![]() ![]() Having a bug bounty or reward program is a common-sense solution to have outside eyes on your network and it is how many security researchers fund their work. It is always good to see a company that values data security, online privacy, and understands bug bounties or discovery rewards are a common practice. You are free to either subscribe yourself or send it to a friend”. Meanwhile, in order to express our appreciation to your alert in a timely manner, we’d like to offer each of you a redeem code for an annual subscription (the 39.99 USD package) of Fotor website service. “As the trouble shooting by our technical guys are still ongoing, we assume that it may take a few days. I received a follow-up email on October 19th and acknowledgment of my notification that said: Public access was restricted shortly after my notice. The following day I got a reply that my message was forwarded and someone would be getting back to me. I immediately sent a responsible disclosure notice of my findings. Very quickly there was enough evidence in the data to trace it back to Fotor, a multi-platform photo editing tool. In this particular case it was easy to find the owner of the database because all of the folders contained the name “Fotor”. I have discovered many records where I knew they contained something sensitive but couldn’t figure out who to report the findings to. Many times companies or organizations will try to make their data anonymous or encrypt the records. Often it can take a very long time to research who is responsible for the exposed data and how to contact them. The most disturbing part of the discovery was a massive collection of 13 million user records that included their names, email addresses, user ID numbers in plain text. There was a total of more than 123 million records exposed that contained a combination of test and production data. On October 15th I discovered a non-password protected database that contained a large number of internal records. Secure Thoughts collaborated with Security Expert Jeremiah Fowler to expose a massive leak of user information by a photo editing application. Here are his findings: How To Keep Your Email Secure From Hackers.What Do You Do If Your Social Security Number Is Stolen?.Best Identity Theft Protection Services.The Frightening Facts of Credit Card Fraud. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |