Hacker Breaks Into French Government’s New Secure Messaging App

A white-hat hacker found a way to get into the French government’s newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with the government identities. Dubbed “Tchap,” the end-to-end encrypted, open source messaging app has been created by the French government with an aim Leggi tutto…

Storing Instagram passwords in plain text & harvesting your emails

Facebook stored millions of Instagram passwords in a readable format and asked users for their email’s passwords for “verification.” On 21st March, 2018, the social media giant Facebook admitted that it stored passwords of 600 million users including “tens of thousands” of passwords belonging to Instagram users in plain-text which were accessible to over 20,000 Leggi tutto…

Facebook Stored Millions of Instagram Users’ Passwords in Plaintext

Facebook late last month revealed that the social media company mistakenly stored passwords for “hundreds of millions” of Facebook users in plaintext, including “tens of thousands” passwords of its Instagram users as well. Now it appears that the incident is far worse than first reported. Facebook today quietly updated its March press release, adding that Leggi tutto…

Facebook Collected Contacts from 1.5 Million Email Accounts Without Users’ Permission

Not a week goes without a new Facebook blunder. Remember the most recent revelation of Facebook being caught asking users new to the social network platform for their email account passwords to verify their identity? At the time, it was suspected that Facebook might be using access to users’ email accounts to unauthorizedly and secretly Leggi tutto…

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

Drupal, the popular open-source content management system, has released security updates to address multiple “moderately critical” vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites. According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in third-party Leggi tutto…

Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform

A cybersecurity professional today demonstrated a long-known unpatched weakness in Microsoft’s Azure cloud service by exploiting it to take control over Windows Live Tiles, one of the key features Microsoft built into Windows 8 operating system. Introduced in Windows 8, the Live tiles feature was designed to display content and notifications on the Start screen, Leggi tutto…

Hackers exploiting unpatched Chrome bug to target 500M iPhone users

In this attack, eGobbler threat group is exploiting Chrome Sandboxing bug to target iOS devices in the US and EU. Malvertising campaigns, in which malware is distributed through advertisements, have become a common norm nowadays. But, the latest malvertising campaign that’s been specifically targeting iOS users can easily be categorized as among the biggest of Leggi tutto…

Over 100 Million JustDial Users’ Personal Data Found Exposed On the Internet

An unprotected database belonging to JustDial, India’s largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy “88888 88888” customer care number, The Hacker News has learned and independently verified. Founded over two decades Leggi tutto…

Crooks are selling “Digital Doppelgangers” to bypass anti-fraud protection

Financial Crimes to Reach an Unprecedented High by 2023 if Dark Web marketplaces like Genesis are allowed to Operate- Researchers Claim. According to the latest research from Juniper Research, cybercriminals have developed a wide range of advanced tools to help users evade machine learning-based anti-fraud systems. On the other hand, Kaspersky Lab researchers have identified Leggi tutto…

New Rapidly Evolving Rootkit-Enabled Spyware Discovered

A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products. While the rootkit malware—dubbed Scranos—which was first discovered late last year, still appears to be a work in progress, it is Leggi tutto…