[BleepingComputer] Ford bug exposed customer and employee records from internal systems

A bug on Ford’s website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega customer engagement system running on Ford’s servers. […]

Source: Read More (BleepingComputer)

You might be interested in …

[SANS ISC] Agent.Tesla Dropped via a .daa Image and Talking to Telegram, (Sat, Jul 24th)

All posts, Sans-ISC

A few days ago, I found an interesting file delivered by email (why change a winning combination?). The file has a nice extension: “.daa” (Direct Access Archive). We already reported such files in 2019 and Didier wrote a diary[1] about them. Default Windows installation, can’t process “.daa” files, you need a specific tool to open […]

Read More

[HackerNews] Iranian Hackers Abuse Dropbox in Cyberattacks Against Aerospace and Telecom Firms

All posts, HackerNews

Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed Source: Read More (The Hacker […]

Read More

[BleepingComputer] Largest U.S. pipeline shuts down operations after ransomware attack

All posts

Colonial Pipeline, the largest fuel pipeline in the United States, has shut down operations after suffering what is reported to be a ransomware attack. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.