Poorly configured Apache Airflow Instances leak credentials for popular services.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 04 October 2021, 2027 UTC.

Content supplied by “The Hacker News.”



Please click link or scroll down to read your selections.

The Hacker News Daily Updates

How Tessian Closes Critical DLP Gaps in Microsoft Office 365

Although Microsoft Office 365 provides foundational rule-based DLP and data classification in a bid to address compliance requirements, it fails to protect against data loss caused by people.

Download Now Sponsored
LATEST NEWS Oct 4, 2021

Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services

Cybersecurity researchers on Monday discovered misconfigurations across older versions of Apache Airflow instances belonging to a number of high-profile companies across various sectors, resulting in the exposure of sensitive credentials for popular platforms and services such as Amazon Web …

Read More

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive …

Read More

The Shortfalls of Mean Time Metrics in Cybersecurity

Security teams at mid-sized organizations are constantly faced with the question of “what does success look like?”. At ActZero, their continued data-driven approach to cybersecurity invites them to grapple daily with measuring, evaluating, and validating the work they do on behalf of their …

Read More

Apple Pay Can be Abused to Make Contactless Payments From Locked iPhones

Cybersecurity researchers have disclosed an unpatched flaw in Apple Pay that attackers could abuse to make an unauthorized Visa payment with a locked iPhone by taking advantage of the Express Travel mode set up in the device’s wallet. “An attacker only needs a stolen, powered on iPhone. The …

Read More

Chinese Hackers Used a New Rootkit to Spy on Targeted Windows 10 Users

A formerly unknown Chinese-speaking threat actor has been linked to a long-standing evasive operation aimed at South East Asian targets as far back as July 2020 to deploy a kernel-mode rootkit on compromised Windows systems. Attacks mounted by the hacking group, dubbed GhostEmperor by Kaspersky, …

Read More

EDI Requirements Checklist for Selecting the Best EDI System

Get an expert list of the top Electronic Data Interchange (EDI) requirements to consider when acquiring a new system. Use this document & template to identify your key criteria and select and compare top EDI systems for your company.

Download Now Sponsored

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts. Thanks for joining us today.

Russ Roberts