Cloudflare misconfiguration behind recent BGP route leak
https://www.bleepingcomputer.com/news/security/cloudflare-misconfiguration-behind-recent-bgp-route-leak/
#Infosec #Security #Cybersecurity #CeptBiro #Cloudflare #Misconfiguration #BGProuteLeak
#misconfiguration
📰 EY Leaks 4TB+ SQL Database Packed with Corporate Secrets via Cloud Misconfiguration
CRITICAL LEAK: Consulting giant EY exposed a 4TB+ unencrypted SQL database to the public internet. 😳 The backup file, found by researchers, contained API keys, passwords & other corporate secrets. #DataBreach #CloudSecurity #Misconfiguration
📰 Massive 70TB Data Leak at Tata Motors from Exposed AWS Keys
🚗 Massive 70TB data leak at Tata Motors! Exposed AWS keys on an e-commerce site led to the breach of customer PII, financial records & more. A stark reminder to secure cloud credentials. #DataBreach #AWS #CloudSecurity #Misconfiguration
Cuba: 63,564 AIS Remittances Clients' information was exposed on an unsecured server.
What did the unsecured server expose?
Customer affidavits, IDs, and debit cards.
The affidavits contained:
This affidavit contained client information, such as: name, mobile phone number, telephone number, email address, address, country, province, city, town, postal code, date of birth, country of birth, passport number, country of issue, and expiration date.
You may also notice that there was a section called "Beneficiaries," which included the beneficiary's name, their ID number, and the reason for the transfer, which in all cases was "family support."
I tried to notify the company, but their aisremesascuba email address was unavailable. I notified CIMEX S.A., and within a few days, access was blocked.
Those affected (Customers) by this breach may be at risk of scams because the server has been exposed since March 2025.
https://www.security-chu.com/2025/10/AIS-Remesas-Cuba-%20expone-145GB-en-servidor-sin-seguridad.html
Интересное исследование (https://www.cs.ucr.edu/~zhiyunq/pub/oakland25_firewall_misconfig.pdf), демонстрирующее важность корректной настройки межсетевых экранов и механизма отслеживания состояния активных сетевых подключений (stateful inspection)
#firewall #misconfiguration #research #cve
В рамках работы авторы просканировали IPv4-пространство адресов по 15 наиболее популярным портам, подменив в запросах порт источника на 80 (TCP) и 53 (UDP).
Было обнаружено более 2 миллионов сервисов, распределенных по 15837 автономным системам и 221 стране и региону, которые были "скрыты" за NAT.
Результаты сканирования:
В сети интернет-провайдера Truespeed было обнаружено почти 11 тысяч кастомизированных маршрутизаторов Linksys, вероятно, имеющих дефектное правило iptables, которое позволяет входящим TCP-соединениям, инициированным с порта 80, обходить межсетевой экран. При дальнейшем анализе было установлено, что теоретически это позволяло проэксплуатировать RCE в прошивках таких роутеров.
Everyone breathes a sigh of relief when they hear "no customer data was exposed," but that's a big mistake. This recent Navy Federal Credit Union leak is a perfect example of why. Exposing 378 GB of internal Tableau data, user emails, and system configurations is like handing a burglar the architectural blueprints to your building. It tells them where the weak points are and who to target with spear phishing. Operational data is just as critical as customer data, and misconfiguration remains one of the most common, and avoidable, security failures.
TL;DR
📦 An unsecured server exposed 378 GB of the credit union's internal backup files.
🛡️ Fortunately, no sensitive customer PII was directly included in the leak.
🗺️ The data did, however, act as a "roadmap," revealing internal system structures and formulas.
🎯 This kind of operational data leak enables highly targeted phishing campaigns against employees.
https://hackread.com/misconfigured-server-navy-federal-credit-union-data-leak/
#misconfiguration #cybersecurity #datasecurity #riskmanagement #security #privacy #cloud #infosec
A #Misconfiguration That Haunts Corporate #Streaming Platforms Could Expose Sensitive Data
A #security researcher discovered that flawed #API configurations are plaguing corporate #livestreaming platforms, potentially #exposing internal company meetings—and he's releasing a tool to find them.
#privacy
https://www.wired.com/story/corporate-livestreams-exposed-search-tool/
Over 3.5 million customer records from Australian global fashion brand #SABO were exposed online containing over 292GB database without any security authentication or encryption.
🔗 https://hackread.com/global-fashion-label-sabo-customer-records-leaked
#CyberSecurity #Privacy #Australia #DataProtection #Misconfiguration
In August 2020, @SchizoDuckie and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."
In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by @JayeLTee, @masek, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.
Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately.
Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to @TonyYarusso and @bkoehn for their efforts.
#dataleak #misconfiguration #incidentresponse #incidentmanagement #responsibledisclosure #securityalert #infosec
A simple web form error left 670 sensitive documents exposed at the AHRC. How safe is your data when a tiny misconfiguration can unleash so much risk? Read on for a cautionary cybersecurity lesson.
https://thedefendopsdiaries.com/the-ahrc-data-breach-a-lesson-in-web-security-misconfigurations/
#data breach
#websecurity
#misconfiguration
#cybersecurity
#infosec
So, you accidentally summoned an army of LLM bots to devour your server resources and send your finances into a death spiral? 🤖💸 Who would've thought that a simple 'misconfiguration' could make your bank account the real ghost in the machine? 🎭💀
https://metacast.app/blog/engineering/postmortem-llm-bots-image-optimization #LLMBots #Misconfiguration #ServerResources #GhostInTheMachine #FinancesFail #HackerNews #ngated
Zapier (NoCode-Software) informierte am Freitag Kunden darüber, dass ein Unbefugter Zugriff auf Code-Repositories u. Kundendaten erhalten habe. Der Unbefugte konnte aufgrund einer Fehlkonfiguration der Zwei-Faktor-Authentifizierung (2FA) im Konto eines Mitarbeiters auf die Repositories zugreifen. Die Repositories hätten aber keine Kundendaten enthalten dürfen. Diese wurden versehentlich von Zapier hineinkopiert...
https://www.theverge.com/news/622026/zapier-data-breach-code-repositories
Modat Internet Index Solution führte Anfang 2025 eine umfassende Untersuchung durch und entdeckte 49.000 falsch konfigurierte, ungeschützte #Zugangsverwaltungssysteme (AMS) in mehreren Branchen und Ländern, die die Privatsphäre und die physische #Sicherheit in kritischen Sektoren gefährden könnten. Die #AMS waren nicht richtig für die sichere #Authentifizierung konfiguriert, so dass nahezu jeder darauf hätte zugreifen können.
🚨 A massive 1.17TB unprotected database from IoT grow light company Mars Hydro has exposed billions of records, including Wi-Fi passwords, IPs, device IDs and more. 🔓
Read: https://hackread.com/1tb-data-leak-expose-billions-iot-grow-light-records/
About two hours after I posted our article on #KillSec3 trying to extort its victims using publicly leaked data, there was a #DDoS attack on my site.
Gosh, it must be just a coincidence, right? 🤔
If you didn't read the post yet, you can read it here:
https://databreaches.net/2024/12/08/is-killsec3-trying-to-extort-victims-using-publicly-leaked-data/
#databreach #ransomware #scam #fraud #infosec #cybersecurity #misconfiguration #exposed_data
@JayeLTee @chum1ng0 @bucketchallenge @amvinfe @lawrenceabrams @briankrebs
Bolton Walk-In Clinic in Ontario: lock down your backup already!
DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the dime.
Do any personal injury lawyers in Ontario, Canada, or folks in the Information and Privacy Commissioner of Ontario follow me? Maybe they can get something done.
Read more at:
https://databreaches.net/2024/12/03/bolton-walk-in-clinic-in-ontario-lock-down-your-backup-already/
#misconfiguration #error #healthsec #dataleak #databreach #exposure #incidentresponse
#DontCallMeHoney
🇳🇿 Harbour Sport exposed 10,000 Files in accidental leak
More details here:
#infosec #news #cybersecurity #newzealand #auckland #misconfiguration #Cloud #Azure #Storage #incidentresponse #leak #privacy #dataprotection
@JayeLTee This is why sometimes it's not enough to just disclose responsibly to an entity. Did you let the data protection regulator know that although the entity is claiming 4-day exposure window, your research found it was almost a year? And did you tell the data protect regulator that the entity is reportedly telling some departments that their data was not exposed, when you found clear proof that it was?
#responsibledisclosure #transparency #accountability #dataprotection #misconfiguration #infosec
@Scary Nice to see you here! Hope to see you posting/sharing more of your research.
When you say Alltech was flagged around 11 times before closing, what exactly do you mean by that?
🇵🇹 ExperTree Park Did Not Protect Visitor Data in AWS
https://medium.com/@newschu.substack.com/2ea9b76527e1
#infosec #cybersecurity #Portugal #misconfiguration #AWS #Cloud #privacy #DataProtection
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst