Security Flaw In WhatsApp That Would Allow Hackers To Alter Messages
It has been reported that a security firm has found a series of flaws in WhatsApp that could allow hackers to intercept and manipulate messages by changing the identity of a sender or altering their text. This gives the attackers the power to “create and spread misinformation from what appear to be trusted sources,” the researchers said. Experts Comments August […]
Group Dating App 3fun Exposed Sensitive Data On 1.5 Million Users
Attackers could have used 3fun to create profiles of the users with both typical profile information and physical location data of its users who are billed as kinky, open-minded people. This can be sensitive information that used for harassment and persecution of LGBTQ+ individuals. Due to the multiple security vulnerabilities in the application, researchers were […]
Bugcrowd On Apple’s New Bug Bounty
Apple opening its bug bounty program up to all researchers is an interesting move–but an anticipated one. Public programs open companies up to more diversity and creativity from a broader crowd of security researchers. Among other updates to the program, Apple is demonstrating that it understands the importance of finding bugs not just when […]
State Farm Says Hackers Confirmed Valid Usernames And Passwords In Credentials Stuffing Attack
Banking and insurance giant State Farm said it suffered a credential stuffing attack during which “a bad actor” was able to confirm valid usernames and passwords for State Farm online accounts. State Farm said it reset account passwords to all impacted accounts to prevent future abuse from the bad actor. Experts Comments August 09, 2019 Jonathan Bensen […]
July 2019’s Most Wanted Malware: Vulnerability In OpenDreamBox 2.0.0 WebAdmin Plugin Enables Attackers To Execute Commands Remotely
Check Point’s researchers confirm that the vulnerability has impacted 32% of organizations globally in the last month Check Point Research has published its latest Global Threat Index for July 2019. The Research team is warning organizations of a new vulnerability discovered in the OpenDreamBox 2.0.0 WebAdmin Plugin that has impacted 32% of organizations globally in […]
Instagram’s Lax Privacy Practices Let A Trusted Partner Track Millions Of Users’ Physical Locations
It has been revealed that Instagram’s lax privacy practices let trusted partner Hyp3r track millions of users’ physical locations, secretly save their stories, and flout its rules. Hyp3r used four key tools to scrape data from Instagram users. First, it utilized an Instagram security hole that allowed it to “zero in on specific locations” and collect all the […]
