Vulnerability in OAuth Protocol Allows Hacking Any Facebook Account
The vulnerability is contained in the Facebook login feature, which uses the OAuth 2.0 authorization protocol. Security researcher Amol Baikar discovered a critical vulnerability in the Facebook social network OAuth…
Hackers scan network for vulnerable Microsoft Exchange servers
Information security experts warn that hackers are already scanning the network for Microsoft Exchange servers that are vulnerable to CVE-2020-0688, which Microsoft developers fixed two weeks ago. The problem is…
Kr00k Wi-Fi-chips vulnerability affects over a billion devices
At the RSA 2020 conference, ESET specialists spoke about the new Kr00k vulnerability (CVE-2019-15126) that can be used to intercept and decrypt Wi-Fi traffic (WPA2). Researchers believe that the Kr00k…
Almost three quarters of modern phishing sites use SSL
Anti-Phishing Working Group (APWG) experts in their new report on this cyber threat analyzed modern phishing techniques. They found out that almost three quarters of modern phishing sites use SSL…
IMP4GT Vulnerability in LTE Threatens Almost All Modern Smartphones
Experts from Ruhr University reported an IMP4GT (IMPersonation Attacks in 4G NeTworks) problem. Modern LTE-enabled devices are vulnerable to IMP4GT, therefore, it threatens almost all smartphones, tablets, and IoT devices.…
Google Search Indexes WhatsApp Private Groups
Google search engine indexes invitations to WhatsApp groups (including links to private groups), which makes them visible and accessible to any user who wants to join the group. The journalist…
Number of linked with WhatsApp phishing URLs increased by 13 467%
According to Vade Secure's report, the number of phishing URLs related to Facebook grew by 358,8%, and WhatsApp, by 13467%. Vade Secure published a report on phishing threats in the…
FSF sent Microsoft developers an empty HDD for Windows 7 sources
The Free Software Foundation (FSF) sent Microsoft developers an empty HDD, asking company to write the Windows 7 source code. At the end of January 2020, in connection with the…
Samsung amends Android kernel that impair security
Jann Horn, Google Project Zero Specialist, studied the Android kernel, supplied by Samsung with its Galaxy A50 phones, and stated that the security mechanisms added by Samsung engineers to the…
Xhelper Trojan remains on the device even after resetting to factory settings
Xhelper malware continues to infect Android devices. Moreover, the Xhelper Trojan remains on the device even after deleting or completely resetting device to factory settings. According to Nathan Collier, Senior…
Microsoft recommends Exchange administrators to disable SMBv1
Microsoft strongly recommends administrators disable the SMBv1 protocol on Exchange servers to protect against threats that exploit its vulnerabilities. Let me remind you that Microsoft has been implementing a systematic…
Microsoft fixed 0-day vulnerability in Internet Explorer and 99 more bugs in its products
Recent February “update Tuesday” became the largest for Microsoft in a long time: within its framework were fixed almost 100 different bugs, including the 0-day vulnerability in Internet Explorer, which…