June 2, 2017

Insecure Backend Databases Blamed for Leaking 43TB of App Data

More than 1,000 mobile apps are leaking personal information via unsecured backend platforms such as MongoDB, MySQL and others. Read More ➟

Hack Department of Homeland Security Act Would Bring Bug Bounty Program to DHS

Senators introduced a bill last week to establish a bug bounty pilot program within the Department of Homeland Security. Read More ➟

WannaCry Development Errors Enable File Recovery

Researchers at Kaspersky Lab have found a number of programming errors in the WannaCry ransomware code that put file recovery within reach of sysadmins. Read More ➟

OneLogin Breach Compromised Customer Data, Ability to Decrypt Encrypted Data

A breach at OneLogin appears to have compromised customer data, including the ability to decrypt encrypted data. Read More ➟

Crowdfunding Effort to Buy ShadowBrokers Exploits Shuts Down

A crowdfunding effort to buy a subscription to the ShadowBrokers’ Monthly Dump Service of stolen exploits and data was shut down citing legal and ethical concerns. Read More ➟

FreeRADIUS Update Resolves Authentication Bypass

Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server. Read More ➟

New Machine Learning Behind Early Phishing Detection in Gmail

Google announced today new security features in Gmail, including the news that it will enhance early phishing detection in Gmail through dedicated machine learning. Read More ➟