An online booking software provider unwittingly leaked the details of millions of customers online after misconfiguring a cloud storage solution, according to researchers at vpnMentor.  The researchers found the leak on January 23 and traced it back…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

Cookware giant Meyer has revealed a data breach that impacted an undisclosed number of employees.  Meyer is the largest distributor of cookware in the United States.  The attack happened at the end of October 2021, but it wasn’t until December…

Cisco Email Security Appliance (ESA) devices are impacted by a vulnerability that could lead to the execution of Denial-of-Service (DoS) attacks. Although Cisco's product security incident response team has not seen the vulnerability being actively…

Researchers at Kookmin University successfully decrypted Hive ransomware-infected data without depending on the private key used to limit access to the data. They recovered the master key for generating the file encryption key without the attacker's…

VMware has released a patch for a high-severity vulnerability discovered in NSX Data Center for vSphere. It affects the NSX Edge appliance component, a virtual router placed at the edge of the tenant network that enables communication between virtual…

A fertility clinic based in New York City is notifying patients that their personal data may have been compromised and possibly stolen during a recent cyberattack.  Extend Fertility, which specializes in IVF and freezing eggs and embryos, was hit…

Security researchers at Neustar Security Services have found that carpet bombing Distributed Denial of Service (DDoS) attacks are on the rise.  Carpet bombing, in which a DDoS attack targets multiple IP addresses of an organization within a very…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint Cybersecurity Advisory titled, "Russian State-Sponsored Cyber…

According to Bleeping Computer, Element Vape, a major online seller of e-cigarettes and vaping kits, is serving a credit card skimmer on its website, likely after being compromised by hackers. Researchers have observed Element Vape's website loading a…

SonicWall released a report detailing the significant rise in ransomware, with 623.3 million attacks globally. According to the report, almost all monitored threats, cyberattacks, and malicious digital assaults, including ransomware, encrypted…

Security experts at Wordfence are urging users of a popular WordPress plugin to update immediately after a bug was found that could allow attackers to steal sensitive data and potentially even hijack vulnerable sites.  UpDraft Plus describes itself…