Video platform Dailymotion takes steps to contain credential stuffing attack

Attackers have launched an ongoing credential stuffing campaign against the online video streaming service Dailymotion, compromising the data of an unspecified number of users in the process.

A property of French media and entertainment company Vivendi SA, Paris-based Dailymotion said in a Jan. 25 press alert that its technical teams “successfully contained” the attack “following the implementation of measures to limit its scope.” Potentially impacted users have already been contacted, as has as the CNIL, a French federal agency responsible for overseeing data protection regulations.

In a credential stuffing attack, malicious actors attempt to gain access to online websites or accounts using passwords that were previously stolen from or leaked by unrelated web services. This technique often works because many users tend to register for services with the same credentials over and over.

Unprotected Government Server Exposes Years of FBI Investigations

A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files.

The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the Oklahoma Securities Commission and many sensitive FBI investigations—all wide open and accessible to anyone without any password.

Other severe files exposed included emails, social security numbers, names, and addresses of 10,000 brokers, credentials for remote access to ODS workstations, and communications meant for the Oklahoma Securities Commission, along with a list of identifiable information related to AIDS patients.

Does WhatsApp Has A Privacy Bug That Could Expose Your Messages?

In-short conclusion—Whatsapp service or its 45-days deletion policy doesn't seem to have a bug. For detailed logical explanation, please read below.

An Amazon employee earlier today tweeted details about an incident that many suggests could be a sign of a huge privacy bug in the most popular end-to-end encrypted Whatsapp messaging app that could expose some of your secret messages under certain circumstances.

According to Abby Fuller, she found some mysterious messages on WhatsApp, notably not associated with her contacts, immediately after she created a new account with the messaging app on her brand new phone using a new number for the very first time.