Ad-Blocker Ghostery reveals hundreds of User Email Addresses

Ad-blocking tool Ghostery suffered from a pretty impressive, self-inflicted screwup Friday when the privacy-minded company accidentally CCed hundreds of its users in an email, revealing their addresses to all recipients. What happened? Fittingly, the inadvertent data exposure came in the form of an email updating Ghostery users about the company’s data collection policies. The ad... Continue Reading →

1.5 Billion data leaked during the first three months in 2018

Everyone thinks he can configure his own business or private server or NAS/cloud more secure than Google & Co. as a result we got another massive data leak - 1.5 billion files were found by Digital Shadows researcher, these leak expose millions of people and companies. Misconfigured FTP, SMB, Rsync, and S3 Buckets Research found... Continue Reading →

A bad week for Facebook – Four separate lawsuits in one week

Following the Cambridge Analytica data privacy scandal which involved the firm improperly acquiring information from more than 50 million Facebook users. A lot of Internet users and companies alike have expressed their distaste with the way Facebook has handled the situation. Four lawsuits in one week following Cambridge Analytica data privacy scandal Two days ago Mozilla opted to pull their... Continue Reading →

Edword Snowden reveals that Bitcoin and Blockchain are monitored since the beginning

It's not really a surprise anymore, since basically everything will be abused and monitored - if possible - but for those which aren't involved in the security topics - Edward Snowden is behind the new information writings by The Intercept revealing that the NSA has been tracking Bitcoin users since 2013. Snowden has classified documentation... Continue Reading →

UK & Australian government hit with crypto mining malware

The cryptocurrency mining malware problem is extending into parts of the world that no one expected, with the UK government now directly affected with "thousands of websites" including sites belonging to NHS (National Health Services). And because that's not already hard enough to take, the Australian government got also infected just two days after the UK... Continue Reading →

Grammarly Web Extension Hit By Data-Leak Flaw 22 mio. Users at risk

Grammarly, maybe the most used spellchecker with the most users, has patched a bug that left users’ data exposed to malicious third-party websites. The browser extensions allow the service to check text typed into web-based applications including Gmail, Facebook, Twitter and LinkedIn, as well as online publishing systems such as WordPress. The company also offers... Continue Reading →

YouTube Ads Hijacked Visitors’ Computers to Mine Cryptocurrency in the background

YouTube was infected with cryptocurrency-mining ads this week. According to Trend Micro, ads from Google's DoubleClick platform contained Javascript for mining Monero via Coinhive. The issue became obvious when AV software began flagging the site and users noticed higher-than-normal CPU usage.     The real problems are CDNs The real problem isn't that such technique... Continue Reading →

Backdoor and vulnerabilities found in WD MyCloud NAS devices

Another big leak, WD integrates a backdoor in their MyCloud NAS devices! Found by gulftech. The community seems really angry about it. Affected products MyCloud <= 2.30.165 MyCloudMirror <= 2.30.165 My Cloud Gen 2 My Cloud PR2100 My Cloud PR4100 My Cloud EX2 Ultra My Cloud EX2 My Cloud EX4 My Cloud EX2100 My Cloud EX4100... Continue Reading →

Microsoft Word subDoc Feature Abused to Steal Windows Credentials

Rhino Labs has discovered a new way to get your Windows credentials using the subDoc feature of Microsoft Word. The bad guys insert a sub-document into a Word file from a server out on the internet. How does it work? This sub-document tricks the PC into giving up the NTLM hash needed for authentication. Once they have... Continue Reading →

Blog at

Up ↑

%d bloggers like this: