VOIPO.com Data Leak

An improperly secured ElasticSearch database was discovered containing VOIP call logs, SMS/MMS message logs, and plaintext internal system credentials.…

Arik Air - grounded by an Amazon S3 leak

2018-11-01 UPDATE: I did want to clarify in clear terms a handful of inaccurate claims I have seen made regarding this report. This was not a hack. Full stop. I've seen zero evidence to indicate this data was leaked as a result of any kind of compromise or "hack&…

Web of Tech Support Scam Domains

This is just a quick brain dump. TL;DR: at least 2,102 tech support scam (TSS) domains. Initial domain I came across: hXXp://ghryuiefdao{.}tk/?number=888-348-1742&bluer=1 2018-07-22 UPDATE: Freenom (the registrar) killed all of the 2,075 .tk domains. dig ghryuiefdao.tk | grep "status&…

The Right Way to Set an Out of Office Filter

You'd think it's quite easy to deal with your email when you go out of the office for an extended period of time, right? It's not. Sure, you could just set an out of office auto responder and call it day. If you're anything like me you will be annoyed…

Credit Card Stealing JS

One day I noticed log lines like this: [+] Request: http://BADOMAIN/l.php?p=Bob%Smith%7C1%20Bob%20Smith%20Dr.%20%7CSt%2%CITY%2C%20GA%ZIP%20US%20US%7C%7CBobSmith%40gmail.com [+] Referer: https://VICTIMDOMAIN/process.html [+] UserAgent: Mozilla/5.0 (iPad; CPU OS 9_3_5 like Mac…

Why I Remember the Milk

If you’re looking for a good todo/task/productivity app I’m sure you’ve already realized that you have plenty of options. Creating a todo app is coding 101 for any aspiring app developer (along with a crappy weather app). You can search your app store of choice…