Long-time users of certain Microsoft products, such as Hotmail, MSN, and Outlook found they may be wrapped up in a hack grabbing snippets of email information, and in some cases, a little bit more. Microsoft email services have been around forever in Internet time. Yet, many users still have a few Hotmail accounts rattling around. While most have long since moved on from MSN and Hotmail to Live … [Read more...]
April 16, 2019
April 15, 2019
March 27, 2019
Location data leaks from family tracking app database
An app called Family Locator, which allows family members to keep track of one another recently experienced an exposed database issue of the worst kind. Specifically: the MongoDB database was left exposed with no password, like so many other recent infosec tales of woe. The end result is the location of about 280,000 users leaking in real time. For a location tracking app that also includes … [Read more...]
March 22, 2019
Researchers go hunting for Netflix’s Bandersnatch
A new research paper from the Indian Institute of Technology Madras explains how popular Netflix interactive show Bandersnatch could fall victim to a side-channel attack. In 2016, Netflix began adding TLS (Transport Layer Security) to their video content to ensure strangers couldn’t eavesdrop on viewer habits. Essentially, now the videos on Netflix are hidden away behind HTTPS—encrypted and … [Read more...]
March 14, 2019
Mozilla launches Firefox Send for private file sharing
Mozilla look to reclaim some ground from the all-powerful Chrome with a new way to send and receive files securely from inside the browser. Firefox Send first emerged in 2017, promising an easy way to send documents without fuss. The training wheels have now come off and Send is ready to go primetime. Will it catch on with the masses, or will only a small, niche group use it to play document … [Read more...]
March 8, 2019
Zombie email rises from grave after eight years of radio silence
In a novel twist on “What happens to our accounts when we die,” we have “what happens to our abandoned accounts while we’re still alive”. In this case, UK ISP TalkTalk kept an old customer’s email account alive some eight years after she closed it—which left it wide open for takeover by spammers. If you’ve cancelled an account and wondered which bits of your digital data continue to … [Read more...]
March 1, 2019
Spectre, Google, and the Universal Read Gadget
Spectre, a seemingly never ending menace to processors, is back in the limelight once again thanks to the Universal Read Gadget. First seen at the start of 2018, Spectre emerged alongside Meltdown as a major potential threat to people’s system security. Meltdown and Spectre Meltdown targeted Intel processors and required a malicious process running on the system to interact with it. Spectre could … [Read more...]
February 20, 2019
February 14, 2019
Hacker destroys VFEmail service, wipes backups
An email service called VFEmail was essentially put out of business after a hack intended to delete everything in (and out of) sight. “Yes, @VFEmail is effectively gone. It will likely not return. I never thought anyone would care about my labor of love so much that they’d want to completely and thoroughly destroy it.” This wasn’t “just” a simple webpage compromise, … [Read more...]
February 11, 2019
