Collaborate Disseminate
I have a scenario where the developers are using SafetyNet API to protect their Android apps. I observed that the SafetyNet API key has been hard-coded within the apk file. This is the first time I came across this behaviour.
Is this expos… Continue reading Is having hard-coded API keys such as the SafetyNet API key considered a vulnerability?
Try to put yourself in the place of an engineer tasked with building a camera in 1961. Your specs include making it easy to operate, giving it automatic exposure control, …read more Continue reading A Solar-Powered Point-and-Shoot, circa 1961
PTI reports: Akasa Air has suffered data breach resulting in access of user information by unauthorised individuals. The airline, which started operations on August 7, has apologised to its customers and has “self-reported the incident” to … Continue reading Akasa Air suffers data breach
Tevye Markson reports: The Government Legal Department has launched an investigation after a data leak in which the names of civil servants claiming expenses was published online. Documents showing officials’ names were published on GOV.UK accide… Continue reading UK: Officials’ personal info published online by government lawyers in ‘regrettable’ data leak
Steve Hunter reports: A city of Kent staff member “inadvertently disclosed to (another city) employee a file containing the 2020 W-2 Wage and Tax Statement information for all city employees,” according to an email sent by Chief Administrative Officer … Continue reading WA: W-2 wage information of Kent city employees ‘inadvertently disclosed’ | Update
On August 6, Waqas reported that a Chinese adult site platform had leaked more than 14 million user accounts with more than 24 GB of files. The server was reportedly updating itself with new information every second. Hjedd, an infamous Chinese adult co… Continue reading Chinese adult site leaking 14 million user details — and it’s increasing?!
Stephen Hunt reports: WestJet says it’s investigating a technical glitch on its app that allowed users to see other people’s profiles. CTV News first learned of the issue Wednesday afternoon from a viewer and a Twitter post that indicated t… Continue reading WestJet app data breach reveals other people’s personal information
Sebastian Bron reports: About 230 patients at St. Joseph’s Healthcare Hamilton had their health records recently faxed to the wrong person in what the hospital attributed to an “error.” St. Joe’s said in a release Friday that the misdirected faxes — wh… Continue reading Ca: St. Joe’s contacting 230 patients whose health records were faxed to wrong people
Stephen Gutowski reports: California gun owners have been put at risk by the Attorney General’s office after a new dashboard leaked their personal information. The California Department of Justice’s 2022 Firearms Dashboard Portal went live on Monday wi… Continue reading Massive Trove of Gun Owners’ Private Information Leaked by California Attorney General
Bill Toulas reports: Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. […] Researchers at Cyble have conducted an exercise to loca… Continue reading Over 900,000 Kubernetes instances found exposed online