Sweet Chat, an Android based chatting and photo sharing application with over 10 million users, has been exposing it's users chat content, and privatly shared photos on an unsecured server.…
The following blog will walk you though a major security issue found with older versions of the OpenVPN Pritunl software's Mongo Database, and how to discover, and exploit it's misconfiguration…
(Note.. This article was published after the 30 day disclosure period in order to give mi-taxi / Mississauga Taxi a chance to resolve the disclosed issues.) Intro Mississauga Taxi (mi-Taxi) is a taxi company located in Mississauga, Ontario, Canada, who's mobile application uses an unsecured ElasticSearch server. That unsecured server was…
Based on my first hand experience of discovering approximately 3000 credit card images, and drivers licenses / passports in a data breach, the answer is: Vendor Note Pass / Fail I received a token gesture of "we will look into it, but we don't want any details". 2 weeks later I'm still…
Full Article posted on IT World Canada: Canadian researcher warns of vulnerability in protocol used by M2M applications Howard Solomon Howard Solomon @howarditwc Published: December 5th, 2018 Poor security surrounding an obscure but common machine-to-machine messaging protocol is exposing personal and corporate data, warns a Canadian security researcher. Darryl Burke,…
On Wed Nov 23rd, we discovered a misconfiguration on the web servers of the company "Locksmith Services" which is a US based national dispatch service for Locksmiths. The misconfiguration on the website dispatchlogin.net exposed the; audio recording of calls, emails, customer contact information, photos of drivers licenses…
Summary: The mobile software, and backend servers created by BIOS Medical / Thermor Ltd used in their Bluetooth enabled Blood Pressure Monitor and Ear Thermometer suffer from serious design flaws which expose the private medical information of their customers Products Affected: Protocol 7D MII Blood Pressure Monitor Model BD245 Precision Temp…
Lining up the ducks, and getting legal advice before this is published.…