#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

skype hacked | Breaking Cybersecurity News | The Hacker News

Category — skype hacked
URL Redirection flaw in Facebook apps push OAuth vulnerability again in action

URL Redirection flaw in Facebook apps push OAuth vulnerability again in action

Apr 04, 2013
In earlier posts, our Facebook hacker ' Nir Goldshlager ' exposed two serious Facebook oAuth Flaws. One, Hacking a Facebook account even without the user installing an application on their account and second, various ways to bypassing the regex protection in Facebook OAuth. This time, Nir illustrated a scenario attack  " what happens when a application is installed on the victim's account and how an attacker can manipulate it so easily " According to hacker, if the victim has an installed application like Skype or Dropbox, still hacker is able to take control over their accounts.  For this, an attacker required only a url redirection or cross site scripting  vulnerability on the Facebook owner app domain i.e in this scenario we are talking about skype facebook app. In many bug bounty programs URL redirection is not considered as an valid vulnerability for reward i.e Google Bug bounty Program. Nir also demonstrated that an attacker is even able to ga
SkypeHide to Send secret messages into silence of Skype Calls

SkypeHide to Send secret messages into silence of Skype Calls

Jan 07, 2013
Polish Researchers have discovered a clever way to send secret messages during a phone call on Skype. We know that, by default skype calls use 256-bit advanced encryption, but researchers find that is not enough. So they find out this new way to communicate messages more secretly by using silence. Mazurczyk, Maciej Karaś and Krzysztof Szczypiorski analysed Skype data traffic during calls and discovered that there is a way in Skype silence, where rather than sending no data between spoken words, Skype sends 70-bit-long data packets instead of the 130-bit ones that carry speech. So by taking advantage of this they hijacks these silence packets and then inject encrypted message data into some of them. The Skype receiver on other end will always simply ignores the secret-message data, but it can be decoded back to receive that secret message. Team decide to present this at Steganography conference  by creating a POC tool called SkypeHide that will be able to hijacks some of the silenc
The Secret Weakness Execs Are Overlooking: Non-Human Identities

The Secret Weakness Execs Are Overlooking: Non-Human Identities

Oct 03, 2024Enterprise Security / Cloud Security
For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,
Security hole allows anyone to hijack your Skype account

Security hole allows anyone to hijack your Skype account

Nov 14, 2012
It looks like Skype has another big hole in their security. According to reports, a security hole makes Skype accounts vulnerable to hijacking. The security hole allows unauthorized users with knowledge of your Skype-connected email address to change the password on your Skype account, thus gaining control of it. The hijack is triggered by signing up for a new Skype account using the email address of another registered user. No access to the victim's inbox is required one just simply needs to know the address. Creating an account this way generates a warning that the email address is already associated with another user, but crucially the voice-chat website does not prevent the opening of the new account. Then hacker just have to ask for a password reset token , which Skype app will send automatically to your email, this allows a third party to redeem it and claim ownership of your original username and thus account. The issue was reportedly documented on Russian forums
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Indian CERT issue warning about ongoing Skype Spam attack

Indian CERT issue warning about ongoing Skype Spam attack

Oct 30, 2012
Last month we reported a worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. This malware is spreading through a question/ phrase sent to the users by someone and the question is: " lol is this your new profile pic? " Same spam now targeting most of the Indian skype users, Indian CERT (Computer Emergency Response Team) issue a warning about this ongoing spam attack via advisory. A number of Indians use 'Skype' to communicate with their friends, relatives and other contacts within and outside the country. " A malicious spam campaign is on the rise targeting Skype users by sending instant message which appears to come from friends in the Skype contact list ," the advisory reads. Security researchers from Avast had intercepted this Darkbot malware campaign, and they estimate that this affecting millions of Skype users. " The worm is reported as stealing user credentials, engaging in click fraud activities
DarkBot Malware Circulation very fast via Skype

DarkBot Malware Circulation very fast via Skype

Oct 20, 2012
Two weeks back we reported that Security firm Trend Micro discovered a worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. This malware is spreading through a question/ phrase sent to the users by someone and the question is: " lol is this your new profile pic? " Yesterday Security researchers from Avast have intercepted a currently spreading Darkbot malware campaign, that's affecting millions of Skype users. According to him,"  It targets all the major Web browsers, and is also capable of distributing related malware such as Ransomware/LockScreen, as well as steal accounting data for major social networking services such as Facebook, Twitter, as well as related services such as GoDaddy, PayPal and Netflix ." Some of the infected PCs install the malware known as ransomeware which locks your PC and ask you to pay $200 dollars within 48 hours to retrieve your files. " If you click on
Ransomware malware targeting Skype users

Ransomware malware targeting Skype users

Oct 08, 2012
Security firm Trend Micro discovered a new worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. A malicious worm is taking advantage of the Skype API to spam out messages that link to a ZIP files ie. skype_06102012_image.zip or skype_08102012_image.zip, which is actually detected as Troj/Agent-YCW or Troj/Agent-YDC by Antivirus. According to definition -  Ransomware is a form of malware in which rogue software code effectively holds a user's computer hostage until a "ransom" fee is paid. Ransomware often infiltrates a PC as a computer worm or Trojan horse that takes advantage of open security vulnerabilities. Most ransomware attacks are the result of clicking on an infected e-mail attachment or visiting a hacked website. The message contains the question: "lol is this your new profile pic? h__p://goo.gl/{BLOCKED}5q1sx?img=username" or "moin, kaum zu glauben was für schöne fotos von dir auf deinem
Expert Insights / Articles Videos
Cybersecurity Resources