#misconfiguration — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #misconfiguration, aggregated by home.social.
-
🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
https://xca-attacks.github.io/fabricked/ #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated -
🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
https://xca-attacks.github.io/fabricked/ #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated -
🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
https://xca-attacks.github.io/fabricked/ #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated -
🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
https://xca-attacks.github.io/fabricked/ #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated -
🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
https://xca-attacks.github.io/fabricked/ #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated -
NEW by me:
Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.
No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:
#dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw
-
NEW by me:
Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.
No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:
#dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw
-
NEW by me:
Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.
No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:
#dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw
-
NEW by me:
Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.
No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:
#dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw
-
NEW by me:
Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.
No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:
#dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw
-
A misconfigured server tied to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an #AI coding error.
Read: https://hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/
#CyberSecurity #CyberCrime #DataLeak #Misconfiguration #JerrysStore
-
A misconfigured server tied to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an #AI coding error.
Read: https://hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/
#CyberSecurity #CyberCrime #DataLeak #Misconfiguration #JerrysStore
-
A misconfigured server tied to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an #AI coding error.
Read: https://hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/
#CyberSecurity #CyberCrime #DataLeak #Misconfiguration #JerrysStore
-
A misconfigured server tied to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an #AI coding error.
Read: https://hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/
#CyberSecurity #CyberCrime #DataLeak #Misconfiguration #JerrysStore
-
A misconfigured server tied to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an #AI coding error.
Read: https://hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/
#CyberSecurity #CyberCrime #DataLeak #Misconfiguration #JerrysStore
-
McGraw Hill Data Leak Exposes 13.5M Records After Salesforce Misconfiguration
McGraw Hill, a leading publisher of educational materials, recently suffered a significant data leak, exposing a staggering 13.5 million records due to a misconfigured Salesforce-hosted page. This alarming breach highlights the importance of robust data security measures, even for companies with a traditional focus like textbook…
#DataLeak #McgrawHill #Salesforce #Misconfiguration #Education
-
Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks https://www.securityweek.com/complex-routing-misconfigurations-exploited-for-domain-spoofing-in-phishing-attacks/ #misconfiguration #EmailSecurity #Microsoft #Phishing #phishing #spoofing
-
How Adversaries Exploit the Blind Spots in Your EASM Strategy https://hackread.com/how-adversaries-exploit-blind-spots-easm-strategy/ #Misconfiguration #Cloudsecurity #Cybersecurity #Security #Censys #Oracle #Shodan #EASM
-
Credentials and Misconfigurations Behind Most Cloud Breaches, Says AWS https://hackread.com/aws-credentials-misconfigurations-cloud-breaches/ #Misconfiguration #Cloudsecurity #Vulnerability #CyberAttack #databreach #HumanError #Security #Amazon #cloud #AWS
-
DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants https://hackread.com/domewatch-leak-capitol-hill-applicants-data/ #Misconfiguration #SafetyDetectives #Cybersecurity #Vulnerability #CapitolHill #DomeWatch #Security #Privacy #Leaks #LEAKS
-
Cuba: 63,564 AIS Remittances Clients' information was exposed on an unsecured server.
What did the unsecured server expose?
Customer affidavits, IDs, and debit cards.
The affidavits contained:
This affidavit contained client information, such as: name, mobile phone number, telephone number, email address, address, country, province, city, town, postal code, date of birth, country of birth, passport number, country of issue, and expiration date.
You may also notice that there was a section called "Beneficiaries," which included the beneficiary's name, their ID number, and the reason for the transfer, which in all cases was "family support."
I tried to notify the company, but their aisremesascuba email address was unavailable. I notified CIMEX S.A., and within a few days, access was blocked.
Those affected (Customers) by this breach may be at risk of scams because the server has been exposed since March 2025.
https://www.security-chu.com/2025/10/AIS-Remesas-Cuba-%20expone-145GB-en-servidor-sin-seguridad.html
-
Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data https://hackread.com/misconfigured-netcorecloud-server-40-billion-records/ #Misconfiguration #JeremiahFowler #Cybersecurity #Vulnerability #NetcoreCloud #HackingNews #databreach #Security #database #Privacy #cloud #India
-
Invoicely Database Leak Exposes 180,000 Sensitive Records https://hackread.com/invoicely-database-leak-expose-sensitive-records/ #Misconfiguration #Cybersecurity #Invoicely #Security #Privacy #Leaks #LEAKS
-
Invoicely Database Leak Exposes 180,000 Sensitive Records https://hackread.com/invoicely-database-leak-expose-sensitive-records/ #Misconfiguration #Cybersecurity #Invoicely #Security #Privacy #Leaks #LEAKS
-
Invoicely Database Leak Exposes 180,000 Sensitive Records https://hackread.com/invoicely-database-leak-expose-sensitive-records/ #Misconfiguration #Cybersecurity #Invoicely #Security #Privacy #Leaks #LEAKS
-
Invoicely Database Leak Exposes 180,000 Sensitive Records https://hackread.com/invoicely-database-leak-expose-sensitive-records/ #Misconfiguration #Cybersecurity #Invoicely #Security #Privacy #Leaks #LEAKS
-
US Auto Insurance Platform ClaimPix Leaked 10.7TB of Records Online https://hackread.com/us-auto-insurance-claimpix-leaked-10tb-records/ #Misconfiguration #JeremiahFowler #Cybersecurity #Vulnerability #databreach #Security #ClaimPix #Privacy #Leaks
-
Archer Health Data Leak Exposes 23GB of Medical Records https://hackread.com/archer-health-data-leak-23gb-medical-records/ #Misconfiguration #JeremiahFowler #Cybersecurity #ArcherHealth #Healthcare #Security #Privacy #Leaks #LEAKS
-
ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service https://hackread.com/shadowv2-botnet-aws-docker-ddos-for-hire-service/ #Misconfiguration #Cybersecurity #DDoSforHire #CyberCrime #Darktrace #Security #ShadowV2 #Malware #Botnet #Docker #AWS
-
ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service https://hackread.com/shadowv2-botnet-aws-docker-ddos-for-hire-service/ #Misconfiguration #Cybersecurity #DDoSforHire #CyberCrime #Darktrace #Security #ShadowV2 #Malware #Botnet #Docker #AWS
-
ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service https://hackread.com/shadowv2-botnet-aws-docker-ddos-for-hire-service/ #Misconfiguration #Cybersecurity #DDoSforHire #CyberCrime #Darktrace #Security #ShadowV2 #Malware #Botnet #Docker #AWS
-
ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service https://hackread.com/shadowv2-botnet-aws-docker-ddos-for-hire-service/ #Misconfiguration #Cybersecurity #DDoSforHire #CyberCrime #Darktrace #Security #ShadowV2 #Malware #Botnet #Docker #AWS
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members https://hackread.com/hello-gym-data-leak-audio-files-of-gym-members/ #Misconfiguration #JeremiahFowler #CyberAttack #databreach #Voicemail #Security #Deepfake #HelloGym #Phishing #Privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members https://hackread.com/hello-gym-data-leak-audio-files-of-gym-members/ #Misconfiguration #JeremiahFowler #CyberAttack #databreach #Voicemail #Security #Deepfake #HelloGym #Phishing #Privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members https://hackread.com/hello-gym-data-leak-audio-files-of-gym-members/ #Misconfiguration #JeremiahFowler #CyberAttack #databreach #Voicemail #Security #Deepfake #HelloGym #Phishing #Privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members https://hackread.com/hello-gym-data-leak-audio-files-of-gym-members/ #Misconfiguration #JeremiahFowler #CyberAttack #databreach #Voicemail #Security #Deepfake #HelloGym #Phishing #Privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members – Source:hackread.com https://ciso2ciso.com/hello-gym-data-leak-exposes-1-6-million-audio-files-of-gym-members-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #JeremiahFowler #CyberAttack #DataBreach #Voicemail #deepfake #Hackread #HelloGym #Phishing #security #privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members – Source:hackread.com https://ciso2ciso.com/hello-gym-data-leak-exposes-1-6-million-audio-files-of-gym-members-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #JeremiahFowler #CyberAttack #DataBreach #Voicemail #deepfake #Hackread #HelloGym #Phishing #security #privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members – Source:hackread.com https://ciso2ciso.com/hello-gym-data-leak-exposes-1-6-million-audio-files-of-gym-members-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #JeremiahFowler #CyberAttack #DataBreach #Voicemail #deepfake #Hackread #HelloGym #Phishing #security #privacy #Leaks
-
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members – Source:hackread.com https://ciso2ciso.com/hello-gym-data-leak-exposes-1-6-million-audio-files-of-gym-members-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #JeremiahFowler #CyberAttack #DataBreach #Voicemail #deepfake #Hackread #HelloGym #Phishing #security #privacy #Leaks
-
Everyone breathes a sigh of relief when they hear "no customer data was exposed," but that's a big mistake. This recent Navy Federal Credit Union leak is a perfect example of why. Exposing 378 GB of internal Tableau data, user emails, and system configurations is like handing a burglar the architectural blueprints to your building. It tells them where the weak points are and who to target with spear phishing. Operational data is just as critical as customer data, and misconfiguration remains one of the most common, and avoidable, security failures.
TL;DR
📦 An unsecured server exposed 378 GB of the credit union's internal backup files.
🛡️ Fortunately, no sensitive customer PII was directly included in the leak.
🗺️ The data did, however, act as a "roadmap," revealing internal system structures and formulas.
🎯 This kind of operational data leak enables highly targeted phishing campaigns against employees.https://hackread.com/misconfigured-server-navy-federal-credit-union-data-leak/
#misconfiguration #cybersecurity #datasecurity #riskmanagement #security #privacy #cloud #infosec -
A #Misconfiguration That Haunts Corporate #Streaming Platforms Could Expose Sensitive Data
A #security researcher discovered that flawed #API configurations are plaguing corporate #livestreaming platforms, potentially #exposing internal company meetings—and he's releasing a tool to find them.
#privacyhttps://www.wired.com/story/corporate-livestreams-exposed-search-tool/
-
Hacker Accesses Millions of IMDataCenter Records from Exposed AWS Bucket – Source:hackread.com https://ciso2ciso.com/hacker-accesses-millions-of-imdatacenter-records-from-exposed-aws-bucket-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #cybersecurity #IMDataCenter #DataBreach #Hackread #security #privacy #Leaks
-
Hacker Accesses Millions of IMDataCenter Records from Exposed AWS Bucket https://hackread.com/hacker-accesses-imdatacenter-records-exposed-aws-bucket/ #Misconfiguration #Cybersecurity #IMDataCenter #databreach #Security #security #Privacy #Leaks #LEAKS
-
Global Fashion Label SABO’s 3.5M Customer Records Exposed Online https://hackread.com/global-fashion-label-sabo-customer-records-leaked/ #Misconfiguration #Cybersecurity #databreach #Australia #Security #database #Privacy #Fashion #Leaks #cloud #LEAKS #SABO
-
Global Fashion Label SABO’s 3.5M Customer Records Exposed Online – Source:hackread.com https://ciso2ciso.com/global-fashion-label-sabos-3-5m-customer-records-exposed-online-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #cybersecurity #DataBreach #Australia #database #Hackread #security #Fashion #privacy #cloud #Leaks #SABO
-
Over 3.5 million customer records from Australian global fashion brand #SABO were exposed online containing over 292GB database without any security authentication or encryption.
🔗 https://hackread.com/global-fashion-label-sabo-customer-records-leaked
#CyberSecurity #Privacy #Australia #DataProtection #Misconfiguration
-
Massive Data Leak at Texas Adoption Agency Exposes 1.1 Million Records – Source:hackread.com https://ciso2ciso.com/massive-data-leak-at-texas-adoption-agency-exposes-1-1-million-records-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Misconfiguration #JeremiahFowler #cybersecurity #Vulnerability #DataBreach #Adoption #Hackread #security #privacy #cloud #Leaks #Texas #CRM
-
Massive Data Leak at Texas Adoption Agency Exposes 1.1 Million Records https://hackread.com/massive-data-leak-texas-adoption-agency-million-records/ #Misconfiguration #JeremiahFowler #Cybersecurity #Vulnerability #databreach #Security #Adoption #Privacy #Leaks #cloud #LEAKS #Texas #CRM
-
In August 2020, @SchizoDuckie and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."
In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by @JayeLTee, @masek, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.
Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately.
Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to @TonyYarusso and @bkoehn for their efforts.
#dataleak #misconfiguration #incidentresponse #incidentmanagement #responsibledisclosure #securityalert #infosec