The Vulnerability Disclosure Process: Still Broken

Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits. Continue reading The Vulnerability Disclosure Process: Still Broken

Myspace vs. Facebook: the good old days?

There’s a debate happening at the moment: Myspace vs. Facebook. Was it safer? Easier to use? More welcoming of sparkly gifs? We take a walk down memory lane and remind you that privacy and safety concerns plagued ye old social networks of yore.
Ca… Continue reading Myspace vs. Facebook: the good old days?

Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018

A story published here last week warned readers about a vast network of potentially malicious Web sites ending in “.cm” that mimic some of the world’s most popular Internet destinations (e.g. espn[dot]cm, aol[dot]cm and itunes[dot].cm) in a bid to bombard hapless visitors with fake security alerts that can lock up one’s computer. If that piece lacked one key detail it was insight into just how many people were mistyping .com and ending up at one of these so-called “typosquatting” domains.

On March 30, an eagle-eyed reader noted that four years of access logs for the entire network of more than 1,000 dot-cm typosquatting domains were available for download directly from the typosquatting network’s own hosting provider. The logs — which include detailed records of how many people visited the sites over the past three years and from where — were deleted shortly after that comment was posted here, but not before KrebsOnSecurity managed to grab a copy of the entire archive for analysis. Continue reading Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018

Omitting the “o” in .com Could Be Costly

Take care when typing a domain name into a browser address bar, because it’s far too easy to fat-finger a key and wind up somewhere you don’t want to go. For example, if you try to visit some of the most popular destinations on the Web but omit the “o”… Continue reading Omitting the “o” in .com Could Be Costly

Operator of hacked password service Leakedsource.com arrested

By Waqas
On January 27, 2017, the breach notification and password service Leakedsource.com
This is a post from HackRead.com Read the original post: Operator of hacked password service Leakedsource.com arrested
Continue reading Operator of hacked password service Leakedsource.com arrested

Operator of hacked password service Leakedsource.com arrested

By Waqas
On January 27, 2017, the breach notification and password service Leakedsource.com
This is a post from HackRead.com Read the original post: Operator of hacked password service Leakedsource.com arrested
Continue reading Operator of hacked password service Leakedsource.com arrested

Smashing Security #034: The pen is mightier than the password

The UK government wants you to give your credit card details to porn sites, Ashley Madison offers compensation to the people whose lives it ruined, and an adult website wants you to pass its unorthodox and below-the-belt biometric identity check… gul… Continue reading Smashing Security #034: The pen is mightier than the password

July 18, 2017 – Hack Naked News #133

Forgetting your Windows password, bidding farewell to SMS authentication, reviewing Black Hat USA 2017, Ubuntu Linux for Windows 10, and more. Jason Wood of Paladin Security joins us to discuss companies being breached due to misconfiguration on this episode of Hack Naked News! News Google wants you to bid farewell to SMS authentication – Google’s campaign to […]

The post July 18, 2017 – Hack Naked News #133 appeared first on Security Weekly.

Continue reading July 18, 2017 – Hack Naked News #133