IBM: IBM Aspera HTTP Gateway stores sensitive information in clear text in easily obtainable files which can be read by an unauthenticated user.

The IBM Aspera HTTP Gateway stored sensitive information in clear text in easily obtainable files, which could be read by an unauthenticated user. The issue was submitted to IBM, analyzed, and remediated...

Google to Delete Billions of Browsing Records in 'Incognito Mode' Privacy Lawsuit Settlement

Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by...

wtcsites.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-896298 Security Researcher geeknik Helped patch 8675 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting wtcsites.com website and it...

Data Breach Lessons from the Trenches

In this webcast Threatpost editor Tom Spring examines the data breach epidemic with the help of noted breach hunter and cybersecurity expert Chris Vickery. He shares how companies can identify their own insecure data, remediate against a data breach and offers tips on protecting data against futu...

FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors

The Federal Emergency Management Agency exposed the personal identifiable information of 2.3 million survivors of hurricanes Harvey, Irma and Maria and the California wildfires in 2017, by oversharing survivor data with a contractor when it wasn’t necessary. Worse, the contractor’s networks has...