Microsoft has resolved a security lapse that exposed internal company files and credentials to the open internet.
The Azure storage server housed code, scripts and configuration files containing passwords, keys and credentials used by the Microsoft employees for accessing other internal databases and systems.
Yoleri told TechCrunch that the exposed data could potentially help malicious actors identify or access other places where Microsoft stores its internal files.
The researchers notified Microsoft of the security lapse on February 6, and Microsoft secured the spilling files on March 5.
Microsoft did not say if it had reset or changed any of the exposed internal credentials.
Sharing URLs privatelyNow, if all of this sounds a bit familiar, then that’s likely because you are already familiar with the Safe Browsing Enhanced Mode.
The privacy server removes potential user identifiers and forwards the encrypted hash prefixes to the Safe Browsing server via a TLS connection that mixes requests with many other Chrome users.
The Safe Browsing server decrypts the hash prefixes and matches them against the server-side database, returning full hashes of all unsafe URLs that match one of the hash prefixes sent by Chrome.
This server sits between Chrome and Safe Browsing and strips out any identifying information from the browser request.
Thanks to all of this, Google’s Safe Browsing service should never see your IP address.
Newsmast also credits the Mastodon app and Mozilla-backed startup Mammoth for the inspiration around Communities.
In addition, Newsmast offers a system where anyone can build their own Mastodon server with a selection of communities they’ve curated.
Users could then connect to that server in place of the Newsmast server within the Newsmast app.
Later this week, Newsmast will also open up its API to developers, which means your preferred Mastodon app could integrate with Newsmast’s Communities, too, for a more seamless experience.
(In fact, some Mastodon users were confused why Newsmast’s accounts were following them and boosting their content, without understanding the larger purpose.)
Social network Bluesky, a competitor to X, Threads, Mastodon, and others, is opening up its doors with today’s news that the network is now opening up federation, following its public launch earlier this month.
The move will allow anyone to run their own server that connects to Bluesky’s network, so they can host their own data, their own account and make their own rules.
That sent some former Twitter users in search of alternatives that were more sustainable, like Mastodon and Bluesky.
While this model is similar to Mastodon, Bluesky uses a newer social networking protocol, the AT Protocol, while Mastodon and many other networks today use ActivityPub.
“After this initial phase, we’ll open up federation to people looking to run larger servers with many users,” it says.
Over the weekend, hackers targeted federated social networks like Mastodon to carry out ongoing spam attacks that were organized on Discord, and conducted using Discord applications.
But Discord has yet to remove the server where the attacks are facilitated, and Mastodon community leaders have been unable to reach anyone at the company.
She told TechCrunch that while Discord has mechanisms for reporting individual users or messages, it lacks a clear way to report whole servers.
And as Smith notes, these mass spam attacks can drive up server costs, leaving admins with unexpected bills.
According to reports on Mastodon, this fully-automated attack was sparked by a conflict between teenagers on two different Japanese language Discord servers.
A spam attack that impacted the open source X rival Mastodon, Misskey, and other apps highlights how the decentralized social web, also known as the Fediverse, is open to abuse.
Over the past several days, attackers have targeted smaller Mastodon servers, taking advantage of open registrations to automate the creation of spam accounts.
While this is not the first spam attack that has impacted the Fediverse, Rochko notes that only larger servers like Mastodon.social had been targeted previously.
The spam attack highlighted one of the weaknesses that comes with how the Fediverse is structured.
It makes me want to walk away and give up,” wrote one Mastodon server admin sam@urbanists.social.
The latest update to the Facebook Messenger app includes a new feature that allows users to send money directly to other people in their chat group. The new function, which…