Capital One Data Breach, Equifax Settlement Payouts, Nextdoor App Scams

This is your Shared Security Weekly Blaze for August 5th 2019 with your host, Tom Eston. In this week’s episode: everything you need to know about the Capital One data breach, changes ...
Identity Documents Exposed FedEx

Identity Documents Exposed in FedEx-Owned Amazon S3 Bucket

More than 119,000 scanned identity documents, including passports and drivers’ licenses, belonging to people from the United States and abroad were exposed in an insecure Amazon S3 storage bucket. The storage bucket ...
Security Boulevard
Apple Fixes MacOS High Sierra Root Access Vulnerability

Apple Fixes MacOS High Sierra Root Access Vulnerability

Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user ...
cloud

Insecure Storage Buckets Expose 1.8 Billion Online Posts Scraped for U.S. Military

A Pentagon contractor left three storage buckets publicly accessible on Amazon’s S3 service, exposing more than 1.8 billion online posts collected since 2009. The messages, posted by people from around the world, ...
Another Cloud Storage Leak Exposes Verizon IT Files

Another Cloud Storage Leak Exposes Verizon IT Files

Security researchers have found yet another Amazon S3 storage container with sensitive data that was publicly accessible to anyone on the internet. The S3 bucket contained around 100MB of data, including internal ...
Criminals Use Jackpotting Attack

Like Equifax, Thousands of Companies Use Vulnerable Apache Struts Versions

U.S. credit monitoring bureau Equifax has been heavily criticized for its failure to patch a known critical vulnerability in the Apache Struts web development framework, an oversight that led to a massive ...
Asterisk Flaw Exposes VoIP Calls to Eavesdropping

Asterisk Flaw Exposes VoIP Calls to Eavesdropping

Security researchers have identified a critical vulnerability in Asterisk, one of the most popular software stacks for implementing private telephone switching systems, also known as private branch exchanges (PBXes). The flaw could ...