In what's become a dog-bites-man story (or maybe even an evergreen) another unsecured Amazon Web Services S3 bucket has been found, open online and misconfigured for public access. This one held data belonging to the National Credit Federation (NCF), and contained some 111GB of data, much of it in the form of sensitive credit records. Up to forty-thousand individuals may have been affected, but UpGuard, which found the data, saw no evidence anyone had actually stolen the data.
As more reports emerge of the scurrilous content of Russian election trolling in the US, it seems Russia also feels itself under threat. The Kremlin sees a coordinated US campaign to turn Russia's oligarchs against their government.
The Cobalt hackers, criminals who target financial institutions with phish-baited malware, may have committed a misstep. Some of their spam appears to reveal their intended targets in the most obvious place: the emails' "To" field. But there's speculation this may be misdirection intended to send security researchers on a wild goose chase while Cobalt unobtrusively pursues its real targets.
Cisco has patched its widely used WebEx players.
A quick look back at Black Friday weekend suggests good news. According to Iovation, credit card fraud appears to be down 29% from 2016.
A team of investigators formed by South Korea's Ministry of Defense is said to have concluded that the Republic of Korea's Cyber Command illegitimately sought to influence 2012's domestic elections.
Uber faces a rising tide of lawsuits. It's also apparently losing business to Lyft.