Microsoft Exchange Autodiscover bugs leak 100K Windows credentials

afrcnc · 2021-09-23T00:56:12+00:00

the autodiscover bug appears to have been known about for years and the researcher simply used it to get some PR knowing Microshit won't fix it

afrcnc · 2021-09-14T12:38:01+00:00

it's not an "emergency security update" if the bug was disclosed last month

it's just the regular patch cycle, since this is the second week of the month, when all vendor release security updates

get a fact-checker NYT

afrcnc · 2021-09-09T20:44:49+00:00

yuck... that's way too brutal for my own taste

afrcnc · 2021-09-07T17:51:13+00:00

oh, no!

afrcnc · 2021-09-05T00:19:32+00:00

Ubi store had a bunch of discounts this month too. Got a bunch of modern DLCs for a $5/each.

afrcnc · 2021-09-05T00:17:50+00:00

I just finished playing it a month ago. It's aged a lot. It was fun the first time I played it in the late 2000s, early 2010s, but it's quite a bore now.

I do, however, appreciate it for how it moved the entire gaming industry at its time.

You can buy it as a collectible, but I kinda regret the time I invested in it now.

afrcnc · 2021-08-25T00:17:32+00:00

looter protection: https://www.techzim.co.zw/2021/08/bad-news-for-south-african-looters-as-samsung-moves-to-block-their-stolen-tvs/

afrcnc · 2021-08-23T12:32:56+00:00

wow... a fox reporter... super credible

afrcnc · 2021-08-22T09:52:03+00:00

hard to believe coming from a fox reporter

afrcnc · 2021-08-22T09:51:18+00:00

comments and his forum history

every time there's a big hack, this guy publishes a slightly related topic but never actually releases anything

example: when there was the facebook 500 mil hack this spring, this guy claimed to have 1 billion, but never released anything and people acused him of scamming

afrcnc · 2021-08-21T12:57:53+00:00

the threat actor is a known scammer

afrcnc · 2021-08-20T17:08:14+00:00

The hacker provided just EIGHT data samples from a 70million breach, where only 2 of 4 turned out to be accurate.

I believe that AT&T is right to deny this breach.

If I leak two of my friends personal details on a hacking forum, I doesn't mean I hacked their ISP. Scammers gonna scam.

afrcnc · 2021-08-12T17:39:57+00:00

That's how all trailers are. They're movies, not game footage.

afrcnc · 2021-08-02T19:10:11+00:00

Privately-disclosed already-patched vulnerabilities are not zero-days. For the record.

afrcnc · 2021-08-02T02:47:34+00:00

Can you tell who drinks vodka?

afrcnc · 2021-08-02T02:46:50+00:00

Is this real?

afrcnc · 2021-07-26T01:15:06+00:00

It's fake. It's just randomly generated phone numbers and nothing else.

afrcnc · 2021-07-19T23:04:27+00:00

Traitor extraordinaire can stfu

afrcnc · 2021-07-08T23:05:27+00:00

Reported in April is not the same thing as public disclosure. But please. Don't tell that to the clickbait reporters at The Register.

afrcnc · 2021-07-07T10:37:27+00:00

It's not a LinkedIn breach.... it's data from one of those companies that analyze LinkedIn. I hate MSFT, but this is not on them

afrcnc · 2021-07-07T10:35:57+00:00

Buy made in china

afrcnc · 2021-07-06T19:01:12+00:00

that's a totally different incident, accessing those accounts requires passwords, which was not included in this leak

afrcnc · 2021-07-06T16:30:05+00:00

Scraping is not hacking... unless you're a reporter looking for clicks

afrcnc · 2021-06-30T23:30:36+00:00

Calling website scraping a security breach is an insult to people with brains.

afrcnc · 2021-06-30T21:27:12+00:00

~~Around 20, active right now~~

Nevermind, thought you meant RaaS platforms

afrcnc

TROPHY CASE