Sarahah Uploads Your Data, Internet of Things Creds Exposed – Threat Wire

Sarahah was Caught Uploading Contacts, ROPEMAKER Changes Emails Post-Delivery, default credentials are still impacting IoT devices, and a New Crowdfunding Campaign for MalwareTech is now up and running. All that coming up now on ThreatWire.

——————————-
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
Help us with Translations! http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ
——————————

Links:

Anonymous Messaging App Sarahah to Halt Collection of User Data With Next Update


https://thehackernews.com/2017/08/sarahah-privacy.html
https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/


https://www.theregister.co.uk/2017/08/28/crowdfunding_for_hutchins_legal_fees/?mt=1503964117577

https://www.theregister.co.uk/2017/08/23/ropemaker_exploit/

ROPEMAKER Exploit Allows for Changing of Email Post-Delivery


https://www.mimecast.com/globalassets/documents/whitepapers/wp_the_ropemaker_email_exploit.pdf

https://arstechnica.com/information-technology/2017/08/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse/


http://www.securityweek.com/thousands-iot-devices-impacted-published-credentials-list

Race is On To Notify Owners After Public List of IoT Device Credentials Published

https://arstechnica.com/tech-policy/2017/08/malwaretechs-legal-defense-fund-bombarded-with-fraudulent-donations/?comments=1



https://www.crowdjustice.com/case/malwaretech/

Youtube Thumbnail credit:
https://cdn.pixabay.com/photo/2016/06/06/10/48/communication-1439187_960_720.jpg

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>