CyberSecurityBoard
Sponsor Register Login

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

The woman-who has only been identified by her surname, Wang-was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China.
When everyone's selections arrived at the table, she posted a photo of the spread on the Chinese social media platform WeChat.
What she didn't notice was that she'd included the QR code on her table, which the restaurant's customers use to place their orders.
Even though the photo was only shared with her WeChat friends list and not the entire social network, someone-or a lot of someones-used that QR code to add a ridiculous amount of food to her order.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.


This Cyber News was published on www.schneier.com. Publication date: Fri, 08 Dec 2023 22:43:05 +0000


Cyber News related to Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code - The woman-who has only been identified by her surname, Wang-was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone's selections arrived at the table, she posted a photo of the spread on the Chinese ...
6 months ago Schneier.com
18th Anniversary Post: New Species of Pygmy Squid Discovered - They're Ryukyuan pygmy squid and Hannan's pygmy squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Yes, this is the eighteenth anniversary of Friday Squid Blogging. The first squid ...
5 months ago Schneier.com
CVE-2023-22487 - Flarum is a forum software for building communities. Using the mentions feature provided by the flarum/mentions extension, users can mention any post ID on the forum with the special `@"<username>"#p<id>` syntax. The following ...
1 year ago
From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence - This article summarizes the malware families seen by Unit 42 and shared with the broader threat hunting community through our social channels. We also included a number of posts about the cybercrime group TA577 - who have distributed multiple malware ...
6 months ago Unit42.paloaltonetworks.com
CVE-2024-23638 - Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of ...
2 months ago
Friday Squid Blogging: Footage of Black-Eyed Squid Brooding Her Eggs - Amazing footage of a black-eyed squid carrying thousands of eggs. They tend to hang out about 6,200 feet below sea level. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Corton January ...
5 months ago Schneier.com
CVE-2024-25617 - Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote ...
3 months ago
Damn Vulnerable RESTaurant: Open-source API service designed for learning - Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. Damn Vulnerable RESTaurant is managed by a Chef who has learned that threat ...
2 months ago Helpnetsecurity.com
Something exciting is brewing for NRF24 - NRF'24 is also where we'll be demonstrating Webex Connect's mobile ordering coffee bar experience at Café Cisco, which showcases the richer customer communications delivered by the simplicity and intuitiveness of Webex Connect, part of Webex CPaaS ...
6 months ago Feedpress.me
Friday Squid Blogging: New Foods from Squid Fins - We only eat about half of a squid, ignoring the fins. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. It's just a complaint; the SEC still has to prove the allegations in court. It's ...
5 months ago Schneier.com
Friday Squid Blogging: Operation Squid - Operation Squid found 1.3 tons of cocaine hidden in frozen fish. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Gay parades for all you must all be gay or kneel before the gays in ...
3 months ago Schneier.com
CVE-2023-46724 - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate ...
8 months ago
What we learned over coffee at the year's biggest healthcare event - Healthcare organizations are dedicated to providing exceptional care, prioritizing the patient's satisfaction and experience through a patient-centered approach. This approach ensures patients are firmly at the center of their care and engaged in ...
1 month ago Feedpress.me
Friday Squid Blogging: A Penguin Named "Squid" - As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. ...
4 months ago Schneier.com
CVE-2024-32579 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food ...
2 months ago
CVE-2019-18678 - An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches ...
3 years ago
CVE-2023-49288 - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to ...
6 months ago Tenable.com
Lawmakers: Ban TikTok to Stop Election Misinformation! Same Lawmakers: Restrict How Government Addresses Election Misinformation! - In a case being heard Monday at the Supreme Court, 45 Washington lawmakers have argued that government communications with social media sites about possible election interference misinformation are illegal. Just this week the vast majority of those ...
3 months ago Eff.org
Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
5 months ago Bleepingcomputer.com
Friday Squid Blogging: Sqids - Sqids is an open-source library that lets you generate YouTube-looking IDs from numbers. These IDs are short, can be generated from a custom alphabet and are guaranteed to be collision-free. I haven't dug into the details enough to know how they can ...
6 months ago Schneier.com
Friday Squid Blogging: Vegan Squid-Ink Pasta - It is a simple idea but probably never seen before, since it is the opposite of what most people usually want: website owners want the most data they can get and players want to choose their username/avatar. In the context of privacy, doxing and ...
4 months ago Schneier.com
Friday Squid Blogging: New Squid Species - About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I'm a fellow and ...
4 days ago Schneier.com
CVE-2021-24299 - The ReDi Restaurant Reservation WordPress plugin before 21.0426 provides the functionality to let users make restaurant reservations. These reservations are stored and can be listed on an 'Upcoming' page provided by the plugin. An ...
3 years ago
Tech Companies Sign Accord to Combat AI-Generated Election Trickery - Executives from Adobe, Amazon, Google, IBM, Meta, Microsoft, OpenAI and TikTok gathered at the Munich Security Conference to announce a new framework for how they respond to AI-generated deepfakes that deliberately trick voters. Twelve other ...
4 months ago Securityweek.com
CVE-2024-23502 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer ...
4 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)