Passwords protect our cellphones and applications but what happens underneath this so-called anti-phishing protection is beyond the comprehension of internet users. The following headlines will astound you if you believe cyber adversaries will target anyone but you
Data-Scraping Groups Exploit Facebook Vulnerability
The security issues with Facebook never seem to end, do they? Several data-scraping groups have manipulated Facebook’s link preview feature in the latest incident by pretending to be their content crawler.
These data scraping groups compromised Facebook developer accounts and requested Facebook or Facebook Messenger API servers for link previews of pages they wanted to scrap. Oblivious of this cyber scam, Facebook would procure the data, assemble it in a link preview, and forward the same to the adversaries who would then misuse the data. This security glitch went unnoticed until the security firm DataDome discovered it.
The most shocking element is still the figures – the data-scraping groups could retrieve link previews for as many as 10,000 URLs by compromising just one Facebook developer account. One can only imagine the intensity of the damage! However, Facebook has taken the required measures and improved rate limiting on the Messenger preview API.
Melbourne DDoS Attacker Pleads Guilty
We hire SEO experts to enhance our site’s online presence, but what if that person turns out to be a hacker? Melbourne’s Brett Bruce White is one such cyber attacker who showered the websites of health and fitness professional Phillip Learney, businessman Terence Newton, and payment services provider Openpay with DDoS attacks between April and May in 2018. White is now being tried at the Melbourne County Court after the police found a Macbook laptop with evidence at his residence.
Although White’s defense lawyer Zarah Garde – Wilson brought in the sad tale of White’s personal life and innate skill at computers, we know that nothing justifies disregard of cybersecurity laws!
Cunning Hacker Sells Access To Pakistan Airlines’ Network And Database
For all those times when we said that cyberattacks in 2020 are not just about the hack, they also involve data theft – here is the example of the Pakistan International Airlines’ network. A cyber adversary is offering the Pakistan International Airlines’ network and database for sale on the dark web. The security researchers at security firm KELA discovered the Airlines’ domain admin access being sold for $4,000 on two Russian and one English illegal forums.
Researchers at KELA have been monitoring the threat actors since July, and the adversaries have put up a total of 38 accesses for sale at a price not less than $118,700. On 9th November, KELA notified of a domain access sale of the airlines. The attackers are also selling all databases on the airlines’ network, containing as many as 500k records. Incidents like this make us regret even making travel plans – the affected people have their names, phone numbers, and passports exposed to malicious actors. Adopting phishing prevention measures at a personal level is highly recommended for all those who’ve traveled with Pakistan International Airlines.
Ransomexx Now A Threat For Linux Users
Ransomware RansomEXX began with a low infection rate but is now a serious threat factor for Windows and Linux users. It mainly targets victims on paydays and goes by the name of decryptor64 for Linux. There are quite a few similarities between the Linux and Windows versions of RansomEXX, such as the same source code, ransom notes, etc.
To protect yourself from phishing, experts advise to have anti-ransomware services in place and keep regular data backups. Nothing is better than prevention; hence, Linux and Windows users alike must adopt necessary anti-phishing solutions to stay safe from RansomEXX.
Simple Errors Lead To Major Vulnerabilities At Intel Support Assistant
Security firm CyberArk recently discovered two vulnerabilities with Intel Support Assistant that could cause privilege-escalation attacks. One of the vulnerabilities involved Intel Support Assistant interacting without cybersecurity with nonprivileged data and directories, making it easy for adversaries to modify a nonprivileged file and execute code as the privileged program. Abusing some features of the Intel Support Assistant is enough to escalate into a system account. The second vulnerability was a bit more complicated and gave adversaries the power to delete an arbitrary file.
Although Intel has launched a patch fixing the vulnerability, insufficient preventive measures such as not securing the system utilities’ directories can lead to the most damaging cyber attacks. Hence, developers must ensure the safety against modification of directories and files used by privileged programs, and coders must take measures for protection against phishing as well.
Ever since the Coronavirus pandemic spread, we have been continuously hearing about Zoom and its many security issues. Sadly, it isn’t over yet: the Federal Trade Commission (FTC) proposed a settlement of allegations against the video conferencing application Zoom on 9th November. The Federal regulators have accused Zoom of having misled its users about their phishing attack prevention measures and meeting security levels at least since 2016.
Zoom has allegedly held cryptographic keys allowing it to access content from user meetings and secure meetings with poor privacy encryption. The FTC holds Zoom guilty of mishandling the security of users via inferior and dubious security practices. The settlement would require Zoom to strengthen its cybersecurity measures and review all software updates for security flaws.
And that’s the week that was.