Episode 6 - Show Notes

Listen to this episode6 - Hunting Open Elasticsearch Databases for Fun and Profit
Balbix State of Password Use reporthttps://www.balbix.com/resources/state-of-password-use-report-2020/
https://betanews.com/2020/05/07/average-password-reuse/
Polymorphic XSS Attackshttps://blog.doyensec.com/2020/04/30/polymorphic-images-for-xss.html
https://github.com/doyensec/StandardizedImageProcessingTest
0-day in Salthttps://www.zdnet.com/article/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner/
https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/aKNbZuJzwfM
Bellingcat on tracking down Dmitry Badinhttps://www.bellingcat.com/news/2020/05/05/who-is-dmitry-badin-the-gru-hacker-indicted-by-germany-over-the-bundestag-hacks/
Tracking ransomware via SEC filingshttps://www.zdnet.com/article/ransomware-mentioned-in-1000-sec-filings-over-the-past-year/
DNS over HTTPS banned for government usehttps://www.zdnet.com/article/dhs-cisa-to-provide-doh-and-dot-servers-for-government-use/
Zoom buys Keybasehttps://gizmodo.com/zooms-adding-end-to-end-encryption-for-real-this-time-1843333208
GoDaddy SSH key breachhttps://threatpost.com/godaddy-hack-breaches-hosting-account-credentials/155475/
Unacademy breach leaked 22 million user recordshttps://www.bleepingcomputer.com/news/security/hacker-sells-22-million-unacademy-user-records-after-data-breach/
Le Figaro exposes 7.4 billion user recordshttps://www.cisomag.com/french-newspaper-le-figaro-exposes-7-4-bn-users-records/
https://borncity.com/win/2020/05/01/huge-data-leak-at-french-newspaper-le-figaro/
Cam4 exposes details belonging to 11 million users https://www.bleepingcomputer.com/news/security/cam4-adult-cam-site-exposes-11-million-emails-private-chats/
https://www.safetydetectives.com/blog/cam-leak-report/