asia. Crucially, researchers warned…

    Read More »
  • Blog
    digitpatroxSeptember 4, 2024
    65

    Miami Gardens notifies residents of data breach that exposed SSNs, financial accounts, health insurance

    The city of Miami Gardens, Florida this week notified an undisclosed number of people about a June 2024 data breach that compromised 80 GB of personal information including names, Social Security numbers, financial account numbers, health insurance info, and dates of birth. Ransomware group Meow claimed responsibility for the attack shortly after it occurred and demanded $500,000 in ransom. It…

    Read More »
  • Blog
    digitpatroxAugust 20, 2024
    80

    Hackers are flocking to a new SMS spam tool – ‘Xeon Sender’ exploits cloud APIs and exposed credentials to supercharge phishing campaigns

    Security researchers have issued a warning over a phishing tool that threat actors can use via SaaS providers to send spam messages en-masse. The tool, dubbed ‘Xeon Sender’ by SentinelLabs, is a cloud-based attack tool that can send spam messages via nine different SaaS providers. The tool is also known by alternative names, including ‘XeonV5’ and ‘SVG Sender’. It’s built…

    Read More »
  • Blog
    digitpatroxAugust 15, 2024
    83

    NetSuite vulnerability could leave thousands of websites exposed

    Researchers have warned of a new vulnerability in NetSuite’s SuiteCommerce tool that could expose sensitive data.  Stemming from misconfigured access controls, the vulnerability leaves sensitive personally identifiable information (PII) exposed, including the full addresses and mobile phone numbers of customers The vulnerability has already left several thousand live SuiteCommerce websites vulnerable and the extent of potential damage could be far-reaching.…

    Read More »
Load More
Back to top button
close