Hariexpress has unwittingly exposed close to 1.8 billion records, including customers’ and sellers’ personal information, after misconfiguring an Elasticsearch server, according to researchers.

The team will provide services in four key areas: strategic advisory, trust and compliance, security customer and solutions engineering, and threat intelligence and incident response.

MITRE has created two new organizations intended to help the company better focus on cybersecurity threats to critical infrastructure and new approaches to public health challenges.

The shut down of systems due to the cyberattack has led to widespread disruption for the bank, with ATMs no longer working and the online banking portals showing maintenance messages.

For its October 2021 Security Patch Day, SAP announced the release of 13 new security notes and an update for a previously released note. Three of the notes are rated Hot News.

Researchers at the Synopsys Cybersecurity Research Center discovered medium-severity SQL injection, path traversal, and XSS vulnerabilities that could be exploited by authenticated users.

MyKings is a long-standing and relentless botnet that has been active since at least 2016. Since then it has spread and extended its infrastructure so much that it has even gained multiple names.

The Check Point Research team said that flaws in the OpenSea NFT marketplace could have allowed “hackers to hijack user accounts and steal entire crypto wallets of users, by sending malicious NFTs.”

People who use ransomware to conduct extortion will be slapped with new stand-alone aggravated criminal charges. Another offense has also been created for those attacking critical infrastructure.

Transparency, Consent, and Control (TCC) is a system for requiring user consent to access certain data, via prompts confirming that the user is okay with an app accessing that data.