Readit News logoReadit News
steffanA commented on Google suffers data breach in ongoing Salesforce data theft attacks   bleepingcomputer.com/news... · Posted by u/mikece
mrweasel · 5 months ago
Oh, so I wonder if that's also how KLM lost my data.
steffanA · 5 months ago
Same campaign
steffanA commented on Cheap rj45 ethernet to USB adapter contains malware   twitter.com/evapro30/stat... · Posted by u/rsecora
nirui · a year ago
Can you call it "auto-running" when they it don't even bother to pack in an autorun.inf? (based on https://x.com/evapro30/status/1878635208582562113)
steffanA · a year ago
The autorun.inf would be in the flash drive, not the executable they uploaded to Any.Run. Were any pics of the flash drive contents shared?
steffanA commented on Internet Archive breached again through stolen access tokens   bleepingcomputer.com/news... · Posted by u/vladyslavfox
gweinberg · a year ago
Does anyone know who is targeting the Internet Archive, and why? I get the impression the attacks are too sophisticated for it to just be vandal punks.
steffanA · a year ago
Nothing sophisticated about this attack.
steffanA commented on Internet Archive breached again through stolen access tokens   bleepingcomputer.com/news... · Posted by u/vladyslavfox
dokyun · a year ago
The group that claimed to be responsible for the first hack was said to be Russian-based, anti-U.S., pro-Palestine, and their reasoning for the attack was because of IA's violation of copyright....

I think you should draw your own more informed conclusions, but it smells a lot like feds to me.

steffanA · a year ago
The people who DDoSed Internet Archive never claimed to be behind the breach. That was some media companies who misreported this.

The breach happened over a week before the DDoS attack, according to Troy Hunt.

Stop looking for conspiracy theories.

steffanA commented on Internet Archive breached again through stolen access tokens   bleepingcomputer.com/news... · Posted by u/vladyslavfox
udev4096 · a year ago
Is it the same email spoofing attack vector of zendesk which was disclosed last week?
steffanA · a year ago
Article says API token was stolen in original breach.
steffanA commented on Internet Archive: Security breach alert   theverge.com/2024/10/9/24... · Posted by u/ewenjo
Springtime · a year ago
Just in terms of privacy, it's worth noting that anyone who has uploaded something on IA already has their email address publicly viewable.

This isn't something that commonly known (even judging by comments here) but in the publicly viewable metadata of every upload it contains the uploader's IA account email address. So from a security perspective it's bad but from a privacy perspective a lot of users probably weren't aware of this detail if they've uploaded anything.

steffanA · a year ago
This is bad enough. This alone is a privacy bug/data leak.

Theoretically, someone could scrape the pages and compile a list of exposed email addresses.

steffanA commented on Internet Archive: Security breach alert   theverge.com/2024/10/9/24... · Posted by u/ewenjo
Aachen · a year ago
Voluntary sharing, since afaik they don't pay the criminals to get the data. Either the criminals share it directly (fat chance, usually), or someone else bought it and shared it either publicly, privately with HIBP, or privately with someone who then reported it to HIBP

How this specific instance unfolded, time will have to tell. The leak may have occurred in 2020 for all we know at this point

steffanA · a year ago
There is a strange dynamic between the threat actors who conduct these breaches and researchers.

When not used for extortion and for "status" in the hacking community, they share them with researchers (commonly HIBP) to warn people about a site's security and so that site is forced to fix things.

Definitely a strange dynamic.

steffanA commented on Internet Archive: Security breach alert   theverge.com/2024/10/9/24... · Posted by u/ewenjo
steffanA · a year ago
More details here about the data breach. Stolen database contains 31 million records.

https://www.bleepingcomputer.com/news/security/internet-arch...

steffanA commented on New Windows driver blocks software from changing default web browser   bleepingcomputer.com/news... · Posted by u/aquova
x0n · 2 years ago
They haven't stopped users from changing their default browser by the proper explicit mechanism in Windows (default applications.) They've stopped shitferret malware from switching it, or yes, other browsers. If I want to change my browser, I'll do it myself.
steffanA · 2 years ago
It's doubtful to me that this is due to malware.

Many malware hijack search settings. However, very few hijack default browsers themselves these days. In the past (10 years ago) it was much more common.

Furthermore, I don't know of many malware that touch the .PDF file extension associations, and there are plenty of other associations that would be better to hijack.

Feels more like a sloppy fix to comply with EU's DMA.

steffanA commented on New Windows driver blocks software from changing default web browser   bleepingcomputer.com/news... · Posted by u/aquova
maxerickson · 2 years ago
The cynical explanation is that it blocks all software from making the change, including other browsers.
steffanA · 2 years ago
Including Firefox who previously bypassed it:

https://www.theverge.com/2021/9/13/22671182/mozilla-default-...

s

u/steffanA

KarmaCake day72January 15, 2021View Original