Get subscribed to our newsletter
Get interesting updates to your email inbox.
A Kerala-based application security engineer has won bug bounty from Microsoft for discovering a series of vulnerabilities that left over 400 million Microsoft users’ accounts — from Office 365 to Outlook emails — open to hacking.
Sahad NK, who works as a security researcher with cybersecurity portal Safetydetective.com, came across multiple vulnerabilities that, when chained together, allow an attacker to take over any Microsoft Outlook, Microsoft Store, or Microsoft Sway account simply via the victim clicking on a link.
“Immediately after finding these vulnerabilities, we contacted Microsoft via their responsible disclosure programme and started working with them,” said Safetydetective on Tuesday.
The vulnerabilities were reported to Microsoft in June and fixed by November end.
“While the vulnerability proof of concept was only made for Microsoft Outlook and Microsoft Sway, we expect it to affect all Microsoft accounts including Microsoft Store,” said Sahad.
Sahad discovered that a Microsoft subdomain, “success.office.com”, had not been properly configured. He also found bug in Microsoft Office, Store and Sway products.
A string of bugs when chained together created the perfect attack to gain access to someone’s Microsoft account — simply by tricking a user into clicking a link.
“Anyone’s Office account, even enterprise and corporate accounts, including their email, documents and other files, could have been easily accessed by a malicious attacker, and it would have been near-impossible to discern from a legitimate user,” said TechCrunch.
Sahad, with the help of fellow security researcher Paulos Yibelo, reported the bug to Microsoft, which fixed the vulnerability and gave an unspecified amount as bug bounty to Sahad.
Several tech companies offer bug bounty incentives. Sahad also received bug bounty from Facebook last year for discovering a bug in the social networking platform. (IANS)
Today, we are exposed to a gazillion beauty product launches every now and then. The cosmetic industry is ever-changing and always gives us something new to wish for. But how much thought do we actually put in before buying the skincare product for ourselves? You should always pay attention to the products and their ingredients. Choosing products from a company with a reputable line of products can be helpful, since each component may be designed to work in conjunction with the others. You can also be assured of the products' quality and may better be able to predict how your skin will react to trying a different product in the same line.
Skin is one of the largest organs of the body. Because of this, caring for your skin can directly affect your overall health. Your skin acts as a protective shield and is most vulnerable to outside elements. It's affected by more factors than you may think. In addition to this, your health also affects your choice of skincare products and vice-versa.
Nandeeta Manchandaa, Founder of ENN shares the whys and hows:
Let's talk Vitamins: Your body needs all essential vitamins for proper functioning and if any vitamin is a miss, then effects show on your skin too. Like- dark spots, pigmentation are often seen on people with melanin issues, or even in pregnant ladies. So Vitamin-C rich products are the go-to to combat this issue.
Your body needs all essential vitamins for proper functioning and if any vitamin is a miss, then effects show on your skin too. | Photo by Raimond Klavins on Unsplash
Baby on the way: Another major health factor that influences your skin care product selection is -- pregnancy! Pregnant women undergo 360-degree change internally and externally while their hormones are at their peak -- it gives way to allergic reactions, limitations of using certain products/ ingredient applications too. They are advised to stay away from Retinol (found in all anti-ageing creams), Benzoyl Peroxide and Salicylic acids (for face washes and cleansers) Essential oils (are the base for any serum, facial oils) So better to opt for clean and natural products as substitutes for the same.
Pregnant women undergo 360-degree change internally and externally while their hormones are at their peak. | Photo by Alicia Petresc on Unsplash
PCOD/PCOS: Thanks to the sedentary lifestyle and long working hours, one health issue in women that has been on the rise is PCOD (Poly Cystic Ovary Disorder) and PCOS (Poly Cystic Ovary Syndrome) Hormonal imbalances coupled with weight issues show their effect on skin too. A majority of women suffer from symptoms like cystic acne, excessively oily skin and scalp, open pores, blackheads/whiteheads, dark spots, dark patches to name a few. In this case, choosing products that will not irritate your skin or aggravate inflammation is your best bet. Avoid products with cocoa butter, isopropyl myristate, oleic acid lanolin, and butyl stearate. Chlorophenols are used as preservatives in cosmetics and have been linked to acne so these too must be avoided.
Avoid products with cocoa butter, isopropyl myristate, oleic acid lanolin, and butyl stearate. | Photo by Sabrina May on Unsplash
This is why we see the trend of clean beauty, Vegan beauty and herbal products flooding the markets because they claim to be free from all the nasties and let you get the maximum benefit of skin care products without any guilt. (IANS/ MBI)
(Keywords: herbal products, PCOD, PCOS, vegan beauty, vitamins, beauty, India, skincare, products )
Hackers have stolen crypto tokens worth $120 million from Blockchain-based decentralised finance (DeFi) platform BadgerDAO. Several crypto wallets were drained before the platform could stop the cyber attack. In a tweet, Badger said it has received reports of unauthorised withdrawals of user funds. "As Badger engineers investigate this, all smart contracts have been paused to prevent further withdrawals. Our investigation is ongoing and we will release further information as soon as possible," the company said late on Thursday.
According to the blockchain security and data analytics Peckshield, the various tokens stolen in the attack are worth about $120 million, reports The Verge. According to reports, someone inserted a malicious script in the user interface (UI) of their website. Badger has retained data forensics experts Chainalysis to explore the full scale of the incident and authorities in both the US and Canada have been informed. "Badger is cooperating fully with external investigations as well as proceeding with its own," it said. DeFi is a collective term for financial products and services that are open, decentralised and accessible to anyone. DeFi products open up financial services to anyone with an internet connection and they are largely owned and maintained by their users. While the attack didn't reveal specific flaws within Blockchain tech itself, it managed to exploit the older "web 2.0" technology that most users need to use to perform transactions, according to reports. (IANS/ MBI)
(Keywords: crypto wallets, BadgerDAO, decentralised finance, Blockchain, 120 million, crypto tokens, Hackers)
A total of 120 top Bollywood and other celebrities are expected to attend the wedding of film stars Katrina Kaif and Vicky Kaushal which is scheduled on December 9 in Rajasthan, said Rajendra Kishan, the District Collector (DC) of Sawai Madhopur district of the state on Friday. The District Collector told mediapersons: "These 120 guests shall follow all COVID-19 protocols and fully vaccinated guests will get entry in the much-hyped celebrity wedding."
Kishan said that the organisers have been asked to strictly follow all Covid-19 protocols. Also, those who are not vaccinated, will not be allowed without the negative RT-PCR test report, he added. "We have been informed by organisers that a total of 120 guests are invited to the wedding and the events will take place between December 7 to December 10," he added.
Earlier at 10.30 a.m., Kishan called a meeting which was attended by administrative, police and forest department officials, hotel and event managers to ensure adequate arrangements for crowd control, smooth regulation of traffic, and law and order situation amid the VIP movement. The wedding venue Fort Barwara, that has been converted into a heritage hotel, is situated in the panchayat samiti Chauth Ka Barwara. The venue is around 22 km away from Sawai Madhopur and is around 174 km from Jaipur. Sawai Madhopur district is famous for the Ranthambore National Tiger Reserve and as per reports, the guests are likely to be taken for a tiger safari. (IANS/ MBI)
(Keywords: Rajasthan, December 9, Vicky Kaushal, Katrina Kaif, film stars, celebrities, Bollywood, Katrina-Vicky)