According to Gizmodo, "Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year." From the report: The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement on Saturday, TigerSwan implicated TalentPen, a third-party vendor apparently used by the firm to process new job applicants. "At no time was there ever a data breach of any TigerSwan server," the firm said. "All resume files in TigerSwan's possession are secure. We take seriously the failure of TalentPen to ensure the security of this information and regret any inconvenience or exposure our former recruiting vendor may have caused these applicants. TigerSwan is currently exploring all recourse and options available to us and those who submitted a resume."

Found on an insecure Amazon S3 bucket without the protection of a password, the cache of roughly 9,400 documents reveal extraordinary details about thousands of individuals who were formerly and may be currently employed by the U.S. Department of Defense and within the U.S. intelligence community. The files, unearthed this summer by a security analyst at the California-based cybersecurity firm UpGuard, were discovered in a folder labeled "resumes" containing the curriculum vitae of thousands of U.S. citizens holding Top Secret security clearances -- a prerequisite for their jobs at the Central Intelligence Agency, the National Security Agency, and the U.S. Secret Service, among other government agencies.

dustman81 writes: AT&T Uverse modems were found to have several serious vulnerabilities, including a superuser account with hardcoded username/password exposed to the internet via SSH, a HTTP server with little authentication which allows command injection, and an internet exposed service which exposes internal clients to external attacks. Information security consulting and software development firm Nomotion reports the findings in their blog: "It was found that the latest firmware update (9.2.2h0d83) for the NVG589 and NVG599 modems enabled SSH and contained hardcoded credentials which can be used to gain access to the modem's 'cshell' client over SSH. The cshell is a limited menu driven shell which is capable of viewing/changing the WiFi SSID/password, modifying the network setup, re-flashing the firmware from a file served by any tftp server on the internet, and even controlling what appears to be a kernel module whose sole purpose seems to be to inject advertisements into the user's unencrypted web traffic. Although no clear evidence was found suggesting that this module is actually being used currently, it is present, and vulnerable. Aside from the most dangerous items listed above, the cshell application is also capable of many other privileged actions. The username for this access is remotessh and the password is 5SaP9I26." The report continues to detail the other vulnerabilities: Default credentials 'caserver' https server NVG599; Command injection 'caserver' https server NVG599; Information disclosure/hardcoded credentials; and Firewall bypass no authentication.

Further reading: FierceTelecom; The Register

dcblogs shared an interesting article from IEEE-USA's "Insight" newsletter: Millennials, which date from the 1980s to mid-2000s, are the largest generation. But what will happen to this generation's tech workers as they settle into middle age? Will the median age of tech firms rise as the Millennial generation grows older...? The median age range at Google, Facebook, SpaceX, LinkedIn, Amazon, Salesforce, Apple and Adobe, is 29 to 31, according to a study last year by PayScale, which analyzes self-reported data... Karen Panetta, the dean of graduate engineering education at Tufts University and the vice president of communications and public relations at the IEEE-USA, believes the outcome for tech will be Logan's Run-like, where age sets a career limit... Tech firms want people with the current skills sets and those "without those skills will be pressured to leave or see minimal career progression," said Panetta...

The idea that the tech industry may have an age bias is not scaring the new college grads away. "They see retirement so far off, so they are more interested in how to move up or onto new startup ventures or even business school," said Panetta. "The reality sets in when they have families and companies downsize and it's not so easy to just pick up and go on to another company," she said. None of this may be a foregone conclusion. Millennials may see the experience of today's older workers as a cautionary tale, and usher in cultural changes...
David Kurtz, a labor relations partner at Constangy, Brooks, Smith & Prophete, suggests tech firms should be sharing age-related date about their workforce, adding "The more of a focus you place on an issue the more attention it gets and the more likely that change can happen. It's great to get the new hot shot who just graduated from college, but it's also important to have somebody with 40 years of experience who has seen all of the changes in the industry and can offer a different perspective."