January 22, 2024 at 03:31PM A security researcher in Germany was fined €3,000 for reporting a vulnerability in an e-commerce database that put customer information at risk. Modern Solution GmbH downplayed the data exposure, leading to a legal battle. Hendrik H. was initially vindicated by the District Court but was eventually fined and is planning … Read more
January 9, 2024 at 01:42PM Cybercriminals are targeting Microsoft’s database, with the specific threat group behind these attacks remaining unidentified. These security breaches were discovered due to an unintentional operational security lapse. It appears that Microsoft’s database is facing continued cybercriminal attention, with the threat group behind the attacks currently unknown. These attacks were only … Read more
November 16, 2023 at 03:16PM Researchers at AhnLab Security Emergency Response Center (ASEC) have discovered a new campaign targeting MySQL servers with the ‘Ddostf’ malware botnet. The attackers exploit vulnerabilities or weak credentials to gain access to the servers and use user-defined functions (UDFs) to execute commands. The primary payload is the Ddostf bot client, … Read more
October 19, 2023 at 10:09AM A former US Navy IT manager, Marquis Hooper, has been sentenced to five-and-a-half years in prison for selling personal records on the dark web. Hooper accessed a database and sold the details of over 9,000 people, generating about $160,000 worth of Bitcoin. The data was used by criminals, including for … Read more