The Problem with Big Data is, Well, That it is Big On October 16th researchers revealed that they had found an exposed database with 4 billion records covering 1.2 billion people. The first database contained information on 1.5 billion unique people (note these numbers do not exactly match) including work phone numbers and mobile phone […]
Continue reading → [DISPLAY_ACURAX_ICONS]Database Leaked 179 GB of Personal Data of military personnel, officials and hotel customers. I wish this was a new story. Autoclerk, a Best Western service that manages reservations, revenue, loyalty programs, payment processing and other functions for the hotel chain. left an elastic search database exposed. Hundreds of thousands of guest reservations were exposed […]
Continue reading → [DISPLAY_ACURAX_ICONS]After the FTC created a settlement with Equifax over the breach in 2017 of the data of close to 150 million people that turned out to be mostly smoke and mirrors, some of the lawsuits are now moving forward showing how bad things were at Equifax. Equifax used a default userid of admin and […]
Continue reading → [DISPLAY_ACURAX_ICONS]Less Than Half of Mississippi State Agencies Even Have a Cybersecurity Policy In Mississippi’s first ever state cybersecurity audit, the state auditor reported dismal results. 54 state agencies did not respond to the audit. 38% of those responding did not encrypt sensitive data. 22 agencies had not conducted a third party security risk assessment. 11 […]
Continue reading → [DISPLAY_ACURAX_ICONS]I don’t know how to say this any more clearly, but vendors represent a huge risk to every organization. Lion Air, the Indonesian parent of Malindo Air and other subsidiaries that were breached, confirmed the breach last week. Why did they confirm it? Perhaps they were being good corporate citizens. An alternative explanation is that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Cisco: Critical Bug Allows Remote Takeover of Routers Cisco rated this bug 10 out of 10. For users of Cisco 4000 series ISRs, ASR 1000 series aggregation routers, 1000v cloud routers and integrated services virtual routers, an unauthenticated user can gain full control just by sending a malicious HTTP request. So yet another reminder that […]
Continue reading → [DISPLAY_ACURAX_ICONS]