Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address. TechCrunch reports: Wassime Bouimadaghene, a French security researcher, found the vulnerability and reported the issue to Grindr. When he didn’t hear…
Tag: Troy Hunt
George Floyd: Anonymous Hackers Reemerge Amid US Unrest
An anonymous reader quotes a report from the BBC: As the United States deals with widespread civil unrest across dozens of cities, “hacktivist” group Anonymous has returned from the shadows. The hacker collective was once a regular fixture in the news, targeting those it accused of injustice with cyber-attacks. After years of relative quiet, it appears to have re-emerged in the…
Mystery Data Breach Dubbed ‘db8151dd’ Exposes Records of 22 Million People
An anonymous reader quotes a report from 9to5Mac: A massive data breach dubbed db8151dd has exposed the records of 22M people — including addresses, phone numbers, and social media links. But the source of the data is a mystery. I got an email alert this morning from the haveibeenpwned.com site telling me that my details were included. The exposed data appears…
‘Have I Been Pwned’ Is No Longer For Sale
Troy Hunt, the owner and founder of the well-known and respected data breach notification website “Have I Been Pwned,” announced in a blog post today that his website is no longer being sold and will continue running independently. The news comes several months after Hunt announced he was actively looking for a buyer. Last June, Hunt wrote: “To date, every line…
Password Data For About 2.2 Million Users of Currency, Gaming Sites Dumped Online
Password data and other personal information belonging to as many as 2.2 million users of two websites — one a cryptocurrency wallet service and the other a gaming bot provider — have been posted online, according to Troy Hunt, the security researcher behind the Have I Been Pwned breach notification service. Ars Technica reports: One haul includes personal information for as…
Chrome and Firefox Changes Spark the End of ‘Extended Validation’ Certificates
“Upcoming changes in Google Chrome and Mozilla Firefox may finally spark the end for Extended Validation certificates as the browsers plan to do away with showing a company’s name in the address bar,” reports Bleeping Computer. When connecting to a secure web site, an installed SSL/TLS certificate will encrypt the communication between the browser and web server. These certificates come in…