Threatpost

AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web

Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration.

Feds Offer $5M Reward to Nab ‘Evil Corp’ Dridex Hacker

Authorities cracked down on cybercrime group Evil Corp. with sanctions and charges against its leader, known for his lavish lifestyle.

HackerOne Breach Leads to $20,000 Bounty Reward

HackerOne has paid out $20,000 to a bounty hunter who discovered a session cookie issue, due to "human error," on the bug bounty platform.

OpenBSD Hit with Authentication, LPE Bugs

The authentication bypass (CVE-2019-19521) is remotely exploitable.

‘Ultimate’ MiTM Attack Steals $1M from Israeli Startup

Researchers uncovers "ultimate man-in-the-middle attack" that used an elaborate spoofing campaign to fool a Chinese VC firm and rip off an emerging business.

ThreatList: 1 in 9 SMBs Believe Nation-State Actors Are Targeting Them

Larger SMBs are more likely to feel targeted by APTs.

Nebraska Medicine Breached By Rogue Employee

Nebraska Medicine is warning that a rogue, former employee accessed patients' medical records, Social Security numbers and more.

‘Highly Competitive’ Buer Loader Emerges in Underground Markets

A previously undocumented loader has been discovered in several recent malware campaigns and being sold on underground markets.

Iran Targets Mideast Oil with ZeroCleare Wiper Malware

Likely the work of APT34, ZeroCleare is bent on destruction and disruption, rather than information-stealing.

EFF Talks the Corporate Surveillance of Consumers

The EFF explains how data is being tracked and used on the web and mobile devices, how consumers can protect themselves - and why it's not all bad news.

Distributed by aarss.com.