Frederik1d ago

Today I learned about flare.io, a company that provides other companies with detailed intel about data leaks affecting them.

Here's the catch: Unlike @haveibeenpwned or even intelx, they store everything that they can get their hands on. During a live demo, they proudly pulled up all email/password pairs that they have for a company that is not one of their customers, showed off how it saves not just the combo but everything the infostealer got, including all browser cookies and a screenshot of the personal machine of an affected employee.

So many things wrong with this..

  • We just told them which company to look up, no verification at all.
  • Bringing a demo laptop logged in to a "full admin" account that can see all data that they have access to, to a conference stand
  • Storing a screenshot of a personal machine from an employee is absolutely not okay.
  • and so much more...

When asked about legalities, they claim "it's based on needing to know this information for the companies" and falsely claimed "haveibeenpwned does the same thing, they also sell access to the combos" 🫨

Anyway, i sent a GDPR request for my data (and subsequent deletion), let's see what happens.

#infosec #insomnihack #privacy

ETA: to be clear, this wasn't a one off demo, they do this demo for everyone that walks up to their stand, and we have strong reasons to believe that the cleartext passwords that they show anyone that asks are real passwords and not demo data.

mbuhl ᠮᠣᠷᠢᠲᡯ 王亢宝1d ago
I am at #insomnihack this week. Really looking forward to the #CTF tomorrow! #INSO26 #h4TUM
Sonar Research2d ago
Attending #Insomnihack this week? Don't miss our researcher @pspaul breaking down various unsafe patterns attackers can abuse to compromise your GitHub Actions workflows!
Insomni'hack3d ago

🔓 Exciting News!

🛠️🔑 We are pleased to announce that during this year's Insomni'hack, there will be a Lockpicking Village organized by some experts.

Whether you're a cybersecurity enthusiast, a beginner, or an expert, come explore the fascinating world of lockpicking, learn new skills, and challenge yourself in a fun and interactive environment.

👉 Discover more: https://insomnihack.ch/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1703

#InsomniHack #Cybersecurity #Infosec #INSO26 #CyberConference

Insomni'hack4d ago

This year, we are happy to welcome five CTF sponsors:
🤝 Exoscale, a special thanks to Sébastien Pittet.
🤝 La Vaudoise, a special thanks to Jesus Pampin.
🤝 Caido, a special thanks to Emile Fugulin.
🤝 Sekoia.io, a special thanks to Audrey Girard & Julien De Pins.
🤝 SentinelOne, a special thanks to Céline Roux Sethi, Abel Varela & Daniel Bachofen.

👉 Check the full program: https://insomnihack.ch/our-mobile-application-is-ready/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1603

#InsomniHack #Cybersecurity #Infosec #INSO26 #CyberConference

Insomni'hack4d ago

🚀 Only 4 days to go until Insomni'hack!

We’re thrilled to announce that the cybersecurity event of the year is almost here.

👉 Check out & create your own schedule of talks: https://insomnihack.ch/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1603

✨ We can’t wait to see you there!

#InsomniHack #Cybersecurity #Infosec #INSO26 #CyberConference

Insomni'hackMar 13

We are delighted to announce that GitGuardian will be joining us as a Silver sponsor for the first time this year.

🤝 Special thanks to the local team: Maxime Moroté & Jérémy Lanfranchi.

👉 Book your seat now and be part of the community: https://insomnihack.ch/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1303

#InsomniHack #Cybersecurity #Infosec #INSO26 #CyberConference

Insomni'hackMar 12

⏳ One week to go! The countdown is on for this new edition.

📱 Now’s the time to organize your agenda. Download our mobile app, add your favorite talks, and create your ideal schedule.

👉 Don't wait, your perfect day is just a tap away: https://insomnihack.ch/our-mobile-application-is-ready/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1203

#InsomniHack #Cybersecurity #Infosec #INSO26 #CyberConference

Insomni'hackMar 12

This year, we are happy to welcome two bronze sponsors:
🤝 Chiche Communication, Wavemind Sàrl, a special thanks to Romain Therisod.
🤝 Cisco, a special thanks to Alexis Gastaldello, Simon Verrando & Amaury Jouglet.

👉 Register here: https://insomnihack.ch/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1103

#InsomniHack #Cybersecurity #Infosec #INSO26 #CyberConference

Insomni'hackMar 11
Kirill Jutaev's talk is the cherry on the cake to close our agenda on Friday at #Insomnihack. Learn how aged flaws are still exploited today and that they really never die.
Explore it now: https://insomnihack.ch/?utm_source=mastodon&utm_medium=image&utm_campaign=Insomnihack2026&utm_content=1103
#Cybersecurity #Infosec #INSO26 #CyberConference