Friday, September 16, 2022

Can't unsee what you saw on Seesaw

from here and here

Apparently Seesaw suffered a credential stuffing attack and the attacker(s) sent Goatse pics all over the place. Now you might be thinking "Wait a minute, credential stuffing is hardly their fault", but there are defenses against such things, so the fact that the attack worked suggests that Seesaw did not have adequate defenses against what is a fairly ordinary kind of attack, all things considered.