Collaborate Disseminate
AdvoLogix announced its strategic partnership with iManage. This partnership brings the document, email, and knowledge management solutions used by the over 3,000 customers of iManage together with the case, matter, and enterprise legal management of A… Continue reading AdvoLogix and iManage provide a cloud-scale solution for the legal industry
Cloudhouse has acquired UpGuard Core, from third-party risk and attack surface management platform UpGuard. UpGuard Core will now be known as Cloudhouse Guardian, joining Cloudhouse’s Application Compatibility Packaging solution to offer customers the … Continue reading Cloudhouse acquires UpGuard Core to provide instant visibility of an entire IT infrastructure
A company that sells content management software and services exposed data on 477,000 media contacts, including 35,000 hashed user passwords, to the public internet. In October, iPRsoftware, a U.S.-based company that specializes in software that manages and disseminates company public relations and marketing, was discovered to be exposing the data along with administrative system credentials and assorted documents. Among the documents were marketing materials for client companies, as well as credentials for the company’s Google and Twitter accounts and a MongoDB hosting provider. Chris Vickery, director of cyber risk research at UpGuard, first contacted the company about the exposure in October. Despite the company’s acknowledgement of the issue, Vickery observed that over the next week, the only thing that changed was the appearance of a log file for the purpose of reviewing activity related to the open repository. When contacted weeks later by CyberScoop about the exposure, a company representative said it […]
The post Exclusive: PR software firm exposes data on nearly 500k contacts appeared first on CyberScoop.
Continue reading Exclusive: PR software firm exposes data on nearly 500k contacts
Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching turned up more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud… Continue reading A Year Later, Cybercrime Groups Still Rampant on Facebook
Two separate exposures of sensitive information about Facebook users are the latest alarming discoveries by researchers at UpGuard. In both cases, the operators of third-party apps that connected to Facebook were storing data about people in Amazon Web Services S3 buckets configured for public access, said UpGuard, a Silicon Valley-based security company known for identifying misconfigured cloud services. One database originated with Mexico-based Cultura Colectiva, while the other was stored by the makers of an app called “At the Pool.” Both had been secured by Wednesday, UpGuard said. The Cultura Cultiva is the bigger of the two exposures, including 146 gigabytes of information about comments, likes, reactions, account names, Facebook IDs and more, UpGuard said. The “At the Pool” discovery, while not nearly as large, “contains plaintext (i.e. unprotected) Facebook passwords for 22,000 users,” UpGuard said. The company appears to have ceased operation in 2014, but this “should offer little consolation to the app’s end users whose […]
The post Third-party Facebook apps left people’s data publicly exposed, researchers say appeared first on CyberScoop.
Continue reading Third-party Facebook apps left people’s data publicly exposed, researchers say
The exposures didn’t come from Facebook itself, but do show how data generated by one company can end up exposed thanks to another service. Continue reading App Developers Left 540 Million Facebook Users’ Records on the Public Internet
Configuration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets. Continue reading GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig
LocalBlox, a US-based data technology company that “crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks” and ties it all together to create profiles on individuals tha… Continue reading LocalBlox found leaking info on tens of millions of individuals
LocalBlox, a company that scrapes user information from social media and other websites to repackage and sell, left 48 million of its records exposed on a public server, according to a report released Wednesday by cybersecurity firm UpGuard. The data on each individual reportedly includes names, addresses, dates of birth, LinkedIn job histories, public Facebook data, Twitter handles and information from real estate listing site Zillow. Facebook, Twitter, LinkedIn and Zillow told ZDNet, which first reported the story, that data scraping without prior consent violates their policies. The LocalBlox case bears some similarity to the data scandal embroiling Facebook, whereby data firm Cambridge Analytica was revealed to improperly obtain a trove of data profiles on 87 million Facebook users for political purposes. A main difference with the LocalBlox case, however, is that the data was left unprotected and breachable. UpGuard said its Cyber Risk Team discovered a public Amazon Web Services S3 bucket containing the compressed […]
The post 48 million social media profiles left exposed by data scraping firm: report appeared first on Cyberscoop.
Continue reading 48 million social media profiles left exposed by data scraping firm: report
This week, Michael talks about Facebook’s CSO Alex Stamos, Equifax, UpGuard’s new security tool, and Microsoft lifts update embargo on Windows 10. Jason Wood explains why you should build your own security tools in the expert commentary. News Fac… Continue reading Facebook, Equifax, UpGuard, and Microsoft – Hack Naked News #165