Notices by GeniusMusing (geniusmusing@nu.federati.net), page 3
-
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 07-Sep-2021 23:45:57 UTC GeniusMusing McDonald's leaks password for Monopoly VIP database to winners
https://nu.federati.net/url/282831
>A bug in the McDonald's Monopoly VIP game in the United Kingdom caused the login names and passwords for the game's database to be sent to all winners.
>
>After skipping a year due to COVID-19, McDonald's UK launched their popular Monopoly VIP game on August 25th, where customers can enter codes found on purchase food items for a chance to win a prize. These prizes include £100,000 in cash, an Ibiza villa or UK getaway holiday, Lay-Z Spa hot tubs, and more.
>
>Unfortunately, the game hit a snag over the weekend after a bug caused the user name and passwords for both the production and staging database servers to be in prize redemption emails sent to prize winners.
>...
Do you want fries with that database? -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Sunday, 29-Aug-2021 23:05:39 UTC GeniusMusing Hurricane Ida Reversed the Mississippi River
https://gizmodo.com/ida-reversed-the-mississippi-river-1847581160
>The Mississippi was discharging roughly 350,000 cubic feet (9,910 cubic meters) of water per second in the days prior to Ida’s arrival. Water moved upstream at a rate of 40,000 cubic feet (1,132 cubic meters) per second. -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 27-Aug-2021 16:34:54 UTC GeniusMusing Why is this "cloud storage" still a thing?
EXCLUSIVE-Microsoft warns thousands of cloud customers of exposed databasesemails Reuters
https://www.reuters.com/article/microsoft-security-idUSL1N2PX2W7
>SAN FRANCISCO, Aug 26 (Reuters) - Microsoft on Thursday warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher.
>
>The vulnerability is in Microsoft Azure’s flagship Cosmos database. A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies. Wiz Chief Technology Officer Ami Luttwak is a former chief technology officer at Microsoft’s Cloud Security Group.
>
>Because Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones. Microsoft agreed to pay Wiz $40,000 for finding the flaw and reporting it, according to an email it sent to Wiz.
>... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 20-Aug-2021 23:14:22 UTC GeniusMusing Exclusive: Hacker Selling Private Data Allegedly from 70 Million AT&T Customers RestorePrivacy
https://restoreprivacy.com/att-data-breach-70-million-customers/
>A well-known threat actor with a long list of previous breaches is selling private data that was allegedly collected from 70 million AT&T customers. We analyzed the data and found it to include social security numbers, date of birth, and other private information. The hacker is asking $1 million for the entire database (direct sell) and has provided RestorePrivacy with exclusive information for this report.
>
>Update: AT&T has initially denied the breach in a statement to RestorePrivacy. The hacker has responded by saying, “they will keep denying until I leak everything.”
>
>Hot on the heels of a massive data breach with T Mobile earlier this week, AT&T now appears to be in the spotlight. A well-known threat actor in the underground hacking scene is claiming to have private data from 70 million AT&T customers. The threat actor goes by the name of ShinyHunters and was also behind other previous exploits that affected Microsoft, Tokopedia, Pixlr, Mashable, Minted, and more.
>...
Next Verizon? -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Thursday, 19-Aug-2021 16:14:13 UTC GeniusMusing CVE-2021-25218: A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use Security Advisories
https://kb.isc.org/v1/docs/cve-2021-25218
>CVE: CVE-2021-25218
>Document version: 2.0
>Posting date: 18 August 2021
>Program impacted: BIND
>Versions affected: BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition
>Severity: High
>Exploitable: Remotely
>Description:
>If named attempts to respond over UDP with a response that is larger than the current effective interface maximum transmission unit (MTU), and if response-rate limiting (RRL) is active, an assertion failure is triggered (resulting in termination of the named server process).
>... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 17-Aug-2021 01:15:00 UTC GeniusMusing The "S" in T-Mobile stands for security...
T-Mobile Investigating Claims of Massive Data Breach – Krebs on Security
https://krebsonsecurity.com/2021/08/t-mobile-investigating-claims-of-massive-data-breach/
>Communications giant T-Mobile said today it is investigating the extent of a breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer’s mobile device.
>
>On Sunday, Vice.com broke the news that someone was selling data on 100 million people, and that the data came from T-Mobile. In a statement published on its website today, the company confirmed it had suffered an intrusion involving “some T-Mobile data,” but said it was too soon in its investigation to know what was stolen and how many customers might be affected.
snip
>The hacker(s) claim the purloined data also includes IMSI and IMEI data for 36 million customers. These are unique numbers embedded in customer mobile devices that identify the device and the SIM card that ties that customer’s device to a telephone number.
>
>“If you want to verify that I have access to the data/the data is real, just give me a T-Mobile number and I’ll run a lookup for you and return the IMEI and IMSI of the phone currently attached to the number and any other details,” @und0xxed said. “All T-Mobile USA prepaid and postpaid customers are affected; Sprint and the other telecoms that T-Mobile owns are unaffected.”
>
>Other databases allegedly accessed by the intruders included one for prepaid accounts, which had far fewer details about customers.
>... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 07-Aug-2021 03:56:03 UTC GeniusMusing SeaMonkey is the only one that comes to mind.
Add to that the 50 million monthly users they have lost in the past three years and I am not sure if it will last for more than a few years. I find myself asking the question of what browser/email client do I use next? Maybe time to do some research and writing.
SeaMonkey:Home Page MozillaWiki
https://wiki.mozilla.org/SeaMonkey:Home_Page
>SeaMonkey 1.0, first released in January 2006. -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 06-Aug-2021 23:36:15 UTC GeniusMusing Apple explains how iPhones will scan photos for child-sexual-abuse images Ars Technica
https://nu.federati.net/url/282291
>Shortly after reports today that Apple will start scanning iPhones for child-abuse images, the company confirmed its plan and provided details in a news release and technical summary.
>
>"Apple's method of detecting known CSAM (child sexual abuse material) is designed with user privacy in mind," Apple's announcement said. "Instead of scanning images in the cloud, the system performs on-device matching using a database of known CSAM image hashes provided by NCMEC (National Center for Missing and Exploited Children) and other child safety organizations. Apple further transforms this database into an unreadable set of hashes that is securely stored on users' devices."
>
>Apple provided more detail on the CSAM detection system in a technical summary and said its system uses a threshold "set to provide an extremely high level of accuracy and ensures less than a one in one trillion chance per year of incorrectly flagging a given account."
>
>The changes will roll out "later this year in updates to iOS 15, iPadOS 15, watchOS 8, and macOS Monterey," Apple said. Apple will also deploy software that can analyze images in the Messages application for a new system that will "warn children and their parents when receiving or sending sexually explicit photos."
>...
Related:
Apple's Plan to "Think Different" About Encryption Opens a Backdoor to Your Private Life Electronic Frontier Foundation
https://nu.federati.net/url/282292 -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Thursday, 05-Aug-2021 19:10:32 UTC GeniusMusing Microsoft announces new 'Super Duper Secure Mode' for Edge The Record by Recorded Future
https://therecord.media/microsoft-announces-new-super-duper-secure-mode-for-edge/
>Microsoft said today it plans to run an experiment in its Edge web browser where it will intentionally disable an important performance and optimization feature in order to enable more advanced security upgrades in what the company is calling Edge Super Duper Secure Mode.
>
>Announced today by Johnathan Norman, Microsoft Edge Vulnerability Research Lead, the idea behind the new Super Duper Secure Mode is to disable support for JIT (Just-In-Time) inside V8, the Edge browser’s JavaScript engine.
>
>JIT, while unknown to most end-users, plays a crucial role in all of today’s web browsers. JIT works by taking JavaScript and compiling it to machine code ahead of time. If the browser needs the code, it gains a significant speed boost. If it doesn’t, the code is discarded.
>
>However, JIT support in V8 is complex. Norman said JIT-related security issues amounted to 45% of all V8 vulnerabilities in 2019. Furthermore, more than half of the “in the wild” Chrome exploits rely on JIT-related bugs.
>...
HAHAHAHAHAHAHAHAHAhahahahahahahahahahahaha
Super Duper Secure Mode
HAHAHAHAHAHAHAHAHAhahahahahahahahahahahaha
It's like they aren't even trying with the naming thing... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 16-Jul-2021 23:37:11 UTC GeniusMusing This is all sorts of messed up. -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Monday, 12-Jul-2021 01:22:04 UTC GeniusMusing Kaseya's Staff Sounded the Alarm About Security Flaws for Years Before Ransomware Attack
https://gizmodo.com/kaseyas-staff-sounded-the-alarm-about-security-flaws-fo-1847270346
>Employees say they quit in frustration or were fired over glaring cybersecurity issues that went ignored. -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Thursday, 08-Jul-2021 18:00:54 UTC GeniusMusing TLDR: Security company fails at securing it's own stuff for months and years.
Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software – Krebs on Security
https://nu.federati.net/url/281844
>Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.
>
>On July 3, the REvil ransomware affiliate program began using a zero-day security hole (CVE-2021-30116) to deploy ransomware to hundreds of IT management companies running Kaseya’s remote management software — known as the Kaseya Virtual System Administrator (VSA).
>
>According to this entry for CVE-2021-30116, the security flaw that powers that Kaseya VSA zero-day was assigned a vulnerability number on April 2, 2021, indicating Kaseya had roughly three months to address the bug before it was exploited in the wild.
>
>Also on July 3, security incident response firm Mandiant notified Kaseya that their billing and customer support site —portal.kaseya.net — was vulnerable to CVE-2015-2862, a “directory traversal” vulnerability in Kaseya VSA that allows remote users to read any files on the server using nothing more than a Web browser.
>
>As its name suggests, CVE-2015-2862 was issued in July 2015. Six years later, Kaseya’s customer portal was still exposed to the data-leaking weakness.
>... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 02-Jul-2021 16:33:22 UTC GeniusMusing But wait! There's Moar!
Another 0-Day Looms for Many Western Digital Users – Krebs on Security
https://krebsonsecurity.com/2021/07/another-0-day-looms-for-many-western-digital-users/
>At issue is a remote code execution flaw residing in all Western Digital network attached storage (NAS) devices running MyCloud OS 3, an operating system the company only recently stopped supporting. -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Wednesday, 30-Jun-2021 20:31:32 UTC GeniusMusing Related:
The Looming Stagflationary Debt Crisis by Nouriel Roubini Project Syndicate
https://nu.federati.net/url/281727
>Years of ultra-loose fiscal and monetary policies have put the global economy on track for a slow-motion train wreck in the coming years. When the crash comes, the stagflation of the 1970s will be combined with the spiraling debt crises of the post-2008 era, leaving major central banks in an impossible position.
>... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 26-Jun-2021 13:43:37 UTC GeniusMusing Something, something history...
A Coronavirus Epidemic Hit 20,000 Years Ago, New Study Finds Slashdot
https://nu.federati.net/url/281681
>Researchers have found evidence that a coronavirus epidemic swept East Asia some 20,000 years ago and was devastating enough to leave an evolutionary imprint on the DNA of people alive today. The new study suggests that an ancient coronavirus plagued the region for many years, researchers say. The finding could have dire implications for the Covid-19 pandemic if it's not brought under control soon through vaccination. "It should make us worry," said David Enard, an evolutionary biologist at the University of Arizona who led the study, which was published on Thursday in the journal Current Biology. "What is going on right now might be going on for generations and generations."
The story, walled but can be read using Firefox Reader view.
A Coronavirus Epidemic Hit 20,000 Years Ago, New Study Finds The New York Times
https://www.nytimes.com/2021/06/24/science/ancient-coronavirus-epidemic.html
The study.
An ancient viral epidemic involving host coronavirus interacting genes more than 20,000 years ago in East Asia: Current Biology
https://nu.federati.net/url/281682 -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 25-Jun-2021 18:31:42 UTC GeniusMusing xkcd: Duty Calls
https://xkcd.com/386/ -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Thursday, 24-Jun-2021 23:35:03 UTC GeniusMusing Maybe that is why I have never really looked there.
Forbidden Technology.
Maybe someone needs a band name... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 15-Jun-2021 02:12:39 UTC GeniusMusing Stay cool down there, the high for this week (assuming they are close to correct) for us up north is 87F so not too bad.
Dangerous heatwave grips US south-west as temperatures hit 120F in some areas Climate crisis in the American west | The Guardian
https://nu.federati.net/url/281523 -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Sunday, 06-Jun-2021 23:55:20 UTC GeniusMusing GitHub soapdog/little-webby-press: A PWA to generate eBooks
https://github.com/soapdog/little-webby-press
>This project is done with NodeJS and Svelte.
Gonna pass... -
GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 05-Jun-2021 16:32:43 UTC GeniusMusing I would add this
(5) The one where you may travel to.
While this would mainly have to deal with the content that is being hosted, depending on the LJ they might not care if you actually posted it or were just hosting it.
From a couple years ago.
Thai activists accused of insulting monarchy 'disappear' in Vietnam Thailand | The Guardian
https://nu.federati.net/url/281422
>Article 112 of Thailand’s criminal code says anyone who insults the king, queen, heir or regent faces punishment of up to 15 years in prison.
I am sure they are not the only one to have laws like this and they may well include other things.