Collaborate Disseminate
It is amazing that this sort of thing can still happen: …the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations. Telnet? Default passwords? In 2020? We have a long way to go to secure… Continue reading Half a Million IoT Passwords Leaked
iOS apps are repeatedly reading clipboard data, which can include all sorts of sensitive information. While Haj Bakry and Mysk published their research in March, the invasive apps made headlines again this week with the developer beta release of iOS 14. A novel feature Apple added provides a banner warning every time an app reads clipboard contents. As large numbers… Continue reading iPhone Apps Stealing Clipboard Data
Used Tesla components, sold on eBay, still contain personal information, even after a factory reset. This is a decades-old problem. It’s a problem with used hard drives. It’s a problem with used photocopiers and printers. It will be a problem with IoT devices. It’ll be a problem with everything, until we decide that data deletion is a priority…. Continue reading Used Tesla Components Contain Personal Information
Originally, ransomware didn’t involve any data theft. Malware would encrypt the data on your computer, and demand a ransom for the encryption key. Now ransomware is increasingly involving both encryption and exfiltration. Brian Krebs wrote about this in December. It’s a further incentive for the victims to pay. Recently, the aerospace company Visser Precision was hit by the DoppelPaymer ransomware…. Continue reading Ransomware Now Leaking Stolen Documents
This is a big deal: Whisper, the secret-sharing app that called itself the "safest place on the Internet," left years of users’ most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed. […] The records were viewable on a non-password-protected database open… Continue reading The Whisper Secret-Sharing App Exposed Locations
Krebs on Security is reporting a massive data leak by the real estate title insurance company First American Financial Corp. "The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbe… Continue reading First American Financial Corp. Data Records Leak
Krebs on Security is reporting a massive data leak by the real estate title insurance company First American Financial Corp. "The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbers, drivers licenses, account statements, and even internal corporate documents if you’re a small business. You give them all kinds of private… Continue reading First American Financial Corp. Data Records Leak
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results…. Continue reading Personal Data Left on Used Laptops
In the past few years, the devastating effects of hackers breaking into an organization’s network, stealing confidential data, and publishing everything have been made clear. It happened to the Democratic National Committee, to Sony, to the National Security Agency, to the cyber-arms weapons manufacturer Hacking Team, to the online adultery site Ashley Madison, and to the Panamanian tax-evasion law firm… Continue reading Organizational Doxing and Disinformation