#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Social media | Breaking Cybersecurity News | The Hacker News

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs

Mar 28, 2024 Technology / Data Privacy
In June 2017, a  study  of more than 3,000 Massachusetts Institute of Technology (MIT) students  published  by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza. "Whereas people say they care about privacy, they are willing to relinquish private data quite easily when incentivized to do so," the research said, pointing out a what's called the privacy paradox. Now, nearly seven years later, Telegram has introduced a new feature that gives some users a free  premium membership  in exchange for allowing the popular messaging app to use their phone numbers as a relay for sending one-time passwords (OTPs) to other users who are attempting to sign in to the platform. The feature, called Peer-to-Peer Login (P2PL), is currently being tested in selected countries for Android users of Telegram. It was first spotted by  tginfo  in February 2024 (via  @AssembleDebug ). A
Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

Feb 21, 2024 Phishing Attack / Information Warfare
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and a European Union agency in November 2023 with an aim to harvest Microsoft login credentials using fake landing pages. Operation Texonto, as the entire campaign has been codenamed, has not been attributed to a specific threat actor, although some elements of it, particularly the spear-phishing attacks, overlap with  COLDRIVER , which has a history of harvesting credentials via bogus sign-in pages. The disinformation operation took place over two waves in November and December 2023, with the email messages bearing PDF attachments and content related to heating interruptions, drug shortages, and food shortages. The November wave tar
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account

Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account

Feb 03, 2024 Vulnerability / Social Media
The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. "Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account," the maintainers said in a terse advisory. The vulnerability, tracked as  CVE-2024-23832 , has a severity rating of 9.4 out of a maximum of 10. Security researcher  arcanicanis  has been credited with discovering and reporting it. It has been described as an "origin validation error" ( CWE-346 ), which can typically allow an attacker to "access any functionality that is inadvertently accessible to the source." Every Mastodon version prior to 3.5.17 is vulnerable, as are 4.0.x versions before 4.0.13, 4.1.x versions before 4.1.13, and 4.2.x versions before 4.2.5. Mastodon said it's withholding additional technical specifics about the flaw until February 15, 2024, to give  admins  ampl
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack

Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack

Jan 04, 2024 Cryptocurrency / Social Media
American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam. As of writing, the  account has been restored  on the social media platform. It's currently not clear how the account was breached. But the hacked Mandiant account was initially renamed to "@phantomsolw" to impersonate the Phantom crypto wallet service, according to  MalwareHunterTeam  and  vx-underground . Specifically, the scam posts from the account advertised an airdrop scam that urged users to click on a bogus link and earn free tokens, with follow-up messages asking Mandiant to "change password please" and "check bookmarks when you get account back." Mandiant, a leading threat intelligence firm, was  acquired by Google  in March 2022 for $5.4 billion. It is now part of Google Cloud. "The Mandiant Twitter account takeover could have happened
Meta Launches Default End-to-End Encryption for Chats and Calls on Messenger

Meta Launches Default End-to-End Encryption for Chats and Calls on Messenger

Dec 07, 2023 Encryption / Data Privacy
Meta has officially begun to  roll out  support for end-to-end encryption (E2EE) in Messenger for personal calls and one-to-one personal messages by default in what it called the "most significant milestone yet." "This isn't a routine security update: we rebuilt the app from the ground up, in close consultation with privacy and safety experts," Loredana Crisan, vice president of Messenger at Meta,  said  in a post shared on X (formerly Twitter). CEO Mark Zuckerberg, who announced a "privacy-focused vision for social networking" back in 2019,  said  the update comes "after years of work" redesigning the platform. It's worth noting that E2EE for group messaging in Messenger is still in the testing phase. Encrypted chats were first introduced as an opt-in feature called "secret conversations" in Messenger in 2016. Meta's Instagram also has  support for E2EE  for messages and calls but it's "only available in some
Russia's AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

Russia's AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

Dec 05, 2023 Brandjacking / Artificial Intelligence
The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+ sentiment, U.S. military competence, and Germany's economic and social issues, according to a new Recorded Future report shared with The Hacker News. Doppelganger ,  described  by Meta as the "largest and the most aggressively-persistent Russian-origin operation," is a  pro-Russian network  known for spreading anti-Ukrainian propaganda. Active since at least February 2022, it has been linked to two companies named Structura National Technologies and Social Design Agency. Activities associated with the influence operation are known to leverage manufactured websites as well as those impersonating authentic media – a technique called brandjacking – to disseminate adversarial narrat
Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

Nov 14, 2023 ChatGPT / Malware
The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October 2023, targeting marketing professionals in India with an aim to hijack Facebook business accounts. "An important feature that sets it apart is that, unlike previous campaigns, which relied on .NET applications, this one used Delphi as the programming language," Kaspersky  said  in a report published last week. Ducktail , alongside  Duckport  and  NodeStealer , is part of a  cybercrime ecosystem  operating out of Vietnam, with the attackers primarily using sponsored ads on Facebook to propagate malicious ads and deploy malware capable of plundering victims' login cookies and ultimately taking control of their accounts. Such attacks primarily single out users who may have access to a Facebook Business account. The fraudsters then use the unauthorized access to place advertisements for financial gain, perpetuating the infections fur
Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Jul 07, 2023 Vulnerability / Social Media
Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14 million users across more than 20,000 instances. The most critical vulnerability, CVE-2023-36460 , allows hackers to exploit a flaw in the media attachments feature, creating and overwriting files in any location the software could access on an instance. This software vulnerability could be used for DoS and arbitrary remote code execution attacks, posing a significant threat to users and the broader Internet ecosystem. If an attacker gains control over multiple instances, they could cause harm by instructing users to download malicious applications or even bring down the entire Mastodon infrastructure. Fortunately, there is no evidence of this vulnerability being exploited so fa
Instagram's Twitter Alternative 'Threads' Launch Halted in Europe Over Privacy Concerns

Instagram's Twitter Alternative 'Threads' Launch Halted in Europe Over Privacy Concerns

Jul 05, 2023 Privacy / Social Media
Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland's Data Protection Commission (DPC). The development was  reported  by the Irish Independent, which said the watchdog has been in contact with the social media giant about the new product and confirmed the release won't extend to the E.U. "at this point." Threads  is Meta's answer to Twitter that's set for launch on July 6, 2023. It's billed as a "text-based conversation app" that allows Instagram users to "discuss everything from the topics you care about today to what'll be trending tomorrow." It also enables users to follow the same accounts they already follow on Instagram. A listing for the app has already appeared in the  Apple App Store  and  Google Play Store , although it's yet to be available for download. The " App Privacy " section on the App Store indic
New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency

New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency

Feb 23, 2023 Cryptocurrency / Malware
An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware  S1deload Stealer  for its use of  DLL side-loading techniques  to get past security defenses and execute its malicious components. "Once infected, S1deload Stealer steals user credentials, emulates human behavior to artificially boost videos and other content engagement, assesses the value of individual accounts (such as identifying corporate social media admins), mines for BEAM cryptocurrency, and propagates the malicious link to the user's followers," Bitdefender researcher Dávid ÁCS  said . Put differently, the goal of the campaign is to take control of the users' Facebook and YouTube accounts and rent out access to raise view counts and likes for videos and posts shared on the platforms. More than 600 unique users are estimate
New Facebook Tool Let Users Transfer Their Photos and Videos to Google

New Facebook Tool Let Users Transfer Their Photos and Videos to Google

Dec 02, 2019
Facebook has finally started implementing the open source data portability framework as the first phase of ' Data Transfer Project ,' an initiative the company launched last year in collaboration with Google, Apple, Microsoft, and Twitter. Facebook today announced a new feature that will allow its users to transfer their Facebook photos and videos to their Google Photos accounts—directly and securely without needing to download and reupload it. The feature is only available to Facebook users in Ireland for now, as a test, and expected to be available to the rest of the world in early 2020. This new Facebook feature is built using the Data Transfer Project (DTP), a universal data import/export protocol that aims to give users more control over their data and let them quickly move it between online services or apps whenever they want. "If a user wants to switch to another product or service because they think it is better, they should be able to do so as easily a
Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Dec 10, 2018
Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security vulnerability in one of Google+'s People APIs that could have allowed developers to steal private information on 52.5 million users, including their name, email address, occupation, and age. The vulnerable API in question is called "People: get" that has been designed to let developers request basic information associated with a user profile. However, software update in November introduced the bug in the Google+ People API that allowed apps to view users' information even if a user profile was set to not-public. Google engineers discovered the security issue during standard testing procedures and addressed it within a week of the issue being introduced. The company said
Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

Aug 08, 2018
The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx , who claimed to be from Pakistan, created a GitHub repository called Source-Snapchat with a description " Source Code for SnapChat ," publishing the code of what purported to be Snapchat's iOS app. The underlying code could potentially expose the company's extremely confidential information, like the entire design of the hugely-successful messaging app, how the app works and what future features are planned for the app. Snapchat's parent company, Snap Inc., responded to the leak by filing a copyright act request under the Digital Millennium Copyright Act (DMCA), helping it takedown the online repository hosting the Snapchat code. SnapChat Hack: Github Took Down Repository After DMCA Notice Though it is not clear
Egyptian 'Fake News' Law Threatens Citizens with 5000-plus Followers

Egyptian 'Fake News' Law Threatens Citizens with 5000-plus Followers

Jul 23, 2018
Do you or someone you know lives in Egypt and holds an account on Facebook, Twitter, or/and other social media platforms with more than 5000 followers? If yes, your account can be censored, suspended and is subject to prosecution for promoting or spreading the fake news through social media platforms. On July 16, the Egyptian parliament approved a new law that classifies a personal social media account, blog or website with more than 5,000 followers as media outlets, allowing the state to block social media accounts and penalize journalists for publishing fake news. Social media networks are no doubt a quick and powerful way to share information and ideas, but not everything shared on Facebook or Twitter is true. Fake news is all around us, and every country is finding its own new ways to tackle this issue. Over the past the year, fake news or misinformation has emerged as a primary issue on social media platforms, seeking to influence millions of people with wrong propaga
Timehop Hacked — Hackers Stole Personal Data Of All 21 Million Users

Timehop Hacked — Hackers Stole Personal Data Of All 21 Million Users

Jul 09, 2018
And the hacks just keep on coming. Timehop social media app has been hit by a major data breach on July 4th that compromised the personal data of its more than 21 million users. Timehop is a simple social media app that collects your old photos and posts from your iPhone, Facebook, Instagram, Twitter and Foursquare and acts as a digital time machine to help you find—what you were doing on this very day exactly a year ago. The company revealed on Sunday that unknown attacker(s) managed to break into its Cloud Computing Environment and access the data of entire 21 million users, including their names, email addresses, and approximately 4.7 million phone numbers attached to their accounts. "We learned of the breach while it was still in progress, and were able to interrupt it, but data was taken. Some data was breached," the company wrote in a security advisory posted on its website. Social Media OAuth2 Tokens Also Compromised Moreover, the attackers also got th
Facebook admits public data of its 2.2 billion users has been compromised

Facebook admits public data of its 2.2 billion users has been compromised

Apr 05, 2018
Facebook dropped another bombshell on its users by admitting that all of its 2.2 billion users should assume malicious third-party scrapers have compromised their public profile information. On Wednesday, Facebook CEO Mark Zuckerberg revealed that "malicious actors" took advantage of "Search" tools on its platform to discover the identities and collect information on most of its 2 billion users worldwide. The revelation once again underlines the failure of the social-media giant to protect users' privacy while generating billions of dollars in revenue from the same information. The revelation came weeks after the disclosure of the Cambridge Analytica scandal , wherein personal data of 77 million users was improperly gathered and misused by the political consultancy firm, who reportedly also helped Donald Trump win the US presidency in 2016. However, the latest scam revealed by the social media giant about the abuse of Facebook's search tools over the
Facebook, Twitter and Instagram Share Data with Location-based Social Media Surveillance Startup

Facebook, Twitter and Instagram Share Data with Location-based Social Media Surveillance Startup

Oct 12, 2016
Facebook, Instagram, Twitter, VK, Google's Picasa and Youtube were handing over user data access to a Chicago-based Startup — the developer of a social media monitoring tool — which then sold this data to law enforcement agencies for surveillance purposes, the ACLU disclosed Tuesday. Government records obtained by the American Civil Liberties Union (ACLU) revealed that the big technology corporations gave "special access" to Geofeedia. Geofeedia is a controversial social media monitoring tool that pulls social media feeds via APIs and other means of access and then makes it searchable and accessible to its clients, who can search by location or keyword to quickly find recently posted and publicly available contents. The company has marketed its services to 500 law enforcement and public safety agencies as a tool to track racial protests in Ferguson, Missouri, involving the 2014 police shooting death of Mike Brown. With the help of a public records request, the
Traveling to US? Agencies want to Spy on your Social Media activities right from Airport

Traveling to US? Agencies want to Spy on your Social Media activities right from Airport

Jun 27, 2016
Hey! Welcome to the United States. May we have your Twitter handle, please? That's exactly what you'll likely be asked by the U.S. Customs and Border Protection at the airport prior to entering U.S. soil. Yes, your Twitter handle may soon be part of the US Visa process as U.S. Customs and Border Protection has entered a new proposal into the federal register, suggesting a new field in which foreign visitors can declare their online presence. This new proposal submitted by the US Department of Homeland Security (DHS) to the Federal Register on Thursday would update the required entry forms with a question asking travelers to " Please enter information associated with your online presence -- Provider/Platform -- Social media identifier. " This information would not be mandatory, but of course, foreign travelers who decline to reveal their online presence may subject for additional scrutiny. What's the idea behind Knowing the visitors' Online Prese
This App Lets You Find Anyone's Social Profile Just By Taking Their Photo

This App Lets You Find Anyone's Social Profile Just By Taking Their Photo

May 18, 2016
Is Google or Facebook evil? Forget it! Russian nerds have developed a new Face Recognition technology based app called FindFace , which is a nightmare for privacy lovers and human right advocates. FindFace is a terrifyingly powerful facial recognition app that lets you photograph strangers in a crowd and find their real identity by connecting them to their social media accounts with 70% success rate, putting public anonymity at risk. The FindFace app was launched two months ago on Google Play and Apple's App Store and currently has 500,000 registered users and processed nearly 3 Million searches, according to its co-founders, 26-year-old Artem Kukharenko, and 29-year-old Alexander Kabakov. According to The Guardian , FindFace uses image recognition technology to compare faces against profile pictures on Vkontakte, a very popular social networking site in Russia that has over 200 Million users. Besides showing the social media account of the one you are searching for, FindF
Cybersecurity Resources