Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Social Media threats. Show all posts
Social Media threats
Account Hack account protection Cyber Security Fake Accounts Google Account online account security Social Media threats

Avoiding Social Media Scams When Recovering a Locked Gmail Account

 

Losing access to your Gmail account can be a frightening experience, especially given that Gmail is deeply integrated into the online lives of more than 2.5 billion users globally. Unfortunately, the popularity of Gmail has also attracted scammers who exploit users seeking help after being locked out of their accounts. These attackers wait for users to post their issues publicly on social media platforms, particularly X (formerly Twitter). They pose as helpful people or even official support agents, suggesting that they can help users recover their accounts. By using fake accounts that appear credible, they deceive users into sharing personal information or even paying money under the guise of assistance. 

Engaging with these fake accounts is risky, as scammers may ask for payment without helping or, worse, obtain the victim’s login credentials, gaining full access to their accounts. In the initial panic of losing an account, people often turn to social media for immediate help. This public search for help exposes them to a swarm of scammers using automated bots to detect posts about lost accounts. These bots then direct users to supposed “support agents” who, in reality, are fraudsters attempting to capitalize on the vulnerability of those locked out of their accounts. Victims may be asked to pay for a recovery service or provide personal details, like account passwords or two-factor authentication codes. 

Often, the scammers promise assistance but deliver none, leaving users at risk of both financial loss and further account compromise. In some cases, attackers use these interactions to access the victim’s Gmail credentials and take over not just the email but other connected Google services, leading to a much larger security breach. While the need for quick support is understandable, it’s essential to avoid turning to public platforms like X or Facebook, which can make users easy targets. Instead, Google has official account recovery methods to retrieve locked accounts safely. The company provides a structured recovery process, guiding users through steps that don’t involve sharing details with strangers. This includes using backup email addresses or two-factor authentication to regain access. 

Additionally, Google has an official support community where users can discuss issues and seek guidance in a more secure environment, reducing the likelihood of encountering scammers. By following these steps, users can regain access to their accounts without exposing themselves to further risk. Even in stressful situations, staying cautious and using verified recovery options is the safest course. Publicly seeking help with sensitive matters like account access opens doors to fraudsters who thrive on desperation. Taking time to verify recovery resources and avoiding social media platforms for assistance can help users avoid falling victim to predatory scams. By following Google’s secure processes, users can ensure the safety of their accounts and keep their personal information secure.
Read more »
Technology Threats
Chinese App Ban Cyberspace India Social Media threats Technology Technology Threats

MCA to Strike Off 400 Chinese Companies for Fraud in India

 

The Ministry of Corporate Affairs (MCA) is preparing to strike off as many as 400 Chinese companies operating in India due to severe financial irregularities and incorporation-related fraud. These companies, which primarily deal in online loans and job services, are spread across 17 states, including key areas such as Delhi, Mumbai, Chennai, Bengaluru, Uttar Pradesh, and Andhra Pradesh. According to a report by Moneycontrol, which cited an anonymous government official, the action is expected to be completed within the next three months. 

The MCA has been investigating nearly 600 Chinese companies, focusing on those involved in digital lending and online job platforms. The official stated that the investigation phase has concluded, revealing that 300 to 400 of these companies are likely to be struck off the register. 

The primary reasons for this drastic action include predatory lending practices, financial fraud, and violations of India’s financial regulations. These Chinese companies have come under scrutiny for a variety of reasons. Many of them have been accused of engaging in aggressive tactics to recover loans, imposing exorbitant interest rates on borrowers, and resorting to harassment. 

Additionally, several companies have been found to have Indian directors but operate with Chinese bank accounts, with no recorded financial transactions in India. This has raised suspicions of money laundering and other financial crimes. Furthermore, some companies were not found at their registered office addresses, while others were discovered to be investing in businesses unrelated to their stated purpose, further indicating potential financial fraud. 

Under Section 248 of the Companies Act, the process of striking off a company from the register takes approximately three months. The MCA first issues a notice to the company, allowing time for a response. If the company fails to respond, a second notice is sent after one month. Should there be no reply even then, the company is removed from the register.  

This sweeping action by the MCA underscores the Indian government’s ongoing efforts to regulate the digital lending space and ensure financial transparency, particularly in light of the growing concerns around the proliferation of predatory lending apps in the country.
Read more »
Web Servers
Authetication Data Breach Game Developer Gaming Gaming Community Private Data Social Media threats Video Games Web Servers

Insomniac Games Cybersecurity Breach

A cyberattack has compromised the prestigious game company Insomniac Games, exposing private data without authorization. Concerns over data security in the gaming business have been raised by this hack, which has spread throughout the community.

Targeting Insomniac Games, the company behind the well-known Spider-Man series, the cyberattack was purportedly executed by a gang going by the name Rhysida. Fans and the gaming industry were left in a state of anticipation and fear as the hackers obtained access to a treasure mine of data, including secret footage of new projects like Wolverine.

The leaked information not only included sneak peeks into future game developments but also internal data that could compromise the studio's operations. The gravity of the situation prompted a rallying of support for Insomniac Games from both the gaming community and industry professionals.

Amid the chaos, cybersecurity experts have been quick to emphasize the importance of robust security measures in an era where digital attacks are becoming increasingly sophisticated. This incident serves as a stark reminder that even major players in the gaming industry are vulnerable to cyber threats.

Insomniac Games responded promptly to the breach, acknowledging the incident and assuring fans that they are taking necessary steps to address the issue. The studio urged users to remain vigilant and promptly report any suspicious activities related to their accounts.

The gaming community, known for its passionate fanbase, has shown solidarity with Insomniac Games in the wake of the cyberattack. Messages of support have flooded social media platforms, emphasizing the need for collective efforts to combat cyber threats and protect the integrity of the gaming industry.

As the situation unfolds, industry leaders and policymakers are likely to scrutinize the incident to enhance cybersecurity protocols across the gaming landscape. The hack serves as a wake-up call for developers and publishers to invest in cutting-edge security measures to safeguard intellectual property and user data.

Leaders in the industry and legislators will probably be closely examining the incident as it develops to improve cybersecurity practices in the gaming sector. Developers and publishers should take note of this hack and invest in state-of-the-art security solutions to protect user data and intellectual property.

The recent hack on Insomniac Games serves as a reminder that even the biggest names in the gaming business are susceptible to online attacks. The aftermath of this disaster calls for the gaming community as a whole to prioritize cybersecurity in addition to data security. One thing is certain as the gaming industry struggles with the fallout from this breach: protecting digital assets is critical to the business's long-term viability and public confidence.
Read more »
User Privacy
Click Bait Digital Platform Misinformation Phising Attacks Privacy Reddit Social Media Apps Social Media threats User Privacy

Reddit to Pay Users for Popular Posts

Reddit, the popular social media platform, has announced that it will begin paying users for their posts. The new system, which is still in its early stages, will see users rewarded with cash for posts that are awarded "gold" by other users.

Gold awards are a form of virtual currency that can be purchased by Reddit users for a fee. They can be given to other users to reward them for their contributions to the platform. Until now, gold awards have only served as a way to show appreciation for other users' posts. However, under the new system, users who receive gold awards will also receive a share of the revenue generated from those awards.

The amount of money that users receive will vary depending on the number of gold awards they receive and their karma score. Karma score is a measure of how much other users have upvoted a user's posts and comments. Users will need to have at least 10 gold awards to cash out, and they will receive either 90 cents or $1 for each gold award.

Reddit says that the new system is designed to "reward the best and brightest content creators" on the platform. The company hopes that this will encourage users to create more high-quality content and contribute more to the community.

However, there are also some concerns about the new system. Some users worry that it could lead to users creating clickbait or inflammatory content to get more gold awards and more money. Others worry that the system could be unfair to users who do not have a lot of karma.

One Reddit user expressed concern that the approach will lead users to produce content of poor quality. If they know they can make money from it, people are more likely to upload clickbait or provocative stuff.

Another Reddit member said that users with low karma may be treated unfairly by the system. According to the user, "Users with more karma will be able to profit more from the system than users with less karma." This will make users with lower karma less likely to produce high-quality content, which is unjust.

Some of the issues raised by the new method have been addressed by Reddit. According to the corporation, it will actively monitor the system to make sure users aren't producing low-quality content to increase their gold medal total. In addition, Reddit states that it will endeavor to create a system that is equitable to all users, regardless of karma.

According to a Reddit spokesman, "We understand that there are some concerns about the new system. We are dedicated to collaborating with the community to make sure that the system is just and that it inspires users to produce high-quality content."

The platform has undergone a dramatic change as a result of Reddit's new strategy of compensating users for popular postings. The system's actual functionality and whether it will improve the platform's content quality have still to be determined. Reddit is devoted to advancing and inventing, as evidenced by the declaration of the new system.
Read more »
Unauthorized access
malware Online Gaming Phishing Attacks Private Data Social Media threats Unauthorized access

Hackers Infect Call of Duty Players with Self-Spreading Malware


Hackers have recently been discovered abusing Call of Duty players with a self-propagating software attack, raising serious concerns among the gaming community. This malicious activity, which security researchers have uncovered, has aroused concerns since it may compromise user data and interfere with gaming activities. 

Cybercriminals have reportedly been targeting Call of Duty users with a self-spreading malware strain, according to TechCrunch. The malware is made to fast propagate from one player to another by using the game's connected network infrastructure as a distribution channel. Unsuspecting players engage with the virtual environment, and the malware stealthily infiltrates their computers, potentially allowing illegal access to private data.

Particularly sneaky is the malware's method of dissemination. When playing online games with other infected individuals or taking part in shared gameplay events, players frequently become infected without being aware of it. Players who have been infected by the malware multiply exponentially as it spreads through in-game social interactions, which broadens the threat's reach and impacts.

Since this problem is so serious, numerous cybersecurity companies and gaming communities have responded. In order to stop and stop the spread of malware, researchers from reputable security groups have been actively examining the behavior of the malware. The malware is highly versatile and challenging to entirely eradicate because of its self-propagating nature, which presents challenges.

Players of Call of Duty and the game industry as a whole could face serious dangers. Personal information, including login credentials, payment information, and other sensitive details, is vulnerable to exploitation after it has been compromised. The malware's presence can also have a negative effect on the gaming experience by causing latency, crashes, or unapproved access to in-game resources.

Security professionals advise players to exercise caution and take the appropriate safety measures to protect their systems. The chance of infection can be reduced by upgrading antivirus software often, using secure passwords, and keeping an eye out for shady in-game activities.

The issue is being actively addressed by gaming firms and platform suppliers as well. In order to put in place practical solutions that can identify and stop the spread of malware in real-time, they are stepping up security precautions and working with cybersecurity professionals.

Players must be aware of any threats in this situation, as well as stay current on the most recent information from reliable sources about current events. A primary goal for the gaming business and its devoted community must be maintaining player safety and security as the gaming landscape changes.
Read more »
User Privacy
BBC Meta Phishing Attacks Privacy Social Media threats User Privacy

Meta Responds to User Complaints by Introducing Feeds for Threads

Meta, the parent company of social media giant Facebook, has recently revealed its plans to introduce feeds for Threads, a messaging app designed for close friends. This move comes in response to user complaints about the lack of a central content hub and the need for a more streamlined user experience. The company aims to enhance the app's functionality and provide a more engaging platform for users to connect and share content.

According to reports from BBC News, Meta's decision to introduce feeds for Threads follows numerous user complaints regarding the app's limited capabilities and disjointed user interface. Users have expressed their desire for a central hub where they can view and interact with content shared by their friends, similar to the experience offered by other social media platforms. Responding to this feedback, Meta plans to incorporate feeds into Threads to address these concerns and improve the overall user experience.

In an official statement, Meta spokesperson Jonathan Anderson stated, "We have taken note of the feedback we received from Threads users. We understand the importance of creating a cohesive and engaging environment for our users, and we are actively working on implementing feeds within the app. This will allow users to easily navigate and interact with the content shared by their friends, enhancing their overall experience on Threads."

The addition of feeds to Threads is expected to offer several benefits to users. It will provide a central content hub where users can view and engage with posts, photos, and videos shared by their friends. This new feature aims to foster a sense of community and encourage more active participation within the app. Moreover, the inclusion of feeds will enable users to stay up-to-date with the latest content from their close friends without having to navigate through multiple screens or individual conversations.

Meta's decision to address user feedback and enhance Threads aligns with the company's ongoing efforts to improve user satisfaction and retain a competitive edge in the social media landscape. By implementing feeds within the app, Meta aims to offer a more intuitive and enjoyable user experience, attracting and retaining users who value close-knit connections and personalized content sharing.

While Meta has not disclosed a specific timeline for the release of feeds on Threads, users can anticipate an update in the near future. The company remains committed to actively listening to user feedback and implementing changes that enhance the functionality and usability of its platforms.

Read more »
User Security
Cyber Security Data Theft Social Media threats UAE User Privacy User Security

UAE's Sincere Efforts to Combat Cybercrime

 

The Abu Dhabi Judicial Department (ADJD) held an awareness-raising lecture on "Cybercrime and its Dangers to Society" in conjunction with "Majalis" Abu Dhabi at the Citizens and Community Affairs Office of the Presidential Court as part of its initiatives to foster legal awareness among the constituents of society in order to ensure their protection and to shield them from the risks conveyed by crimes involving the use of contemporary technologies and social media. 

The lecture, delivered by Chief Prosecutor Dr. Abdulla Hamad Al Mansouri, covered the nature and definition of cybercrime, the risks of cyber-extortion, and the legal sanctions. The lecturer also concentrated on the reasons and circumstances that cause members of society to fall victim to cyber-extortionists and provided a number of useful examples drawn from actual prosecution cases. 

In accordance with the terms of Federal Decree-Law No. 34 of 2021 on Combating Rumors and Cybercrime, Dr. Al Mansouri covered the dangers linked with the exploit of social media networks and the responsibility of users. On January 2, 2022, the Federal Decree Law No. 34 of 2021 on Combating Rumors and Cybercrimes went into effect.

It aims to increase protection against online crimes committed using networks, platforms, and information technology. Additionally, it aims to protect the databases and websites of the UAE's government, stop the spread of rumours and false information, protect against electronic fraud, and uphold individual rights and privacy. 

The Abu Dhabi Judicial Department has previously drawn attention to the risks posed by cybercrime. In order to ensure the defence and safety of society from crimes utilising modern technologies, particularly through the pervasive use of social media, the ADJD organised two lectures on "Cybercrime and its Risks to Society" in July of last year. One occasionally comes across news of people who fall prey to online predators or scammers; even children are a target of these crimes. 

The Dubai Police General HQ has urged the public to use social media platforms responsibly and to be on the lookout for online scammers and cybercriminals. These statements were made by Expert Major General Khalil Ibrahim Al Mansouri, Assistant Commander-in-Chief for Criminal Investigation Affairs at Dubai Police, as he discussed Operation "Shadow," which was carried out nearly three years ago and resulted in the arrest of 20 African gangs for extortion crimes against social media users and for blackmailing and cyber extortion. He added that the police had detained a married couple who had fooled users of social media by pretending to be a domestic helper recruitment agency. 

The world's largest trade fair for safety, security, and fire protection, Intersec 2023, will take place over 47,000 square metres at the Dubai World Trade Center from January 17 to 19, and the Dubai Electronic Security Centre (DESC), which works to ensure the emirate becomes a leader in cybersecurity and the protection of information from external cyber threats, has been named the official government partner. 

At Intersec's Cyber Security sector, specialists in the public and private sectors, national leaders, advisors, economists, and corporate buyers will be present. According to Dr. Bushra Al Blooshi, Head of Research & Innovation at DESC, "Given the rapidly developing technology of today, cybersecurity is an absolute necessity for businesses, especially with remote working culture and digital transformation."
Read more »
User Security
data scam Indian Users IRCTC Mobile Security Social Media threats User Security

Scammers Target Indian Users Posting Complaints on Social Media

 

The latest report from Cyble Research and Intelligence Labs (CRIL) revealed that scammers are targeting Indian residents who submit complaints on social media accounts belonging to various local firms.

Fraudsters keep an eye out on Twitter and other social media sites for customers asking for reimbursements for problems they may have had with services offered by businesses like the Indian Railway Catering and Tourism Corporation. 

Researchers claim that once fraudsters discover a victim's contact details, they would start a scam. 

"When users report complaints on social media, scammers take advantage of the opportunity to carry out phishing attacks by asking them to download malicious files to file their complaints and steal their funds from bank accounts," CRIL stated. 

Users of other popular Indian brands and organisations, including e-commerce platform Flipkart, payment service provider MobiKwik, budget airline Spicejet, and various banks, were targeted in addition to the IRCTC. 

In one case, after posting a complaint on the IRCTC's Twitter account, a user was contacted by someone impersonating an IRCTC customer service representative. While the user in this case refused to provide their information to the scammer, CRIL stated that fraudsters would use a variety of techniques to defraud victims.

Scammers, for example, may attempt to link a victim's mobile number or account via the Unified Payments Interface (UPI), send a Google form to collect sensitive information or forward a WhatsApp link to a malicious website.

"Scammers have been using Android malware in addition to other fraudulent tactics. They may send a phishing link that downloads a malicious APK file to infect the device, or they may send the malicious file via WhatsApp," the researchers added.

Fraudsters, according to the researchers, use malicious APK files with names like "IRCTC customer.apk," "online complaint.apk," or "complaint register.apk" to trick victims into revealing their banking credentials. 

They also want the victim's UPI details, credit/debit card information, and one-time passwords used for two-factor authentication. CRIL discovered one such phishing website that asked victims to enter basic information such as their name, mobile number, and complaint query before prompting them to enter sensitive banking information. It also requested the victim to install a malicious application that would allow it to steal incoming text messages from the infected device. 

According to CRIL, the scheme was perpetrated by "a group of financially motivated scammers" based in India. While it was first observed in late 2020, researchers say it has only recently begun targeting social media complaints to identify potential victims. 

"It is critical that users are aware of these scams and exercise caution when providing personal information or downloading files online," CRIL warned. 
Read more »
Twitter account hacked
Data Breach Data Theft Social Media threats Twitter account hacked

Twitter 400 Million User's Details Up for Sale

Recently, the threat actor, "Ryushi", allegedly reported having stolen data from Twitter, including details of some famous celebrities worldwide. He is demanding $200,000 (£166,000) to hand over the data back.

According to the data, the hacker stole email addresses, and phone numbers belonging to celebrities and politicians, however, the size of the hack has not been confirmed yet. 

The UK Information Commissioner's Office (ICO) reported, "We are engaged in dialogue with Twitter's data protection officer and will be making inquiries on this matter. The firm is also Co-operating with the Data Protection Commission of Ireland”. 

Following the appearance of the news, Ireland's Data Protection Commission (DPC) reported that “the agency will examine Twitter's compliance with data protection law in relation to that security issue". However, Twitter did not make any public statement about the hack. 

As per the Guardian,  the data of US Congresswoman Alexandria Ocasio-Cortez was included in the sample of data that was made public by the hacker. Also, the Twitter handle of broadcaster Piers Morgan was recently hacked and is also reported to be included in the sample. 

Only 60 emails out of the sample of 1,000 have been provided by the threat actor in the earlier incident, "so we are confident that this breach is different and significantly bigger", said the firm's chief technology officer, Alon Gal. "The hacker aims to sell the database through an escrow service that is offered on a cyber-crime forum. Typically this is only done for real offerings." 

The threat actor is well aware of how damaging data loss can be for platforms. The hacker in the online post demanding money for the stolen data, also warns Twitter that it is the best chance of avoiding a large data-protection hack. 

"The DPC has engaged with Twitter in this inquiry and will examine Twitter's compliance with data protection law in relation to that security issue," DPC further said. 
Read more »
Social Media threats
Cyber Secuirty Cyber Security cyber theft New Technology Social Media threats

Mobile App Users API Exposed

 

It was recently disclosed that thousands of social media apps are actively leaking Algolia API keys, and various other applications with hardcoded admin secrets, which allows threat actors to steal the important credentials of millions of users. 

The research analysed 600 applications on the Google Play store and it was found that 50% were leaking application programming interface (API) keys of three popular transactional and marketing email service providers. 

According to the data, 1,550 applications have been listed that disclosed Algolia API keys, of which 32 applications had hardcoded admin secrets, providing malicious actors access to pre-defined Algolia API keys. 

Malicious actors could exploit the data to read important user information, such as IP addresses, analytics data, and access details, they could also delete user information. 

As per the recent study by Salt Security, “malicious API attack traffic surged 117% over the past year, from an average of 12.22 million malicious calls per month to an average of 26.46 million calls.” 

On Monday, three famous transactional and marketing email service providers – Mailgun, Sendgrid, and MailChimp disclosed that more than 54 million mobile app users are at potential risk worldwide, including from India. 

Users from the United States have downloaded these apps the most, followed by the UK, Spain, Russia, and India, leaving over 54 million mobile app users vulnerable. 


Read more »
Vulnerability and Exploits.
Data protection Elon Musk EU GDPR Social Media threats Twitter Vulnerability and Exploits.

Twitter's Brussels Staff Sacked by Musk 

After a conflict on how the social network's content should be regulated in the Union, Elon Musk shut down Twitter's entire Brussels headquarters.

Twitter's connection with the European Union, which has some of the most robust regulations controlling the digital world and is frequently at the forefront of global regulation in the sector, may be strained by the closing of the company's Brussels center. 

Platforms like Twitter are required by one guideline to remove anything that is prohibited in any of the EU bloc's member states. For instance, tweets influencing elections or content advocating hate speech would need to be removed in jurisdictions where such communication is prohibited. 

Another obligation is that social media sites like Twitter must demonstrate to the European Commission, the executive arm of the EU, that they are making a sufficient effort to stop the spread of content that is not illegal but may be damaging. Disinformation falls under this category. This summer, businesses will need to demonstrate how they are handling such positions. 

Musk will need to abide by the GDPR, a set of ground-breaking EU data protection laws that mandate Twitter have a data protection officer in the EU. 

The present proposal forbids the use of algorithms that have been demonstrated to be biased against individuals, which may have an influence on Twitter's face-cropping tools, which have been presented to favor youthful, slim women.

Twitter might also be obligated to monitor private conversations for grooming or images of child sexual abuse under the EU's Child Sexual Abuse Materials proposal. In the EU, there is still discussion about them.

In order to comply with the DSA, Twitter will need to put in a lot more effort, such as creating a system that allows users to flag illegal content with ease and hiring enough moderators to examine the content in every EU member state.

Twitter won't have to publish a risk analysis until next summer, but it will have to disclose its user count in February, which initiates the commission oversight process.

Two lawsuits that might hold social media corporations accountable for their algorithms that encourage dangerous or unlawful information are scheduled for hearings before the US Supreme Court. This might fundamentally alter how US businesses regulate content. 
Read more »
User Security
Cyber Attacks Fake Job Ads North Korean Hackers phishing Social Media threats User Security

North Korean Hackers Create Fake Job Offers to Target Industry Professionals Worldwide

 

ZINC, a sub-division of the notorious North Korean Lazarus hacking group, has been weaponizing open-source software with custom malware capable of data theft, espionage, financial gain and network disruption since June 2022. 

According to Microsoft threat analysts who unearthed a new phishing campaign, the malicious hackers have weaponized a wide range of open-source software including PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installers to launch malware attacks against organizations in the aerospace, media, IT services, and defense sectors. 

Hackers exploiting social media platforms 

The next time you receive a text on LinkedIn, scan it twice. Microsoft warns that the APT group has been actively employing open-source software infected with trojans to target industry professionals located in India, Russia, the UK, and the USA. 

The hackers pose as job recruiters and connect with individuals of targeted organizations over LinkedIn. Once the victims are convinced to move the conversation over from LinkedIn to WhatsApp, which provides encrypted communication, the hackers moved on to the next step. During the WhatsApp conversation, the targets receive malicious software that allows ZINC to install malware on their systems. 

LinkedIn’s threat prevention and defense team confirmed spotting bogus profiles designed by North Korean hackers mimicking recruiters working at prominent media, defense, and tech firms. It is worth noting that LinkedIn is owned by Microsoft Corporation since 2016. 

Attacking methodology 

According to a joint blog post by Microsoft Security Threat Intelligence and LinkedIn Threat Prevention and Defense, the malicious KiTTY and PuTTY applications employs a sophisticated technique to ensure that only selected targets are compromised with malware and not others. 

To achieve this, the app installers do not drop malware directly but are installed only when the apps link to a specific IP address and employ login credentials given to the targets by fake recruiters. The malicious actors also employ DLL search order hijacking to install and decrypt a second-stage payload when this key ‘0CE1241A44557AA438F27BC6D4ACA246’ is presented for command and control.

Microsoft has published the full list of IoCs (indicators of compromise) discovered during investigations in their blog post and is urging the cybersecurity community to remain vigilant, given its extensive usage and use of authentic software products. 

"Zinc attacks appear to be motivated by traditional cyberespionage, theft of personal and corporate data, financial gain, and corporate network destruction," the company stated. “Zinc attacks bear many hallmarks of state-sponsored activities, such as heightened operational security, sophisticated malware that evolves over time, and politically motivated targeting."
Read more »
Social Media threats
Bugs Cyber Attacks Facebook Facebook Canvas Social Media threats

Fresh Flaws in Facebook Canvas Second Time

 

A team of cyber threat researchers at Facebook discovered the second tranche of bugs in Facebook Canvas that increase the risks of account takeover. 

Security researcher Youssef Sammouda published a detailed post last September wherein he said that he had made $126,000 in bug bounties last year for discovering a set of three flaws in Facebook’s Canvas technology, which provides services related to embedding online games and interactive apps on its platform. 

After the discovery of a new flaw in Facebook’s OAuth implementation the researchers' team has proclaimed that the team has decided to revisit the issue. 

Following the attack, Sammouda has reported in the public press that the “Meta failed to ensure either in the client-side or server-side applications that the game website would only be able to request an access_token for its application and not a first-party application like Instagram...” 

“…It also failed to ensure that the generated Facebook API access_token would only reach the domains/websites that were added by the Facebook first-party application,” the researcher added. 

These unsolved flaws can also allow threat actors to take control of the Facebook account and other accounts that are linked to it, such as Instagram or Oculus, etc. 

Reportedly, Facebook’s initial steps to patch the problem last year were found inadequate against the attack. Sammouda was able to come up with three new flaws: a race conditions issue, an issue involving encrypted parameters, and bypasses to the previous fix. But after Sammouda’s criticisms, Facebook had released a more comprehensive fix for the issues. 

“This was resolved by Meta by making sure that parameters passed in the OAuth endpoint request from the game website were whitelisted and also by always enforcing the value of app_id and client_id parameters passed to be always the game application ID that’s making the request,” Sammouda said. 

The account takeover attacks pose a significant risk to the organization because they provide hackers access to the systems like legitimate account owners. Once an attacker successfully gets access into a user’s account, they immediately move to consolidate that access and exploit it to cause harm to the organization.
Read more »
Twitter account hacked
Cyber Attack Exploit Cyber Attacks Ministry of foreign affairs Social Media threats Twitter Twitter account hacked

NASA Director Parimal Kopardekar Twitter Handle hacked

 

The Powerful Greek Army group has compromised the Twitter handle of NASA Director Parimal Kopardekar. A spokesperson from the organization said that they reached out to the group who hacked the handle to inquire as to why they targeted the director of NASA, the attackers denied any political motivation to be there behind the attack, saying that the security incident was merely for 'fun'. As per the attackers, Kopardekar was chosen on the basis of his 'professional association' with NASA. 

The director asked the group that how did they hack the handle and the group explained that they detected an exploit that allows them to take over Twitter accounts. They further told that they are hacking for fun to demonstrate that “that nobody is safe online.” 

After getting in touch with the hacker group, Paganini reported that the group had no intention of doing anything malicious with the NASA director’s handle and it could be concluded that it was merely an experiment to test security flaws.

In April 2020, the Powerful Greek Army group breached the Twitter handle of the vice-speakers of the Greek Parliament and KINAL MP, Odysseas Konstantinopoulosening. 

“Government we have warned you. Do not lie to your own people again” states one of the messages published by the compromised account, while in another message he posted, he said: “To clarify something. We do NOT have an issue with this one, with the one with whom we have a big issue is the government and its moves. Friendship”. 

The list of victims who have been attacked includes the Nigerian Ministry of Foreign Affairs and Ministry of Finance, Bank of Nigeria, Ministry of Defence Of Azerbaijan, and The National Bank of North Macedonia.

Parimal Kopardekar holds a senior position at NASA as the Air Transportation Systems and is a principal investigator for the Unmanned Aircraft Systems Traffic Management project at the NASA Ames Research Centre. 
Read more »
Subscribe to: Posts (Atom)