Category: General|Mar 19, 2020 | Author: Admin

Blisk Browser Vendors Leaked Data Via Unsecured Database Server

Share on

Vendors behind the Blisk browser – a dedicated browser for web developers – inadvertently left a database unsecured that leaked data containing millions of records. Blisk is a web browser tailored for web developers keeping in view their needs. Launched in 2014, the browser’s userbase includes some prominent names as well, such as Apple, Microsoft, NASA, eBay, UNICEF, and others.

Blisk Vendor Data Leaked Security researchers from vpnMentor, Noam Rotem and Ran Locar, discovered another unsecured server exposing users’ data. This time, the open server belonged to the Blisk browser vendors, which leaked data related to web developers.

Detailing their findings in a post, the researchers revealed that they found an unprotected Elasticsearch database leaking data. It precisely contained 3.4GB of data that included more than 2.9 million records.

Blisk obtained this data from users without the need to bypass any security measures. The exposed information included sensitive details about users, including their email addresses, user agent details, and IP addresses. While leaving databases open is already negligent, the additional issue with Blisk was the way they collected the data. According to the researchers,

Since the browser “sees” what the user sees, it can potentially bypass encryption, 2-factor authentication, and any other measure they have in place. If the user is using software that is not heavily secured, this can lead to very serious security breaches. It appears that no matter what security measures you put in place while using Blisk, your data would still potentially be leaked.

Database Now Closed Upon finding the unprotected server, the researchers traced back the vendors and informed them of the matter. Following their report, the vendors addressed the matter in a few days pulling the database offline.

Though the researchers fear that the kind of information left online could lead to serious security threats, Blisk confirmed to ZDNet that the incident did not affect any sensitive data. Nonetheless, any Blisk user eager to know about the potential impact on oneself of the incident may contact the vendors for details.

 

Sponsored Ads:

Comments:


Microsoft has broken network printing AGAIN

Category: Microsoft|Oct 17, 2021 | Author: Admin

This is the first Alienware machine - now they are ready with a brand new model

Category: IT|Oct 16, 2021 | Author: Admin

Warzone and Vanguard install a driver to stop cheaters

Category: General|Oct 15, 2021 | Author: Admin

In the new iPhone update, you can finally disable this annoyance

Category: Apple|Oct 14, 2021 | Author: Admin

Enorm politiaksjon på Kongsberg: – Flere skadde og omkomne personer

Category: Lokale nyheter [Vestfold]|Oct 13, 2021 | Author: Admin

Google accuses Epic of breach of contract

Category: Google|Oct 13, 2021 | Author: Admin

Android vs. iOS in the enterprise: IT now has a real choice

Category: IT|Oct 12, 2021 | Author: Admin

Firefox sends everything you type into Mozilla's search box

Category: IT|Oct 11, 2021 | Author: Admin

Why is Apple appealing the verdict that they presented as "a resounding victory"?

Category: Apple|Oct 10, 2021 | Author: Admin

If you are waiting for AirPods Pro 2, you will have to wait a long time

Category: Apple|Oct 9, 2021 | Author: Admin

Build a PC for free (Epic Games)

Category: IT|Oct 8, 2021 | Author: Admin

Twitch source code and creator payouts part of massive leak

Category: General|Oct 7, 2021 | Author: Admin

Therefore, Facebook was away for six hours

Category: General|Oct 6, 2021 | Author: Admin

Zoom’s $14.7B acquisition bid for Five9 falls apart

Category: General|Oct 5, 2021 | Author: Admin

Problems with Many websites like Facebook and Instagram: - We are working hard

Category: General|Oct 4, 2021 | Author: Admin
more