Recent searches
Search options
It's always amazed me that ID.me, which you have to use in order to interact w/ the IRS online these days, has a top level domain from the country of Montenegro. Ublock Origin says they're injecting tracking links from Italy's TLD when you login at the irs.gov website.
What's next? Cookies from Colombia? AI from Anguilla?
ehs @briankrebs The US is in a position of power where I don't think a country would consider hijacking domains it uses. Not to defend this, but
@eb @briankrebs and on top of that Montenegrin IT capabilities can be summed up to a fact that we had major cyberattack in ‘22 that wiped out most of gov services and some of them are not restored as for today :) Had to ask US for a help and so on. So yeah, it’s highly unlikely to be ME operation
@briankrebs @alex I’ve received private disclosure of a potential vulnerability that I have independently verified as still active. I would disclose it as we are a whole year past the responsible disclosure period, but it’s the state of Georgia and incompetent governments don’t take too kindly to this: https://www.theverge.com/2021/10/14/22726866/missouri-governor-department-elementary-secondary-education-ssn-vulnerability-disclosure
@eb @briankrebs I’ve seen another subtle hack recently: I suppose CMS haven’t been patched, so all the content on a website had few words in article to be made in links that also point to some shady pharma site. I wonder if it’s possible to check backlinks from Georgia’s site. But referrer check is 
. So simple, much efficient!