Bleeping Computer: New Chrome Password Stealer Sends Stolen Data to a MongoDB Database

Bleeping Computer: New Chrome Password Stealer Sends Stolen Data to a MongoDB Database. “A new Windows trojan has been discovered that attempts to steal passwords stored in the Google Chrome browser. While this is nothing unique, what stands out is that the malware uses a remote MongoDB database to store the stolen passwords.”

Naked Security: Attackers ransom bookseller’s exposed MongoDB database

Naked Security: Attackers ransom bookseller’s exposed MongoDB database. “Exposed MongoDB databases have become the easy money-maker ransomware criminals are busy filling their boots with. In mid-July 2019, another database fell to the extortion hackers, this time containing 2.1 million records belonging to well-known Mexican publisher and bookseller, Librería Porrúa.”

MongoDB Database Exposed 188 Million Records: Researchers (Bank Info Security)

Bank Info Security: MongoDB Database Exposed 188 Million Records: Researchers. “Security researchers have found yet another unsecured database that left personal data exposed to the internet. In this latest case, a MongoDB database containing about 188 million records, mostly culled from websites and search engines, was exposed, researchers say.”

Threatpost: MongoDB Leak Exposed Millions of Medical Insurance Records

Threatpost: MongoDB Leak Exposed Millions of Medical Insurance Records. “MedicareSupplement.com is a U.S.-based marketing site that allows users to find supplemental medical insurance available in their area. Researchers on Thursday said that they found a publicly-available MongoDB database on May 13 that had been online for several days. The exposed data appeared to be part of the website’s marketing leads database and did not have a password or any authentication protecting it.”

Wired: A Plan to Stop Breaches With Dead Simple Database Encryption

Wired: A Plan to Stop Breaches With Dead Simple Database Encryption. “Data breaches and exposures have become so common these days, it’s difficult to keep track of them all, much less step back to mull a solution. But, perhaps out of necessity, researchers from the database giant MongoDB have spent the past two years developing a new database encryption scheme aimed squarely at reducing these damaging incidents. Their secret weapon? Radical simplicity.”