UpGuard found 450 million Facebook user records exposed online. TechCrunch notes the data were in unsecured AWS buckets belonging to third-parties Cultura Collectiva and now-defunct At The Pool. Reuters says the information has now been taken down.
According to Reuters, pharmaceutical and agricultural chemical giant Bayer this morning announced that it had sustained a network intrusion by the Winnti group. Active since at least 2010, Winnti has been associated with Chinese intelligence services, cutting its teeth on monitoring disfavored domestic populations (including Uyghurs and Tibetans) and then moving on to industrial espionage. The goal of the operation seems to have been data theft, not attacks on industrial control systems. Bayer detected and contained the attack last year, and have been quietly monitoring it since.
Booz Allen researchers tracking GlitchPOS (described earlier by Cisco Talos) report that the malware has evolved, which suggests strongly that its masters are actively maintaining it. Its most interesting new functionality is an offline mode, which could enable targeting of systems without direct Internet connections, and which might also represent a quieter mode of operation, reducing chatter to command-and-control servers.
AT&T Cybersecurity's Alien Labs reports finding a Python-based bot scanner, "Xwo," actively looking for exposed services and default passwords left in use.
Apps really do ask for a lot more permissions in users' mobile devices than they reasonably need, a Wandera study concludes.
NSA has placed its Ghidra reverse engineering tool's source code on GitHub.
Venezuela's Chavista regime continues its unlikely insistence that it's under cyberattack.