#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

account hack | Breaking Cybersecurity News | The Hacker News

Github accounts Hacked in 'Password reuse attack'

Github accounts Hacked in 'Password reuse attack'
Jun 17, 2016
Popular code repository site GitHub is warning that a number of users' accounts have been compromised by unknown hackers reusing email addresses and passwords obtained from other recent data breaches . Yes, GitHub has become the latest target of a password reuse attack after Facebook CEO Mark Zuckerberg and Twitter . According to a blog post published by Shawn Davenport, VP of Security at GitHub, an unknown attacker using a list of email addresses and passwords obtained from the data breach of " other online services " made a significant number of login attempts to GitHub's repository on June 14. After reviewing the logins, administrators at GitHub found that the attacker had gained access to a number of its users' accounts in order to gain illicit access to their accounts' data. Although the initial source of the leaked credentials isn't clear, the recent widespread "megabreaches" of LinkedIn , MySpace , Tumblr , and the dating site Fling,

Microsoft Pays $24,000 Bounty to Hacker for Finding 'Account Hacking' Technique

Microsoft Pays $24,000 Bounty to Hacker for Finding 'Account Hacking' Technique
Oct 08, 2015
A security researcher has won $24,000 from Microsoft for finding a critical flaw in its Live.com authentication system that could allow hackers to gain access to a user's complete Outlook account or other Microsoft services. Microsoft's Live.com is the authentication system that everyone go through while attempting to authenticate to Outlook.com and a large number of other Microsoft services, including OneDrive, Windows Phone, Skype, and Xbox LIVE. Hacking Hotmail (Outlook.com) Account It's one account for all services. So, if say, Outlook wants to access other apps, it uses a standard set of authentication code called OAuth . OAuth is an open standard for authorization that keeps your passwords safe on third-party sites and instead of sharing your password, it shares a special key called 'Access token' to access the app. OAuth authorizations are accomplished through a prompt, as shown below and to allow an app to gain access to your account, you n

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Authentication Flaw in PayPal mobile API Allows Access to Blocked Accounts

Authentication Flaw in PayPal mobile API Allows Access to Blocked Accounts
Oct 10, 2014
Payment services provider PayPal is vulnerable to an authentication restriction bypass vulnerability , which could allow an attacker to bypass a filter or restriction of the online-service to get unauthorized access to a blocked users ' PayPal account. The security vulnerability actually resides in the mobile API authentication procedure of the PayPal online-service , which doesn't check for the blocked and restricted PayPal accounts. HOW THE VULNERABILITY WORKS In case if a PayPal user enters a wrong username or password combination several times in an effort to access the account, then for the security reasons, PayPal will restrict the user from opening or accessing his/her account on a computer until the answers to a number of security questions is provided. However, if the same user, at the same time switches to a mobile device and tries accessing the temporarily closed PayPal account with the right credentials via an official PayPal mobile app client through t

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Vulnerability in Facebook discloses Primary Email Address of any account

Vulnerability in Facebook discloses Primary Email Address of any account
Jul 09, 2013
When you sign up on Facebook, you have to enter an email address and that email address becomes your primary email address on Facebook. In a recent disclosure by a Security researcher, Stephen Sclafani - The Social Networking site Facebook was  vulnerable to disclosure of primary email address of any Facebook user to hackers and spammers . The flaw resides in the invitation mechanism of Facebook, using which one can invite his all contacts emails to Facebook for making new account. As shown in following screenshot, an invitation received on an email, where one need to click the Signup URL: After clicking that URL, invited user will be redirected to a signup page filled in with the email address and the name of a person who used the link to sign up for an account was displayed: There are two parameters in this URL, i.e "re" and "mid". According to Stephen changing some part of "mid" parameter can expose the email address of another user. http:/

Hacking PayPal accounts to steal user Private data

Hacking PayPal accounts to steal user Private data
May 29, 2013
If you're making a lot of money and you want to keep records of your transactions, then using PayPal 's Reporting system you can effectively measure and manage your business. Nir Goldshlager , founder of Breaksec and Security Researcher reported  critical flaws in Paypal Reporting system that allowed him to steal private data of any PayPal account. Exploiting the  vulnerabilities  he discovered, allowed him to access the financial information of any PayPal user including victim's shipping address Email addresses, Phone Number, Item name, Item Amount, Full name, Transaction ID, Invoice ID,  Transaction, Subject, Account ID, Paypal Reference ID etc. He found that PayPal is using the Actuate Iportal Application (a third party app) to display customer reports, so Nir downloaded the trial version of this app for testing purpose from its official website. After going deeply through the source code of trial version, Nir located a file named getfolderitems.

Facebook hacking accounts using another OAuth vulnerability

Facebook hacking accounts using another OAuth vulnerability
Mar 13, 2013
Remember the last OAuth Flaw in Facebook , that allow an attacker to hijack any account without victim's interaction with any Facebook Application, was reported by white hat Hacker ' Nir Goldshlager '. After that Facebook security team fixed that issue using some minor changes. Yesterday Goldshlager once again pwn Facebook OAuth mechanism by bypassing all those minor changes done by Facebook Team. He explains the complete Saga of hunting Facebook  bug in a blog post. As explained in last report on The hacker News , OAuth URL contains two parameters i.e.  redirect_uri &   next , and using Regex Protection (%23xxx!,%23/xxx,/) Facebook team tried to secure that after last patch. In recent discovered technique hacker found that next parameter allow  facebook.facebook.com domain as a valid option and multiple hash signs is now enough to bypass Regex Protection. He use facebook.com/l.php file (used by Facebook to redirect users to external links) to redirect victims to
Cybersecurity Resources