69 matches found
Scraped data of 1.3 million Clubhouse users published online
By Waqas Clubhouse, an invitation-only social media app for iOS with more than 10 million users has become a victim of data scraping. Here's what data was published. This is a post from HackRead.com Read the original post: Scraped data of 1.3 million Clubhouse users published online...
Data from 500M LinkedIn Users Posted for Sale Online
Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse. Hackers posted an archive containing data they said includes LinkedIn IDs,...
Has Facebook leaked your phone number?
Unless you keep your social media at a pole’s distance, you have probably heard that an absolutely enormous dataset—containing over 500 million phone numbers—has been made public. These phone numbers have been in the hands of some cybercriminals since 2019 due to a vulnerability in Facebook that...
533 Million Facebook Users' Phone Numbers and Personal Data Leaked Online
In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full...
Facebook sues developer of data scraping extensions for Chrome
By Sudais Asif The developer is a Portuguese company that Facebook claims developed malicious Chrome extensions allowing data scraping. This is a post from HackRead.com Read the original post: Facebook sues developer of data scraping extensions for Chrome...
Facebook: Malicious Chrome Extension Developers Scraped Profile Data
Facebook has filed legal action against two Chrome extension developers that the company said was scraping user profile data – including names and profile IDs – as well as other browser-related information. The two unnamed developers under the business name Oink and Stuff, developed Chrome...
U.S. Dept Of Defense: ███ on https://████ enable ███ scraping, injection, stored XSS
Summary: An open ████████ at the ████████ system enables quick and easy scraping of ███ without authentication nor authorization. Description: The █████ includes an open set of ██████endpoints at https://██████████. Any individual can execute requests on these endpoints without authorization nor...
U.S. Dept Of Defense: IDOR on https://██████ via POST UID enables database scraping
Summary: The UID parameter on █████████ in the ██████ ███████ system, with ███████, does not validate that the caller has permission to view information on the UID entered, thereby enabling personnel and student data extraction. Description: The user operations API endpoint for the ███ ██████████...
Data scraping firm leaks 235m Instagram, TikTok, YouTube user records
By Sudais Asif According to researchers, the trove of data was left for public access without any security authentication. This is a post from HackRead.com Read the original post: Data scraping firm leaks 235m Instagram, TikTok, YouTube user records...
Firebase-Extractor - A Tool Written In Python For Scraping Firebase Data
This tool is written in python2, the purpose of this tool is to parse all the results from Bing search.Basically whenever a firebaseio URL is found for an app , User instead of searching for sensitive data by going manually through the search results can use this tool.This tool works by using the...
Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos
Tooling that automates your social media interactions to collect posts, photos, videos, friends, followers and much more on Facebook. Features A bot which scrapes almost everything about a facebook user's profile including uploaded photos tagged photos videos friends list and their profile photos...
Browser Extensions Scraped Data From Millions of People
Slack passwords, NSO spyware, and more of the week's top security news...
Uber Deployed 'Surfcam Spyware' in Australia to Crush the Competition – Report
A rogue employee at rideshare behemoth Uber created and deployed a piece of information-gathering software in order to help his company get a leg up on the local competition in Australia, according to a report. The so-called “secret spyware program” was dubbed Surfcam, and was developed by the...
Over 202 Million Chinese Job Seekers' Details Exposed On the Internet
Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of...
Data scraping treasure trove found in the wild
We bring word of yet more data exposure, in the form of “nonsensitive” data scraping to the tune of 66m records across 3 large databases. The information was apparently scraped from various sources and left to gather dust, for anyone lucky enough to stumble upon it. What is data scraping? The...
Subdomain Enumeration Tool: Amass
Amass is the subdomain enumeration tool with the greatest number of disparate data sources that performs analysis of the resolved names in order to deliver the largest number of quality results. Amass performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting...
Amass - In-depth Subdomain Enumeration
The Amass tool performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting and altering of names and reverse DNS sweeping to obtain additional subdomain names. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks...
PoS Malware ‘TreasureHunter’ Source Code Leaked
Source code for the point-of-sale malware called TreasureHunter has been leaked, according to researchers who said the release offers them unique insights into the malware, but also gives them pause as they brace for expected variants. Not just was TreasureHunter’s source code leaked, but so was...
A week in security (April 02 – April 08)
Last week, we took a look at fake Whatsapp antics, dubious gaming extensions, and a huge Panera bread breach. There was also LockCrypt ransomware to contend with, we had a poke around Linkedin, and we published another Physician, protect thyself blog. Other news Compromised cash register systems...
Privacy Advocates Blast Facebook After Data Scraping Scandal
Privacy advocates are up in arms after CEO Mark Zuckerberg said this week a Facebook reverse search tool may have compromised the data of the social network’s two billion users. The feature in question was designed to enable users to enter a Facebook user’s phone numbers or email addresses into t...