Recently, the analyst Noam Rotem and Ran Locar, heads of vpnMentor’s security team, revealed a data breach that is attacking the Blisk browser, a web browser which is particularly designed for the web developers.
So, according to Noam and Ran’s research, it seems that the Blisk browser is receiving data from its users and neglecting any security steps they have in place. That was huge data destruction, with over 2.9 million records – figuring 3.4GB of data – revealed.
It left probably thousands of web developers all across the world that are vulnerable to online attacks and deception. Well, it’s bad enough that Blisk has created to manage user data, and the worse part is that it’s dripping the data to the outside world.
The analyst found the database in February 2019, then communicated SyncUI in April. The company didn’t reply till May, and after that, it didn’t take the database offline until September.
So, if the displayed email addresses were to befall into wicked hands, the negotiated Blisk users would have to maintain spam email, phishing, and malware infection trials.
Thus, the IP addresses would allow attackers to scan for open ports or ping the target system to verify what OS or services are operating there. But, as for the user agent data, this would allow the attackers to create custom ventures if they’re firm enough to attack the distinct target.
In the matter of web developers, the user agent details would provide that what developer tools they are practicing, so hackers could probably try to add a supply chain backdoor.
Blisk Browser Profile
Now apart from all these things, if you want to know about the Blisk browser, then let me clarify that it’s a web browser that is specifically designed for web developers, UX designers, and web engineers.
Hence, if you are one of them, then the Blisk browser is one of the best web browsers available on the internet. As it simply gives you a unique workspace to build and test websites, app designs and much more.
Moreover, the Blisk web browser is basically, Founded in 2014, and it boasts huge popularity amongst web developers around the world, along with many well known corporate customers like NASA, Microsoft, Apple, eBay, UNICEF, and many more.
Well, if you are utilizing Blisk, then you should better communicate with the company and demand for information about what occurred and how they are preparing to address the growing vulnerability problems.
Moreover, the company has gathered your data in an inappropriately offensive manner, and they didn’t even bother to encrypt it, and ultimately missed to defend it by dropping it on a passwordless online database.
Not only this, but most of the companies also don’t have that, White said further. “Until cloud database providers increase in stronger safety measures, such as compulsory dual approval for high-risk configuration adjustments, we will proceed to see large data vulnerability that could be bypassed,” he stated.
So, what do you think about this? Simply share all your views and thoughts in the comment section below. And if you liked this post, then simply do not forget to share this post with your friends, family, and on your social profiles.
You can follow us on Linkedin, Twitter, Facebook for daily Cyber Security and hacking news updates.
