Krebs on Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. Mistake number two is using S3 without using encryption on top of it.

Encryption 256

Encryption Passwords Access Financial Services 256

IT Governance

MARCH 11, 2024

Glosbe dictionary exposes almost 7 million records The multilingual online dictionary Glosbe left a MongoDB instance unsecured last year, exposing nearly 7 million users’ information, including personal data, encrypted passwords and social media identifiers. Source (New) Professional services Netherlands Yes 28.3

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 16, 2024

GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. Source (New) Real estate USA Yes 10 GB Unitex Source (New) Manufacturing USA Yes 9.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

APRIL 29, 2024

Keyboard app vulnerabilities reveal keystrokes to network eavesdroppers Security researchers have identified critical security vulnerabilities in Cloud-based pinyin keyboard apps from Baidu, Inc., We identified certain accounts that we believe are affiliated with the Spy.pet website, which we have subsequently banned.”

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94