Indian Developer Grabs $100,000 For Reporting ‘Sign in with Apple’ Flaw
Sign in with Apple is similar to other app login options such as “Sign in with Google” or Facebook; however, the difference is that Apple’s single sign-on offering is more private and even allows users to mask their email ID.
Hacker Breaks Into Stack Overflow Q&A Site, No Evidence of Data Breach
Stack Overflow, one of the largest question and answer site for programmers, revealed today that an unknown hacker(s) managed to gain unauthorized access to its production systems on May 11, 2019.
4,600 Websites Prone To Hacking! Payment Data And Passwords At Risk!
Areport from ZDNet has highlighted that some notorious hackers have been able to breach two services designed for websites. As a result, they’ve infected more than 4,600 websites with malicious code. The two services in question are open source Alpaca Forms and analytics service Picreel. These attacks were first spotted by security researcher Willem de Groot.
Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking
If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers. Dell SupportAssist, formerly known as Dell System Detect, checks the health of your computer system's hardware and software.
OWASP ZAP w2019-04-23 released: pentesting tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy (ZAP) is easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
Source Code for CARBANAK Banking Malware Found On VirusTotal
Security researchers have discovered the full source code of the Carbanak malware—yes, this time it's for real. Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants. In July last year, there was a rumor that the source code of Carbanak was leaked to the public,
Facebook Stored Millions of Instagram Users' Passwords in Plaintext
Facebook late last month revealed that the social media company mistakenly stored passwords for "hundreds of millions" of Facebook users in plaintext, including "tens of thousands" passwords of its Instagram users as well. Now it appears that the incident is far worse than first reported.
‘Dragonblood’ Flaw In WPA3 Lets Hackers Easily Grab Your Wi-Fi Passwords
In late 2017, KRACK Attack crippled the popular 13-year-old WPA2 Wi-Fi standard used in our homes, offices, and public networks. The flaw allowed hackers to gain access to unencrypted traffic between the access point and the device — there were possibilities of breaking encryption as well.
'Exodus' Surveillance Malware Found Targeting Apple iOS Users
Cybersecurity researchers have discovered an iOS version of the powerful mobile phone surveillance app that was initially targeting Android devices through apps on the official Google Play Store. Dubbed Exodus, as the malware is called, the iOS version of the spyware was discovered by security researchers at LookOut during their analysis of its Android samples they had found last year.
Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs
EXCLUSIVE — Beware, if you are using a Xiaomi's Mi or Redmi smartphone, you should immediately stop using its built-in MI browser or the Mint browser available on Google Play Store for non-Xiaomi Android devices.
Thousands of Unprotected Kibana Instances Exposing Elasticsearch Databases
In today’s world, data plays a crucial role in the success of any organization, but if left unprotected, it could be a cybercriminal’s dream come true.
Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange
Hackers yesterday stole nearly $19 million worth of cryptocurrency from Bithumb, the South Korea-based popular cryptocurrency exchange admitted today.
Facebook Mistakenly Stored Millions of Users' Passwords in Plaintext
Holy moly, Facebook is again at the center of a new privacy controversy after revealing today that its platform mistakenly kept a copy of passwords for "hundreds of millions" users in plaintext. What's more? Not just Facebook, Instagram users are also affected by the latest security incident.
PewDiePie Ransomware Locks Your Files Until 100M Subscribers Is Reached
What started as a joke has taken an ugly turn now. PewDiePie fans have begun taking extreme methods to ensure that people “Subscribe to PewDiePie” and the YouTuber reaches 100 million subscribers as soon as possible.
13 Best Hacking Tools Of 2019 For Windows, Linux, macOS
We have compiled a list of top hacking software and tools of 2019 with their best features and download links. This list is based on industry reviews, your feedback, and our own experience. This list will tell you about the best software used for hacking purposes featuring port scanners, web vulnerability scanner, password crackers, forensics tools, traffic analysis, and social engineering tools. Read about them, learn how to use them and share your reviews to make this list better. If…
Indian Hackers On The Offensive After Successive Hits On Govt Sites
After successive waves of attacks were thwarted, the government advised ... The exact nature and extent of India's offensive operation, and the agencies ... Hackers from Pakistan attacked over 90 Indian government websites