Data relating to at least 99,000 customers of fitness company V Shred LLC has been exposed online in yet another case of misconfigured cloud storage. Discovered by security researchers Noam Rotem and Ran Locar at vpnMentor and reported today, the unsecured data was found in an Amazon Web Services Inc. S3 bucket. The data, which came in ...

An unknown hacker has targeted 22,900 MongoDB databases in a ransomware attack that threatens to report victims to authorities for breaching the European Union General Data Protection Regulation if they don’t pay up. The attack, discovered Wednesday by security research Victor Gevers at the Dutch Institute for Vulnerability Disclosure, was first detected in April. According ...

A newly discovered vulnerability in some popular bitcoin wallets can be exploited by scammers to commit fraud and even make the wallets themselves unusable. Discovered by wallet startup ZenGo and revealed today, the vulnerability, dubbed “BigSpender,” was found in bitcoin wallets from Ledger Live, Edge and Breadwallet but potentially affects others as well. The vulnerability ...

Facebook Inc. today revealed that it exposed inactive-user data to developers in yet another potential data-sharing scandal for the social media giant. The new incident involves about 5,000 app developers having access to user data if the users hadn’t been active on the app in the last 90 days, the point at which access was ...

Tesla Inc. is facing a potential federal probe into an alleged design flaw in older Model S vehicles even as the upstart surged past Toyota Motor Co. today to become the world’s most valuable car manufacturer. The U.S. National Highway Traffic Safety Administration is looking into issues with the cooling mechanism on Tesla Model S vehicles ...

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency is urging users of Palo Alto Networks Inc. network devices to apply a patch following the discovery of a critical vulnerability that could be exploited by foreign threat groups. The vulnerability affects PAN-OS, the operating system that runs on Palo Alto’s next-generation firewalls and enterprise ...

Digital asset security startup Curv Inc. announced today it has raised $23 million in new funding. The Series A round came from CommerzVentures, Coinbase Ventures, Digital Currency Group, Team8 and Digital Garage Lab Fund. Founded in 2018, Curv is a developer of digital asset security infrastructure technology designed to help crypto companies and financial institutions create their ...

Apple Inc. is facing delays of between four weeks and two months in the production of the iPhone 12 5G, according to a report today in the Nikkei Asian Review. The delays are said to the result of the fallout from the coronavirus pandemic that closed factories and offices in mainland China earlier in the year. ...

Data belonging to more than one million students in the U.S. and Canada who are users of online study service OneClass have been found exposed online in the latest case of cloud database misconfiguration. The breach was revealed by security researchers at vpnMentor late last week. The 27-gigabyte database with nearly 9 million records was found on an ...

The University of California at San Francisco has become the latest organization to cave into hackers behind a cyberattack, paying a $1.14 million ransom following a “security incident” earlier this month. While somewhat vague on the details of the attack, such as never once using the term ransomware, the university said Friday that the incident involved ...