| website | https://krebsonsecurity.com |
Name them all.
“More than 200 of the world's elites registered for a retreat whose agenda runs from panels on cult-building and sex to prepping for World War III. An associated app offers matchmaking.”
Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society https://www.wired.com/story/leak-exposes-members-of-peter-thiels-secretive-dialog-society/
Yes, they're arresting legal observers in Minnesota.
No, the rest of us doing the same will not stop. Everything we do is Constitutionally protected, and we have our First Amendment rights as long as we fight for them. We know not to open the door for anything but a signed judicial warrant, we've been trained to know what those look like, and if they want to kidnap us it's come for one, face us all.
Solidarity with #Minnesota.
✈️ New Blog Post: Your Boarding Pass Is a Skeleton Key. Frontier Airlines Doesn't Care.
Frontier's mobile API returns full passport numbers, home addresses, children's DOB, credit card details, and KTNs for any booking. The only auth? A PNR and last name. Printed on every boarding pass.
Reported March 3rd. 105 days later, still live. They fixed the least important vuln and ghosted me on the rest. They also updated the website code and somehow made the leaks worse.
Full writeup: https://bobdahacker.com/blog/frontier-airlines-hack
#InfoSec #BugBounty #ResponsibleDisclosure #FrontierAirlines #Security #CyberSecurity #Privacy #Aviation #PCIDSS #DataExposure
How I found that anyone with a boarding pass photo can pull full passport numbers, home addresses, children's dates of birth, credit card details, and Known Traveler Numbers for every passenger on a Frontier Airlines booking. Reported March 3rd. Still live 105 days later.
I'm sure this is nothing new and has been going on for ages, because the FBI just put out a PSA on it. But I did learn some new things, such as that criminals are impersonating the owners of vacant property parcels and selling those properties out from under the rightful owners. And the tips. Like, check if your County Recorder, Register of Deeds, County Appraisal District, or County Clerk’s Office offer notification services and send an automated email or text when a legal document is recorded using your name.
Thanks to Jeff Gammage at the Philadelphia Inquirer for citing my analysis of who is actually held at Delaney Hall. My review of ICE data shows 88% of those detained have no criminal conviction, and 84% have no final order of removal. As I wrote, if you were looking for an ICE facility that holds a large number of dangerous criminals, Delaney Hall just isn't it.
The Trump administration wants to expand detention capacity, not shrink it. Delaney Hall is important to ICE because of its access to major highways and airports.
Warner Crocker
Landsil
Scary Austin
Steve Herman
Cat 🐈🥗 (D.Burch) 
BobDaHacker 🏳️⚧️
Hacker Memes
Grickle
Austin Kocher, PhD 🌎