Facebook Pays $25,000 Reward for Dangerous CSRF Exploit

According to reports, Facebook has just paid a $25,000 reward to a white hat hacker who found a critical cross-site request forgery (CSRF). If you’re wondering what warranted this payday, you need to know the implications of CSRF to realize that this was a big discovery.

According to Facebook, if the CSRF continued operating without detection it would have made user accounts vulnerable to hackings of the worst kind.

All an attacker needed to do was send requests loaded with CSRF tokens to random Facebook endpoints. That would have allowed them to access user accounts and do with them as they pleased. But, the attacker would have to trick their victim into clicking on a link first, which can be done through the facebook.com/comet/dialog_DONOTUSE/ loophole. This weak spot would also enable the attacker to easily bypass CSRF protections, giving them full Continue reading →

Trickbot Trojan is Back to its Old Tricks

One of the financial sector’s most enduring nemeses is back at it again. According to recent reports, the infamous TrickBot banking Trojan is making a major return and bankers should be aware. It now operates as a new type which has the ability to grab credentials remotely through a dedicated module.

Trickbot trojan hack tool

The TrickBot’s updated data-grabbing mode is what enables it to harvest private credentials and data from a remote desktop. Hackers are using spam emails to spread this latest strain in what’s possibly the oldest scam in the digital data-grabbing book.

Users are warned to look out for one email in particular, which the scammers are using as a front to spread the virus. The email appears to come from Deloitte, a well-known financial services company, and at face value, it looks like a Continue reading →

Google Chrome Extension Promises to Protect Users Against Password Leaks

You can never be too careful when browsing the web nowadays, with data scams being so prevalent and all. We have to be extra vigilant and constantly careful with the way we share online data because you never know how or where the hackers are lurking.

Chrome Extension login Security

One way to protect your information is to use different passwords for your various online accounts. It’s important to make sure that those passwords are strong and unpredictable as well, or else you might open yourself up to possible fraud.

How Google is Helping

Google is doing its part to keep user data protected online. The tech giant has developed a technology that will alert users whenever there’s a potential risk to data security.

To achieve this goal, Google recently announced the introduction of an extension that will activate a visual prompt whenever it sees you using a “weak or “unsafe” username and password. That way, it gives you the chance to change your password before scammers can use it to hack you.

This is known as the Password Checkup Chrome extension. Users can Continue reading →

Astaroth Trojan Steals Data by Using OS and Antivirus Processes

According to reports, a team of Nocturnus researchers at Cyber reason recently discovered an Astaroth Trojan campaign with the ability to abuse GAS Tecnologia and the Avast security software. The hackers use this weak point to plant malicious modules and steal user information.

Astaroth Trojan attack

The main aim of the campaign is to access user information and it does that by taking advantage of legitimate operating system processes. Once it breaches the machine’s security, the campaign is able to steal confidential credentials and clipboard usage as well as important keystate information.

The Cofense security firm was the first to identify the Continue reading →

How to Hack WiFi Password using Android Smartphone – 2024 Tutorial

Hack WiFi Password Using Android Phone
Technological advancements in the use of the Internet continue to make life easier and more convenient in just about every aspect today. The Internet allows you to access and share information faster than ever before. It’s hard to imagine life without Internet. However, to access the Internet via your phone, tablet, or Continue reading →

Privilege Escalation Flaw Found in LG Device Manager

LG Device Manager Vulnerability A privilege escalation flaw has been discovered which could affect the online safety and privacy of LG laptop users. According to the online security expert who discovered the flaw, this loophole is relatively easy for hackers to take advantage of.

Security expert and researcher Jackson T. found the flaw while analyzing the LG Device Manager system and in doing so was able to track the flaw as CVE-2019-8372. At the time, Jackson was merely evaluating the LG Device Manager’s low-level hardware access Continue reading →

How to Remove Malware that Keeps Coming Back – Tutorial

How to Remove Malware that Keeps Coming Back
Malware which is the short form of malicious software alludes to different sorts of applications that are intended to access a PC for malicious purposes, and regularly without the user of the PC knowing anything about it. Customarily, the objective of malware has been to create income, either by taking your own data for resale on the internet or by encrypting the information on a computer and asking for money from the victim for them to access their precious files. Malware can contaminate PCs as well as other kinds of gadgets in a few different ways. Contrary to the popular belief that Macs are safer than Continue reading →

How to Protect Facebook Account from Hacking – Ultimate Guide (2024 Edition)

Facebook is one of the world’s most widely used websites, and it’s likely that the majority of people you know have a Facebook account. There are 2.38 billion active users on Facebook right now, and the number grows every time someone creates a new account.

This has also made it one of the most widely targeted websites out there, and it’s just as likely that you’ve had your account hacked at least once – and you might not have known a Continue reading →

How to Protect Windows 10 from Malware & Hacking – 11 Best Tips of 2024

We live in a world that is increasingly becoming more and more dependent on technology. Windows operating system is the most sought after system in the world. This makes it more vulnerable to malicious hackers. Nowadays, all our personal information is stored on our computers. Malicious individuals become more cunning and device ways to get to our personal information. You must take measures to protect your data and your computer. Not taking these measures leaves you Continue reading →

How to Protect Your Website from Hacking – Ultimate Guide (2024 Edition)

Did you know that hackers infiltrate more than 50,000 websites around the world every day? That’s a staggering statistic. However, it’s a stark reminder of why ‘it’s so vital for online businesses and bloggers, to stay on top of their internet security and privacy protection systems.

Website Security

Let’s take a quick look at some official statistics.

The worldwide web is home to over a billion websites, with US servers hosting around 380-million of Continue reading →

Tech, Hacks, Gadgets & Software Talk

Month: June 2023