Facebook

Pierluigi Paganini April 26, 2014
How to abuse Facebook feature to conduct powerful DDoS attack

A researcher discovered a flaw in the section “notes” of the social network Facebook that could be exploited by anyone to conduct a powerful DDoS attack. The Security researcher Chaman Thapa, also known as chr13, discovered a vulnerability in the section ‘Notes’ of the popular social network Facebook that could be exploited by anyone to launch the distributed denial-of-service (DDoS) […]

Pierluigi Paganini April 17, 2014
New iBanking mobile Trojan exploits Facebook platform

Security experts at ESET detected a new variant of iBanking Trojan offered in the underground that exploits Facebook platform as vector of infection. iBanking is the name of a mobile banking Trojan app distributed through HTML injection attacks on banking sites. iBanking deceives victims impersonating itself as a  ‘Security App‘ for Android, we have spoken about it  early 2014 […]

Pierluigi Paganini April 08, 2014
Symantec on a fake voting campaign used to steal Facebook credentials

Security experts at Symantec observed a new phishing campaign based on a fake voting application used to steal victim’s credentials. Phishing is a very dangerous threat for Internet users, nearby classic techniques new forms of phishing are exploiting new platforms like mobile and social networks. Phishers continuously improve their techniques to be able to harvest […]

Pierluigi Paganini March 23, 2014
IntelCrawler profiled Syrian Electronic Army group

The intelligence firm IntelCrawler has published a report on the activities of the Syrian Electronic Army. Are they hacktivists or cyber spies? IntelCrawler, a cyber-threat intelligence company has recently issued an interesting report on the activities of the Syrian Electronic Army (SEA), the experts analyzed a series of event since since its first appearance in […]

Pierluigi Paganini March 22, 2014
Orange Telecom company grants full data access to French intelligence

The Orange telecom company is providing its data to France intelligence agency, the Direction Générale de la Sécurité Extérieure. The name of Orange Telecom operator is again under discussion after the giant has threatened to sue the NSA for hacking into the underwater cable. Last revelations are not on the NSA operations, instead the leaked documents report […]

Pierluigi Paganini March 21, 2014
SEA has stolen invoices that shows Microsoft charges FBI for user data

A collection of emails hacked by the group Syrian Electronic Army shows that Microsoft charges the FBI’s Digital Intercept Technology Unit for user data. No more than a week ago hackers of the group Syrian Electronic Army (SEA) published online documents leaked from US CENTCOM repository, now the pro President Bashar al-Assad sad hacking team successfully penetrated […]

Pierluigi Paganini March 19, 2014
NSA programs MYSTIC and RETRO spies phone calls on global scale, also on past conversations

Documents leaked by Snowden reveals that NSA has built a surveillance system capable of recording all the phone calls of a foreign country. The information on the surveillance capabilities of the National Security Agency is updated on a daily base and last news is that the agency has the necessary technology to record all the […]

Pierluigi Paganini March 17, 2014
QUANTUMHAND – NSA impersonates Facebook to inject malware

Recent revelations on TURBINE platform include also a disturbing truth, NSA used QUANTUMHAND exploits to implant malware in Facebook users’ machines. Last Week Ryan Gallagher and Glenn Greenwald revealed the existence of TURBINE platform, a sophisticated hacking architecture used to take control of botnet C&C servers managed by cybercrime. One of the details revealed by the journalists raised a heated […]

Pierluigi Paganini March 15, 2014
Syrian Electronic Army hacked the US CENTCOM

Syrian Electronic Army hacked the US CENTCOM and it is threatening to leak secret documents due US decision to hit Syria with electronic warfare attacks. Syrian Electronic Army (SEA) is the group of hackers that most of all is threatening the giants of the IT industry and media, the list of victims is very long (Facebook, Microsoft, NYT, […]

Pierluigi Paganini March 12, 2014
Abusing Facebook Access Token with Man-in-the-Middle Attack

The Egyptian penetration tester Ahmed Elsobky discovered a serious flaw that allows attackers to sniff user’s traffic including access token. Facebook is vulnerable to Man-in-the-Middle Attack, The Egyptian penetration tester Ahmed Elsobky discovered a serious flaw that allows attackers to sniff user’s traffic including private information. “We’d actually received an earlier report from another researcher regarding this […]