how to hack facebook password | Breaking Cybersecurity News | The Hacker News

Holy moly, Facebook is again at the center of a new privacy controversy after revealing today that its platform mistakenly kept a copy of passwords for "hundreds of millions" users in plaintext. What's more? Not just Facebook, Instagram users are also affected by the latest security incident. So, if you are one of the affected users, your Facebook or Instagram password was readable to some of the Facebook engineers who have internal access to the servers and the database. Though the social media company did not mention exactly what component or application on its website had the programmatic error that caused the issue, it did reveal that the company discovered the security blunder in January this year during a routine security check. In a blog post published today, Facebook's vice president of engineering Pedro Canahuati said an internal investigation of the incident found no evidence of any Facebook employee abusing those passwords. "To be clear, t

It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack Facebook accounts by simply tricking the targeted users into clicking on a link. The researcher, who goes by the online alias "Samm0uda," discovered the vulnerability after he spotted a flawed endpoint (facebook.com/comet/dialog_DONOTUSE/) that could have been exploited to bypass CSRF protections and takeover victim's account. "This is possible because of a vulnerable endpoint which takes another given Facebook endpoint selected by the attacker along with the parameters and makes a POST request to that endpoint after adding the fb_dtsg parameter," the researcher says on his blog . "Also this endpoint is located under t

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.