Tech and Cybersecurity

More than 1 million e-learning users data exposed from a misconfigured and unencrypted Amazon S3 buckets and other types of servers. The exposed data can be accessed by anyone online without any form of authentication. The breach was found by researchers at Wizcase, the breach affects 5 different eLearning Companies around the globe. The data found to be stored 4 Amazon S3 buckets and an ElasticSearch server, due to misconfigurations the data are available publically. Following are the data exposed; Full names Email addresses ID numbers Phone numbers Home addresses Date of birth Specific course and school information

Researchers discovered a new trojan Masad Stealer to deliver the powerful spyware on the targeted systems and exfiltrate the stolen data via Telegram. Masad Stealer using Telegram as a command and control channel to maintain the anonymity and hide the malware communication traffic. Recent pas, several hacking groups are  abusing the Telegram  and used it as a part of their attack in different categories of a malicious campaign. Malware developers who behind the Masad Stealer advertised in the underground hacking forums as it is capable of steals browser data, which might contain usernames, passwords, and credit card information. Also, it automatically replaces the own cryptocurrency wallets from the clipboard with the help of Telegram bot that controlled by the attacker behind the scene. Researchers believe that Masad Stealer is currently an ongoing campaign and actively attacking the thousands of victims around the world. also, the command and control bot still alive at this time of w