misconfiguration Archives - Help Net Security

misconfiguration

Organizations struggle with patching endpoints against critical vulnerabilities

March 26, 2020

Less than 50 percent of organizations can patch vulnerable systems swiftly enough to protect against critical threats and zero-day attacks, and 81 percent have suffered at …

Cloud misconfigurations surge, organizations need continuous controls

February 20, 2020

Nearly 33.4 billion records were exposed in breaches due to cloud misconfigurations in 2018 and 2019, amounting to nearly $5 trillion in costs to enterprises globally, …

Network complexity and lack of visibility contribute to misconfigurations and increased risk

November 14, 2019

Enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity risk and lack of …

Security flaw could turn load balancers into beachheads for cyber attacks

August 9, 2019

Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, …

Capital One breach: Info on 106 million customers compromised, hacker arrested

July 30, 2019

Capital One, one of the largest banks in the United States by assets, has announced that it has suffered a massive data breach affecting the personal and financial information …

Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

July 11, 2019

We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been …

Unsecured Gearbest server exposes millions of shoppers and their orders

March 15, 2019

Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and …

New security feature to prevent Amazon S3 bucket misconfiguration and data leaks

November 19, 2018

Hardly a week goes by that we don’t hear about an organization leaving sensitive data exposed on the Internet because they failed to properly configure their Amazon S3 …

Solving the cloud infrastructure misconfiguration problem

October 18, 2018

Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets to the cloud. Many of these incidents …

Access misconfiguration opens 3D printers to remote attacks

September 5, 2018

Spurred by a report coming from a regular reader, SANS ISC handlers Richard Porter and Xavier Mertens searched for OctoPrint interfaces for 3D printers exposed online and …

Smart homes can be easily hacked via unsecured MQTT servers

August 20, 2018

The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers. What is MQTT? The Message …

How a port misconfiguration exposed critical infrastructure data

August 9, 2017

Much has already been said and written about the dangers of potential cyber attacks targeting the electric/power grid. And in Ukraine, they’ve already gone from …