exposed

  • Blog
    digitpatrox5 days ago
    31

    Western Alliance Bank admits cyber attack exposed 22,000 customers

    An American bank has admitted nearly 22,000 customers had their accounts compromised following an attack that targeted a zero-day flaw in a third-party file-transfer tool. In a regulatory filing, Arizona-based Western Alliance Bank said attackers had access between 12 and 24 October last year, though the bank reportedly only became aware of the attack in January. Hackers accessed customers’ names,…

    Read More »
  • Blog
    digitpatrox6 days ago
    33

    Apple Passwords App Vulnerability Exposed Users for Months

    Apple’s Passwords app, designed to enhance security for iOS users, ironically left them vulnerable to phishing attacks for nearly three months. Security researchers recently revealed that the flaw exposed sensitive information, raising concerns about cybersecurity risks — even with trusted software. The vulnerability explained Researchers at Mysk identified the flaw, which stemmed from the app’s use of unencrypted HTTP connections…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    34

    A ‘significant increase’ in infostealer malware attacks left 3.9 billion credentials exposed to cyber criminals last year – and experts worry this is a ticking time bomb for enterprises

    Researchers have warned that billions of credentials exposed to cyber criminals were sourced from infostealer logs last year – and it’s created a ticking time bomb for enterprises as hackers begin cracking systems. KELA Cyber Threat Intelligence’s State of Cybercrime 2024 report singled out infostealers as a persistent threat that usually serve as “precursors to advanced attacks, including ransomware and…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    39

    Over 49,000 misconfigured building access systems exposed online

    Researchers discovered 49,000 misconfigured and exposed Access Management Systems (AMS) across multiple industries and countries, which could compromise privacy and physical security in critical sectors. Access Management Systems are security systems that control employee access to buildings, facilities, and restricted areas via biometrics, ID cards, or license plates. Security researchers at Modat conducted a comprehensive investigation in early 2025 and discovered…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    44

    3.3 million people were exposed in the DISA data breach – it took the firm 10 months to disclose the incident

    Background check firm DISA Global Solutions has revealed it suffered a data breach exposing millions of sensitive records – nearly a year after the incident first occurred. The breach, first discovered on April 22, 2024, had been allowing an unauthorized third-party to access data on around 3.3 million people since February 9th. “Although our forensics investigation could not definitively conclude…

    Read More »
  • Blog
    digitpatroxFebruary 17, 2025
    52

    Zacks Investment breach could leave 12 million customer accounts exposed

    Zacks Investment, a leading investment research company, has allegedly suffered a data breach that could see roughly 15 million customer records exposed. A threat actor under the name Jurak posted on the dark web hacking forum BreachForums on 24 January 2025, claiming to have breached Zacks Investment in June last year. Zacks is a major financial analysis provider best known…

    Read More »
  • Blog
    digitpatroxFebruary 11, 2025
    54

    Over 12,000 KerioControl firewalls exposed to exploited RCE flaw

    Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. KerioControl is a network security suite that small and medium-sized businesses use for VPNs, bandwidth management, reporting and monitoring, traffic filtering, AV protection, and intrusion prevention. The flaw in question was discovered in mid-December by security researcher Egidio Romano (EgiX), who…

    Read More »
  • Blog
    digitpatroxFebruary 6, 2025
    228

    Microsoft says attackers use exposed ASP.NET keys to deploy malware

    Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, some developers use ASP.NET validationKey and decryptionKey keys (designed to protect ViewState from tampering and information disclosure) found on code documentation and repository platforms in their own software. However, threat actors also use…

    Read More »
  • Blog
    digitpatroxJanuary 30, 2025
    54

    DeepSeek Locked Down Public Database Access That Exposed Chat History

    On Jan. 29, U.S.-based Wiz Research announced it responsibly disclosed a DeepSeek database previously open to the public, exposing chat logs and other sensitive information. DeepSeek locked down the database, but the discovery highlights possible risks with generative AI models, particularly international projects. DeepSeek shook up the tech industry over the last week as the Chinese company’s AI models rivaled…

    Read More »
  • Blog
    digitpatroxJanuary 30, 2025
    71

    DeepSeek database left user data, chat histories exposed for anyone to see

    DeepSeek has secured a “completely open” database that exposed user chat histories, API authentication keys, system logs, and other sensitive information, according to cloud security firm Wiz. The security researchers said they found the Chinese AI startup’s publicly accessible database in “minutes,” with no authentication required. The exposed information was housed within an open-source data management system called ClickHouse and…

    Read More »
Load More
Back to top button
close