Unsecured Microsoft Bing Server Leaks Search Queries, Location Data


Data exposed included search terms, location coordinates, and device information - but no personal data.

People Are Increasingly Choosing Private Web Search

Schneier on Security

The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% It’s not as a good a search engine as Google. To solve that, I use use the feature that allows me to use Google’s search engine through DuckDuckGo: prepend “!Google”


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Krebs on Security

Google said this week it is expanding the types of data people can ask to have removed from search results, to include personal contact information like your phone number, email address or physical address.

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

Security experts from Tenable have published a post detailing the flaw, they also shared Shodan dorks for searching SonicWall VPNs. At the time of this post, the first search query provides 448,400 results, the second one 24,149, most of the vulnerable devices are in the United States.

Post-Roe Privacy

Schneier on Security

Taken together, this means the primary digital threat for people who take abortion pills is the actual evidence of intention stored on your phone, in the form of texts, emails, and search/web history. Those searches were the evidence that she intentionally induced a miscarriage.

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Schneier on Security

Its spyware is also said to be equipped with a keylogger, which means every keystroke made on an infected device — including passwords, search queries and messages sent via encrypted messaging apps — can be tracked and monitored.

Gootkit delivery platform Gootloader used to deliver additional payloads

Security Affairs

The framework uses black search engine optimization (SEO) techniques to poison Google search results and spread links pointing to the malware. The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware.

Over a billion records belonging to CVS Health exposed online

Security Affairs

Some of the exposed records also include visitors’ queries for a broad range of terms, including medications, Covid 19 vaccines, and other CVS Health products.

Experts warn of a new malvertising campaign spreading the ChromeLoader

Security Affairs

The malware is able to redirect the user’s traffic and hijacking user search queries to popular search engines, including Google, Yahoo, and Bing. Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers.

Experts warn of the exposure of thousands of Google Calendars online

Security Affairs

The security researcher Avinash Jain discovered more than 8000 Google Calendars exposed online that were indexed by Google search engine. “What I found is that — Using a single Google dork (advance search query), I am able to list down all the public google calendar or users who all have set their calendar as public. I found dozens of calendars which are indexed by google’s search engines, revealing or disclosing several sensitive information.”

Threat actors are attempting to exploit VMware vCenter CVE-2021-22005 flaw

Security Affairs

Researchers from search engines for internet-connected devices Censys published an interesting analysis of the vulnerability and provided information about the number of VMware vCenter Server installs exposed online.

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

Security experts from Tenable published a post detailing the flaw, they also shared Shodan dorks for searching SonicWall VPNs.

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

But based on interactions that Bill has had with several large email providers so far, this crime gang merely uses custom, automated scripts that periodically log in and search each inbox for digital items of value that can easily be resold.

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

Security Affairs

According to Group-IB, in 2018 interest in online shopping of alcohol increased by more than 35% , as can be seen with the higher numbers of search queries for “buy alcohol”. Around 30% more people searched for alcohol including delivery (search queries for “alcohol delivery”) compared to the previous year. During pre-holiday periods, the number of search queries for online sales of alcohol increases by 28%.

As We Head Toward A More Conversational Interface, Can AdWords Keep Up?

John Battelle's Searchblog

Gian Fulgoni, Executive Chair of Comscore, has an interesting analysis of what's happening in paid search lately. It's germane to my earlier posts about paid search share sliding and Google's decision to allow trademark ad bidding. the percent of search results pages with a paid ad) has dropped from 64% to 51% of searches. First, search engines are getting better to reduce less relevant advertisers from the mix.

A Fresh Comparison of TAR and Keyword Search: eDiscovery Best Practices

eDiscovery Daily

So, I’m always interested to hear what he has to say about TAR, how it can be used and how effective it is when compared to other methods (such as keyword searching). His latest blog post on the Clustify site talk about an interesting exercise that did exactly that: compared TAR to keyword search in a real classroom scenario. The result: TAR beat keyword search across the board for both tasks. Do you think this is a valid comparison of TAR and keyword searching?

Intelligent Search – Strategies to Find What You Need


In this post, we’ll explore the challenges of inefficient search and talk about some ways to improve. Does Your Organization Have a Search Problem? hours per week, on average—searching and gathering information.” Source: Time Searching for Information. Enterprise Search

Multiple threat actors are targeting Elasticsearch Clusters

Security Affairs

These attacks leverage CVE-2014-3120 and CVE-2015-1427, both of which are only present in old versions of Elasticsearch and exploit the ability to pass scripts to search queries.” ” This behavior has been seen in elastic search error logs going back several years. Additionally, Talos highly recommends disabling the ability to send scripts through search queries if that ability is not strictly necessary for your use cases,”.

Facebook flaw could have exposed private info of users and their friends

Security Affairs

The vulnerability was discovered by security experts from Imperva, it resides in the way Facebook search feature displays results for queries provided by the users. The page used to display the results of the users’ queries includes iFrame elements associated with each result, experts discovered that the URLs associated to those iFrames is vulnerable against cross-site request forgery (CSRF) attacks.

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Security Affairs

The latter was downloaded from Iranian software sharing website – the Google search query in Persian language “ ?????? ??? ????? Group-IB has detected financially motivated attacks carried out in June by newbie threat actors from Iran.

Bartz: Yahoo Was "Never a Search Company". Me: Bullsh*t.

John Battelle's Searchblog

But for Bartz to say that Yahoo was never a search company is simply not true. Yahoo was the original search destination, and a place folks first learned to "search" for stuff on the Web. As the original directory of things worth paying attention on the Web, Yahoo was - and remains for many - the definitive place to start a search query. And also, in the history of Yahoo, let us not forget the entire homepage was redesigned around search just three years ago.

Vulnerability in UC Browser Apps exposes to phishing attacks

Security Affairs

The flaw is related to the way User Interface on UC Browser and UC Browser Mini handles a built-in feature designed to improve users Google search experience. To enhance user experience while searching something on “google.com,” or other search engines and websites, using UC Browsers, the browsers remove the domain from the address bar and only displays the search term.

A Big Day For Twitter

John Battelle's Searchblog

Yesterday Twitter rolled out integrated real time search to its entire user base, no small feat, given how fast that base has grown. It's pretty elegant, with Trending Topics searched for on the right, and onoing, constantly updated searches integrated into the same interface as normal Twitter. I'd love to see how search volume grows.

With Google’s 2012 Zeitgeist, You Won’t Learn Much. Why?

John Battelle's Searchblog

appeared first on John Battelle's Search Blog. In the past I’ve criticized Google for failing to ask interesting questions of the massive amount of data it collects on search patterns each year. Imagine if Google took its massive search query database and worked with some of the leaders in the open data movement to mine true insights? appeared first on John Battelle's Search Blog.

It’s Google’s World. Your Business Is Just Living in It

Adam Levin

Case in point: I just did a Google search for Basecamp, an online project management tool. Not too long ago, the same search resulted in a first hit featuring Basecamp, but it was an ad. Most businesses need websites, and websites need to follow Google’s best practices to be found in online searches, terms Google can force because it currently has 92 percent worldwide market share on search.

Here are Some More Up to Date Fun Facts on Big Data: eDiscovery Trends

eDiscovery Daily

trillion searches per year; By 2020, about 7 megabytes of new information will be created every second for every human on the planet; Bad data costs US businesses alone $600 billion annually; Big data will drive an estimated $232 billion in spending in 2016. For many of the webcasts that we’ve conducted at CloudNine this year, we’ve noted several big data fun facts that illustrate the challenges that many organizations face in managing increasing volumes of data.

It’s Not About Search Anymore, It’s About Deals

John Battelle's Searchblog

Google now appears to be acting the same way, cutting Google+ a “deal” so to speak, giving it the best real estate for all manner of search queries. That’s not how search was supposed to work. Search was supposed to reflect the ongoing conversation happening across all aspects of the Internet. Search isn’t supposed to be about cutting a deal to get your company’s wares to the top of relevant searches.

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

Information Governance Perspectives

It’s essentially a snapshot of a job search query. Earlier this month I had the honor and privilege of speaking at the MERv conference with Dr. Gregory S.

Best Network Monitoring Tools for 2022

eSecurity Planet

Network monitoring is where business performance meets cybersecurity , making it a critical component of any organization’s development, security, and operations ( DevSecOps ) pipeline.

Cloud 76

Google News: A Payment System and A New Search Bar

John Battelle's Searchblog

And from Google : For us, search has always been our focus. And, starting today, you'll notice on our homepage and on our search results pages, our search box is growing in size. Although this is a very simple idea and an even simpler change, we're excited about it — because it symbolizes our focus on search and because it makes our clean, minimalist homepage even easier and more fun to use. And the larger search bar, well, just seems to make sense.

The Evolving Search Interface: Mobile Drives Search As App

John Battelle's Searchblog

I've said before that search interfaces, stuck in the command line interface of DOS, will at some point evolve into applications on top of a commodity search index. I further opined that Bing, in particular Bing's limited but compelling visual search , was just such an example: search as an interactive, rich application, as opposed to search as a list of results. On their face, these apps don't seem like search at all.

On Using Search for Decisions

John Battelle's Searchblog

From the first post: If what you are looking for is a hotel room, a plane ticket, or something else in the “head end” of search results, plenty of sites aggregate tons of results for you. But as soon as you go a bit down the tail - like my example for classic cars - search becomes a pivot point for an ongoing and often taxing decision process.

Taking Twitter to the Next Level: President of Global Revenue Adam Bain

John Battelle's Searchblog

The services handles tens of billions of search queries a month, putting it on scale with some of the most elite platforms in the world. Twitter. It's our favorite conundrum here in Internet Media Land, isn't it? On the one hand it's changing the world and growing like crazy, with more than 200 million users who generate 155 million tweets a day.

It’s Time For Twitter To Filter Our Feeds. But How?

John Battelle's Searchblog

appeared first on John Battelle's Search Blog. Compare that to Google, which decides what content you see based on your search query or, more recently, your location (and tons of other data), or Facebook, whose impassive algorithms sift through a sea of friends’ updates and determine what the service, in its ineffable wisdom, decides you will see. appeared first on John Battelle's Search Blog. The post It’s Time For Twitter To Filter Our Feeds.

Google Steps Gingerly Toward Search As Application

John Battelle's Searchblog

When Bing launched, I framed the new service from Microsoft as an important step in the evolution of search: I actually don't think Microsoft is trying to out-Google Google with Bing. I think it's trying to build a different kind of search application, one that sits on top of commodity search and helps people make decisions in a new way. Done right, this totally breaks the AdWords model that has driven search so far.

What Will Search Look Like In Mobile? A Visit With Jack

John Battelle's Searchblog

The post What Will Search Look Like In Mobile? A Visit With Jack appeared first on John Battelle's Search Blog. First up is Jack Mobile, a stealthy search startup founded a year or so ago by Charles Jolley , previously at Facebook and Apple, and Mike Hanson , a senior engineer at Mozilla and Cisco who early in his career wrote version 1.0 of the Sherlock search app for Apple. Mobile search queries are just…different.

This Is What Happens When Context Is Lost.

John Battelle's Searchblog

appeared first on John Battelle's Search Blog. Back in the year 2000, Google rolled out AdWords , a fantastically precise targeting technology that allowed just about anyone to target their advertisements to…just about anyone, as long as that person was typing a search term into Google’s rapidly growing service. AdWords worked best when you used it directly on Google’s site — because your ad came up as a search result right next to the “organic” results.

Facebook Coalition To Google: Don’t Be Evil, Focus On The User

John Battelle's Searchblog

Talk naturally turned to the implications of Google’s controversial integration of Google+ into its search results – a move that must both terrify (OMG, Google is gunning for us!) When clicked, a bookmarklet performs some function, one of a wide variety such as a search query or data extraction.” Related: What Might A Facebook Search Engine Look Like? It’s Not About Search Anymore, It’s About Deals.

Search, Foursquare, and Checking Into States of Mind

John Battelle's Searchblog

In short, the checkin is a search, waiting for a response. And there's no reason to constrain that search query to location. What matters is that as users of this particular brand of search, we get good results. If that's what I wanted, I'd just use a search engine. After all, most of search is instrumented, for the most part, against my query, and my query alone. surprises or delights me with an offer of value to my search, and 3.

Google Now: The Tip of A Very Long Spear

John Battelle's Searchblog

The post Google Now: The Tip of A Very Long Spear appeared first on John Battelle's Search Blog. It is instead the experience one has when you use the Google Search application on your Android or iPhone device (it’s consistently a top free app on the iTunes charts). You probably know it as Google search, but it’s far, far more than that. Now, six years later, Universal search is, well universal, and that debate, which included an FTC investigation , is over.