Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security – specifically the weak points – of its internal network.
Read more in my article on the Tripwire State of Security blog.
Continue reading Exposed internal database reveals vulnerable unpatched systems at Honda

Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security — specifically the weak points — of its internal network. Security researcher Justin Paine discovered the sensitive information… Continue reading Exposed internal database reveals vulnerable unpatched systems at Honda

New malware attack turns Elasticsearch databases into DDoS botnet

By Waqas
The malware attack involves two stages including one in which existing cryptomining malware is removed and other remove configuration files.
This is a post from HackRead.com Read the original post: New malware attack turns Elasticsearch databa… Continue reading New malware attack turns Elasticsearch databases into DDoS botnet

Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records

A security researcher found a misconfigured ElasticSearch cluster that exposed over 90 million personal and businesses data records. On 1 July, GDI Foundation member and an independent security researcher Sanyam Jain found that the unprotected ElasticS… Continue reading Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records

Chinese database exposes 42.5 million records compiled from multiple dating apps

Tens of millions of records about users of different dating apps have been discovered in a single database that doesn’t include any password protection, according to new research findings. The records discovered by researcher Jeremiah Fowler mostly were about American users, based on accessible IP addresses and geolocation information. Other data included age, location and account names — a roadmap Fowler followed to identify users across multiple other platforms and dating apps to verify they were real. A sampling of 10,000 users revealed that 8,063 were from the U.S., 356 were from the U.K., 219 from Canada and 151 from Australia and other random English-speaking countries, he said in an email to CyberScoop. About 42.5 million records were exposed, Fowler said. Dating logs made up 38.3 million records, while 3.87 million consisted of “geonames,” Fowler said. He did not reveal the location of the database, which uses the Elastic format. While it’s not clear […]

The post Chinese database exposes 42.5 million records compiled from multiple dating apps appeared first on CyberScoop.

Continue reading Chinese database exposes 42.5 million records compiled from multiple dating apps

Logz.io lands $52M to keep growing open source-based logging tools

Logz.io announced a $52 million Series D investment today. The round was led by General Catalyst. Other investors participating in the round included OpenView Ventures, 83North, Giza Venture Capital, Vintage Investment Partners, Greenspring Associates and Next47. Today’s investment brings the total raised to nearly $100 million, according to Crunchbase data. Logz.io is a company built […] Continue reading Logz.io lands $52M to keep growing open source-based logging tools

Core Elastic Stack Security Features Now Available For Free Users As Well

Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users.

ELK Stack or Elast… Continue reading Core Elastic Stack Security Features Now Available For Free Users As Well

Core Elastic Stack security features now available to all users

Elastic, the company developing enterprise search engine Elasticsearch and the Elastic Stack, has decided to make core Elastic Stack security features accessible to all users (and not just those who have a Gold subscription). What is the Elastic Stack?… Continue reading Core Elastic Stack security features now available to all users

Freedom Mobile leaked millions of card data with CVV codes in plain text

By Uzair Amir
The company claims it does not share user data with others but looks like it does. Another day, another data breach; this time an unprotected database has been discovered leaking personal and financial data of millions of Canadians. Ident… Continue reading Freedom Mobile leaked millions of card data with CVV codes in plain text