Marriott Concedes 5 Million Passport Numbers Lost to Hackers Were Not Encrypted
The overall number of guests affected by the hacking, in which Chinese intelligence is the leading suspect, declined to 383 million. But the passport data is critical to intelligence agencies. nytimes.com/2019/01/04/us/poli

Merry Christmas, infosec.exchange and the rest of the fediverse. I hope you have a great day!

What a surprise!
users cannot avoid location-based ads, investigation finds.
No combination of settings can stop location data being used by advertisers, says report. theguardian.com/technology/201

An Ingenious Data Hack Is More Dangerous Than Anyone Feared

Researchers have discovered that the so-called Rowhammer technique works on "error-correcting code" memory, in what amounts to a serious escalation.

Researchers have significantly increased the scope of the Rowhammer threat - wired.com/story/rowhammer-ecc-

'Cuddly' German chat app slacking on hashing given a good whacking under GDPR: €20k fine
PLAIN TEXT passwords showed up on file-hosting site theregister.co.uk/2018/11/23/k

Self-encrypting deception: weaknesses in the encryption of solid state drives.
Master passwords and faulty standards implementations allow attackers access to encrypted data without needing to know the user-chosen password. zdnet.com/article/flaws-in-sel

Stealing Chrome Cookies without root or password on OSX, Linux, and Windows via Remote Debugging Protocol. mango.pdf.zone/stealing-chrome

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.