A vulnerability existed in Microsoft’s Slack for Suits tool, Teams, that could have let a remote attacker take over accounts by simply sending a malicious GIF, infosec researchers claim. The pwn-with-GIF vuln was possible, said Cyberark, thanks to two compromisable Microsoft subdomains along with a carefully crafted animated image file. Although it was a responsibly Read more about We could have pwned Microsoft Teams with a GIF, claims Israeli infosec outfit[…]

In a blunder described as “astonishing and worrying,” Sheffield City Council’s automatic number-plate recognition (ANPR) system exposed to the internet 8.6 million records of road journeys made by thousands of people, The Register can reveal. The ANPR camera system’s internal management dashboard could be accessed by simply entering its IP address into a web browser. Read more about Nine million logs of Brits’ road journeys spill onto the internet from password-less number-plate camera dashboard[…]

Financial Times reporter Mark Di Stefano allegedly spied on Zoom meetings at rival newspapers the Independent and the Evening Standard to get scoops on staff cuts and furloughs due to the coronavirus pandemic, according to a report from the UK’s Independent. And Di Stefano he did a comedically bad job of covering his tracks. Di Read more about Journalist Allegedly Spied on Zoom Meetings of Rivals in Hilariously Dumb Ways[…]