Article Trunk



Posts Tagged ‘password’

Thousands of industrial refrigerators can be remotely defrosted, thanks to default passwords

Security researchers have found thousands of exposed internet-connected industrial refrigerators that can be easily remotely instructed to defrost. More than 7,000 vulnerable temperature controlled systems, manufactured by U.K.-based firm Resource Data Management, are accessible from the internet and can be controlled by simply plugging in its default password found in documentation on the company’s website, ...

Houzz resets user passwords after data breach

Houzz, a $4 billion-valued home improvement startup that recently laid off 10 percent of its staff, has admitted a data breach. A reader contacted TechCrunch on Thursday with a copy of an email sent by the company. It doesn’t say much — such as when the breach happened, what was stolen, or if a hacker to ...

Meet the little-known Chinese WiFi startup that rubs shoulders with WeChat and Alipay

A service that connects people to WiFi hotspots for free turned out to be one of China’s most popular apps, nestling in the top ranks with Tencent’s WeChat messenger and Alibaba’s digital wallet affiliate Alipay. According to a report from app tracking service App Annie, WiFi Master Key was China’s fifth-largest app and the world’s ninth ...

A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts

A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise. The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter ...

Fortnite bugs put accounts at risk of takeover

With one click, any semi-skilled hacker could have silently taken over a Fortnite account, according to a cybersecurity firm who says the bug is now fixed. Researchers at Check Point say the three vulnerabilities chained together could have affected any of its 200 million players. The flaws, if exploited, would have stolen the account access token ...

Another huge database exposed millions of call logs and SMS text messages

An unprotected server storing millions of call logs and text messages was left open for months before they were found by a security researcher. If you thought you’d heard this story before, you’re not wrong. Back in November, another telecoms company, Voxox, exposed a database containing millions of text messages — including password resets and two-factor ...

Another server security lapse at NASA exposed staff and project data

Two months ago, NASA quietly fixed a buggy internal server that was leaking sensitive information about the agency’s staff and their work. The leaking server was — ironically — a bug reporting server, running the popular Jira bug triaging and tracking software. In NASA’s case, the software wasn’t properly configured, allowing anyone to access the ...

An unsecured database exposed the personal details of 202M job seekers in China

The personal details belonging to more than 202 million job seekers in China, including information like phone numbers, email addresses, driver licenses and salary expectations, were freely available to anyone who knew where to look for as long as three years due to an insecure database. That’s according to findings published by security researcher Bob Diachenko ...