Misconfiguration
ShinyHunters claims ongoing Salesforce Aura data theft attacks
Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters extortion gang claims to be actively exploiting a new bug to steal data from instances. Salesforce has shared guidance for its customers to defend against hackers actively targeting […]
Exposed MongoDB instances still targeted in data extortion attacks
A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data. The attacker focuses on the low-hanging fruit, databases that are insecure due to misconfiguration that permits access without restriction. Around 1,400 exposed servers have been compromised, and the ransom note demanded a ransom […]
Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack
To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. The outage occurred on July 14 and impacted most users of the service all over the world, rendering internet services unavailable in many […]
Cloudflare R2 service outage caused by password rotation error
Cloudflare announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. Cloudflare R2 is a scalable, S3-compatible object storage service with free data retrieval, multi-region replication, and tight Cloudflare integration. The incident, which lasted between 21:38 UTC and 22:45 […]
FlightAware configuration error leaked user data for years
Flight tracking platform FlightAware is asking some users to reset their account login passwords due to a data security incident that may have exposed personal information. The technology company is based in Houston, Texas and provides real-time as well as historical flight tracking data. FlightAware is considered the world’s largest flight-tracking platform with a network […]