- 646 Posts
- 11 Comments
2·1 month agoLeak extortion is the main issue nowadays, not covered by backups, I’m afraid.
[email protected] to the win!
I didn’t know about that tool. Apparently, it is a CDR, which I like very much. I’m not aware of any good open-source implementations.
Very nice approach!
Some points about the article:
Nature of the Vulnerability: The vulnerability is a security flaw that allows leaking the email associated with a YouTube channel by exploiting endpoints from both YouTube and Google Pixel Recorder.
Impact: It allows an attacker to obtain the email associated with any YouTube channel, which can lead to phishing attacks, privacy invasion, and other malicious activities. This potentially affects all YouTube users who own a channel.
Fix Status: The vulnerability has been fixed by Google. Both parts of the exploit were resolved by 02/09/2025, and the report was disclosed on 02/12/2025.
Depends of the country. Disrupt with Internet/communications may be a crime in some countries.
Kudos to SOC team.
CrowdStrike report of the incident: https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
Well, depends. If the user go to a captive portal to “authenticate” before the VPN could closes, than no. But, if the VPN can “pierce” through it (without any intervention from the AP), than yes. Anyways, If the user is willing to provide authentication data (like social media accounts, etc), nothing matters.
Yes.
303,481 servers worldwide, according to Shodan.
Direct link.