March 2021 LC LABS LETTER A Monthly Roundup of News and Thoughts from the Library of Congress Labs Team Spotlight: Of the People program As we’ve shared before, the Of the People program connects the Library of Congress more deeply with Black, Hispanic, Indigenous and other communities traditionally underrepresented in library collections by expanding its collections, using technology […]
Learn how to find associated domains and IP neighbors for bug bounty hunting with the SecurityTrails API™ Source of Article
In today’s post, I interview a By the People volunteer, Maddie, who has gone above and beyond! By the People is a crowdsourced transcription program launched in 2018 at the Library of Congress. Volunteer-created transcriptions are used to make digitized collections more accessible and discoverable on loc.gov. You can read our other Volunteer Vignettes on the Signal here and here. Carlyn: What […]
On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively […]
Talking with Ben Bidmead, aka pry, about his early days in cybersecurity, story behind axiom and how he gives back to the community. Source of Article
In 2020, LC Labs began the Humans in the Loop experiment to explore ways to responsibly combine crowdsourcing experiences and machine learning workflows. As you may know from following along with LC Labs’ investigations into these methods, machine learning’s reliance on pattern recognition and training decisions made by human annotators makes it really good at […]
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. The Shadowserver Foundation, a nonprofit that helps network owners identify and fix security […]
Background The age of enlightenment took place in the 17th and 18th century, centering in the heart of Europe. The Enlightenment itself was an intellectual and philosophical movement spreading rapidly throughout the western world, but it was so significant that a whole historical period was characterized by its ideologies. Overtaking the pomp of the renaissance […]
Learn how to boost your IP reconnaissance process during bug bounty hunting by using SurfaceBrowser™ Source of Article
A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security […]
It was presented as a program that rewards users who help Netscape find and report bugs in the beta versions of Netscape Navigator 2.0., and the concept of bug bounty programs remains almost the same to this day. Though there must be something in that simplicity that has made bug bounty programs rocket in popularity […]
Remember Norse Corp., the company behind the interactive “pew-pew” cyber attack map shown in the image below? Norse imploded rather suddenly in 2016 following a series of managerial missteps and funding debacles. Now, the founders of Norse have launched a new company with a somewhat different vision: RedTorch, which for the past two years has […]
Olivia Dorsey, Innovation Specialist at the Library of Congress. Olivia is working on Computing Cultural Heritage in the Cloud (CCHC). We’re thrilled to share that Olivia Dorsey recently joined the LC Labs team as an Innovation Specialist! Olivia will be working on the Computing Cultural Heritage in the Cloud (CCHC) initiative at the Library. The […]
It is no secret that libraries play a vital role in society’s collective growth and educational experience. In recent years, libraries have made huge progress by adapting to the ongoing needs of communities, thus reinforcing their key role and importance. But are they going to stay relevant in the future? How can they continue to […]
Learn how to perform a fast host discovery with the SecurityTrails API for intel reconnaissance and bug bounty hunting purposes. Source of Article
If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here’s the story of one such goof committed by Fiserv [NASDAQ:FISV], a $15 […]
SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we’re learning about an entire ecosystem of companies that anyone could use […]
With the boom of data-driven organizations and the adoption of technological advancements, cybersecurity threats are also getting more sophisticated. The fast-changing nature of cybersecurity and the sheer amount of threats and vulnerabilities requires organizations to stay on top of protecting their assets and data from attackers. To counteract this, organizations are increasingly turning to ethical […]
A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account […]
Announcing SecurityTrails Bug Bounty Hunting month where you will boost your skills with expert content, special discounts and giveaways. Source of Article
