home.social

#misconfiguration — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #misconfiguration, aggregated by home.social.

  1. 🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
    xca-attacks.github.io/fabricke #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated

  2. 🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
    xca-attacks.github.io/fabricke #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated

  3. 🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
    xca-attacks.github.io/fabricke #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated

  4. 🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
    xca-attacks.github.io/fabricke #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated

  5. 🚀 Wow, someone finally misconfigured the Infinity Fabric! 🛠 Apparently, breaking #AMD #SEV-SNP is as easy as tying your shoelaces together and hoping for the best. 🥴 Next time, maybe try configuring the firmware with an actual manual instead of a fortune cookie. 🤡
    xca-attacks.github.io/fabricke #InfinityFabric #Misconfiguration #FirmwareFails #TechHumor #SecurityBreach #HackerNews #ngated

  6. NEW by me:

    Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.

    No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:

    databreaches.net/2026/05/14/no

    #dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw

    @SchizoDuckie @joncampbell @campuscodi

  7. NEW by me:

    Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.

    No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:

    databreaches.net/2026/05/14/no

    #dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw

    @SchizoDuckie @joncampbell @campuscodi

  8. NEW by me:

    Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.

    No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:

    databreaches.net/2026/05/14/no

    #dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw

    @SchizoDuckie @joncampbell @campuscodi

  9. NEW by me:

    Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.

    No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:

    databreaches.net/2026/05/14/no

    #dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw

    @SchizoDuckie @joncampbell @campuscodi

  10. NEW by me:

    Many immigrants have enough anxiety these days without their lawyer leaking their files and having the files all wind up in the hands of criminals. Read about what happened with a NYC law firm in my new post.

    No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition:

    databreaches.net/2026/05/14/no

    #dataleak #immigration #incidentresponse #misconfiguration #KillSec #DSDLaw

    @SchizoDuckie @joncampbell @campuscodi

  11. McGraw Hill Data Leak Exposes 13.5M Records After Salesforce Misconfiguration

    McGraw Hill, a leading publisher of educational materials, recently suffered a significant data leak, exposing a staggering 13.5 million records due to a misconfigured Salesforce-hosted page. This alarming breach highlights the importance of robust data security measures, even for companies with a traditional focus like textbook…

    osintsights.com/mcgraw-hill-da

    #DataLeak #McgrawHill #Salesforce #Misconfiguration #Education

  12. Cuba: 63,564 AIS Remittances Clients' information was exposed on an unsecured server.

    What did the unsecured server expose?

    Customer affidavits, IDs, and debit cards.

    The affidavits contained:

    This affidavit contained client information, such as: name, mobile phone number, telephone number, email address, address, country, province, city, town, postal code, date of birth, country of birth, passport number, country of issue, and expiration date.

    You may also notice that there was a section called "Beneficiaries," which included the beneficiary's name, their ID number, and the reason for the transfer, which in all cases was "family support."

    I tried to notify the company, but their aisremesascuba email address was unavailable. I notified CIMEX S.A., and within a few days, access was blocked.

    Those affected (Customers) by this breach may be at risk of scams because the server has been exposed since March 2025.

    security-chu.com/2025/10/AIS-R

    #Cuba #cybersecurity #databreach #misconfiguration

  13. Everyone breathes a sigh of relief when they hear "no customer data was exposed," but that's a big mistake. This recent Navy Federal Credit Union leak is a perfect example of why. Exposing 378 GB of internal Tableau data, user emails, and system configurations is like handing a burglar the architectural blueprints to your building. It tells them where the weak points are and who to target with spear phishing. Operational data is just as critical as customer data, and misconfiguration remains one of the most common, and avoidable, security failures.

    TL;DR
    📦 An unsecured server exposed 378 GB of the credit union's internal backup files.
    🛡️ Fortunately, no sensitive customer PII was directly included in the leak.
    🗺️ The data did, however, act as a "roadmap," revealing internal system structures and formulas.
    🎯 This kind of operational data leak enables highly targeted phishing campaigns against employees.

    hackread.com/misconfigured-ser
    #misconfiguration #cybersecurity #datasecurity #riskmanagement #security #privacy #cloud #infosec

  14. A #Misconfiguration That Haunts Corporate #Streaming Platforms Could Expose Sensitive Data

    A #security researcher discovered that flawed #API configurations are plaguing corporate #livestreaming platforms, potentially #exposing internal company meetings—and he's releasing a tool to find them.
    #privacy

    wired.com/story/corporate-live

  15. Over 3.5 million customer records from Australian global fashion brand #SABO were exposed online containing over 292GB database without any security authentication or encryption.

    🔗 hackread.com/global-fashion-la

    #CyberSecurity #Privacy #Australia #DataProtection #Misconfiguration

  16. In August 2020, @SchizoDuckie and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."

    In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by @JayeLTee, @masek, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.

    Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately.

    databreaches.net/2025/07/04/no

    Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to @TonyYarusso and @bkoehn for their efforts.

    #dataleak #misconfiguration #incidentresponse #incidentmanagement #responsibledisclosure #securityalert #infosec