A US telemarketing company has leaked the personal details of potentially tens of thousands of consumers after misconfiguring a cloud storage bucket, Infosecurity can reveal. A team at vpnMentor led by Noam Rotem found the unsecured AWS S3 bucket on December 24 last year. It was traced to Californian business CallX, whose analytics services are apparently used by clients to improve their media buying and inbound marketing. According to its website, the firm counts lending…

A security vendor discovered nearly 1.5 billion breached log-in combos circulating online last year and billions more pieces of personal information (PII), with password reuse and weak hashing algorithms commonplace. SpyCloud’s 2021 Credential Exposure Report was compiled from the vendor’s human intelligence efforts to recover stolen data from criminal networks early in the breach lifecycle. Some 854 breach incidents, up a third from 2019, leaked on average 5.4 million records each. Poor password security is still rife:…

Observability has become a very hot topic in the world of application development and IT operations but understanding what it is and how you can effectively leverage it to support modern apps is also important to anyone with responsibilities in the area of cloud architecture.  On our latest multi-cloud podcast, Eric Nielsen (@ericnpro) and I (@davidj7494) speak with Harmen Vanderlinde [BIO] about a new framework for achieving observability that he and his team have been…

Microsoft has been forced to release out-of-band patches to fix multiple zero-day vulnerabilities being exploited by Chinese state-backed threat actors. The unusual step was taken to protect customers running on-premises versions of Microsoft Exchange Server. “In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments,” Microsoft said. “Microsoft Threat Intelligence Center…

Cybersecurity company BlueVoyant has appointed James M. Aquilina as a member of its advisory board and advisor to the CEO. Aquilina comes with over 20 years of experience in the cybersecurity industry, including in the areas of incident response, risk management and digital forensics. He was most recently an advisor to the board of directors at The Crysis Group in the run up to its acquisition by Palo Alto Networks, and prior to this, he was…

Don’t Let Tax Fraud Ruin Your IRS Refund Here’s how to lock down your data this tax season Tax season is always a high time for scams that put our money and information at risk. But this year securing your data may be more important than ever, due to a spike in unemployment fraud. Millions of Americans have lost their jobs over the course of the pandemic, and states have seen a surge in unemployment…

Who loves tax season besides accountants? Hackers  It’s tax time in the United States, and even if you’re pretty sure you did everything right, you’re worried. Did I file correctly? Did I claim the right deductions? Will I get audited? Unfortunately, tax season brings out scammers eager to take advantage of your anxiety. The tax scam landscape First, know that you’re probably doing a good job with your taxes. Less than 2% of returns get…

Who loves tax season besides accountants? Hackers  It’s tax time in the United States, and even if you’re pretty sure you did everything right, you’re worried. Did I file correctly? Did I claim the right deductions? Will I get audited? Unfortunately, tax season brings out scammers eager to take advantage of your anxiety. The tax scam landscape First, know that you’re probably doing a good job with your taxes. Less than 2% of returns get…