Search results for how to hack another account | Breaking Cybersecurity News | The Hacker News

Hacking Facebook account is one of the major queries on the Internet today. It's hard to find — how to hack Facebook account or facebook messenger, but researchers found a way that can allow someone to hack Facebook account passwords with only the target's phone number and some resources. Yes, your Facebook profile can be hacked, no matter how strong your password is or how much extra security measures you have taken. No joke! Hackers with resources to exploit SS7 network can hack your Facebook login and all they need is your phone number. The weaknesses in the part of global telecom network SS7 that not only let hackers and spy agencies listen to personal phone calls and intercept SMSes on a potentially massive scale but also let them hijack social media accounts to which you have provided your phone number. SS7 or Signalling System Number 7 is a cell phone signaling protocol that is being used by more than 800 telecommunication operators worldwide to exchange i...

We all have been receiving spam phone calls and messages on almost daily basis from scammers who want to pilfer your money and personal information, but a new type of social engineering hack that makes use of just your mobile number to trick you is a little scarier. Security firm Symantec is warning people about a new password recovery scam that tricks users into handing over their webmail account access to the attackers. In order to get into your email account, an attacker does not need any coding or technical skills. All an attacker needs your email address in question and your cell phone number. Since the process to reset the password is almost similar to all mail services, this new password recovery scam affects all popular webmail services including Gmail, Yahoo, and Outlook among others. Symantec has provided a video explanation of how this new hack attack works. The trick is as simple as it sounds: if you want to reset someone's email account password, all y...

It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack Facebook accounts by simply tricking the targeted users into clicking on a link. The researcher, who goes by the online alias "Samm0uda," discovered the vulnerability after he spotted a flawed endpoint (facebook.com/comet/dialog_DONOTUSE/) that could have been exploited to bypass CSRF protections and takeover victim's account. "This is possible because of a vulnerable endpoint which takes another given Facebook endpoint selected by the attacker along with the parameters and makes a POST request to that endpoint after adding the fb_dtsg parameter," the researcher says on his blog . "Also this endpoint is located under t...

How to hack an Instagram account? The answer to this question is difficult to find, but a bug bounty hunter just did it without too many difficulties. Belgian bug bounty hunter Arne Swinnen discovered two vulnerabilities in image-sharing social network Instagram that allowed him to brute-force Instagram account passwords and take over user accounts with minimal efforts. Both brute-force attack issues were exploitable due to Instagram's weak password policies and its practice of using incremental user IDs. "This could have allowed an attacker to compromise many accounts without any user interaction, including high-profile ones," Swinnen wrote in a blog post describing details of both vulnerabilities. Brute-Force Attack Using Mobile Login API Swinnen discovered that an attacker could have performed brute force attack against any Instagram account via its Android authentication API URL, due to improper security implementations. According to his blog post , fo...

The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx , who claimed to be from Pakistan, created a GitHub repository called Source-Snapchat with a description " Source Code for SnapChat ," publishing the code of what purported to be Snapchat's iOS app. The underlying code could potentially expose the company's extremely confidential information, like the entire design of the hugely-successful messaging app, how the app works and what future features are planned for the app. Snapchat's parent company, Snap Inc., responded to the leak by filing a copyright act request under the Digital Millennium Copyright Act (DMCA), helping it takedown the online repository hosting the Snapchat code. SnapChat Hack: Github Took Down Repository After DMCA Notice Though it is not clear...

Phishing is most commonly perpetrated through the mass distribution of e-mail messages directing users to a fraud web site or services. These professional criminals daily find new ways to commit old crimes, treating cyber crime like a business and forming global criminal communities. Another latest scam has been notified by GFI that, where cyber criminals are offering the art of hacking Twitter accounts with a web-based exploit. Phishers are sending scam emails and offering fake twitter account hacking service, which in actual will hack their own twitter accounts. Email from phishers have text, " Do you want to learn how to hack twitter? Are you looking for a way to hack your friends twitter account without them finding out? Interested in finding out ways to hack someone's profile? Maybe you want to take a quick peek at their direct message inbox, steal their username or find a glitch to use a hacking script, ". Hackers try to convince readers by showing a exploi...

Over the last few weeks we have been contacted by a number of members of the  our  Facebook page , concerned by a message they saw on Facebook, warning them that their account protection was " very low ". With fake anti-virus (also known as scareware) attacks becoming an ever-growing problem (they attempt to trick you into believing your computer has a security problem when it doesn't), some security-conscious Facebook users might worry that this is a similarly-styled assault, designed to scare you into taking perhaps unwise actions. Certainly the warning message gives you the impression that there's something seriously wrong with how you have defended your Facebook account. I must admit I was surprised to see the message appear on my own Facebook account as I have been quite fastidious in my security settings on the social network. So, I was curious to find out just  why  Facebook believed that my account protection status was "very low", and what they t...

There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys to the front door? No matter how extensive your security solutions are, protecting the various systems in your environment, your organization may likely be an easy target without proper password security. An especially vulnerable type of password is a  breached password , a.k.a "pwned" password. What is a breached password? How do you discover breached passwords in your environment? How can organizations effectively protect their end-users from using these types of passwords? The Danger of Compromised Accounts The  IBM Cost of a Data Breach Report  2020 noted compromised credentials as one of the primary contributors to malicious data breaches in the report's key findings. It noted: "Stolen or compromised credentials were the...

If you also found yourself logged out of Facebook on Friday, you are not alone. Facebook forced more than 90 million users to log out and back into their accounts in response to a massive data breach. On Friday afternoon, the social media giant disclosed that some unknown hackers managed to exploit three vulnerabilities in its website and steal data from 50 million users and that as a precaution, the company reset access tokens for nearly 90 million Facebook users. We covered a story yesterday based upon the information available at that time. Facebook Hack: 10 Important Updates You Need To Know About However, in a conference call [ Transcript 1 , Transcript 2 ] with reporters, Facebook vice president of product Guy Rosen shared a few more details of the terrible breach, which is believed to be the most significant security blunder in Facebook's history. Here's below we have briefed the new developments in the Facebook data breach incident that you need to know abo...

Another Surprising Twist in the Apple-FBI Encryption Case : The Apple ID Passcode Changed while the San Bernardino Shooter's iPhone was in Government Custody. Yes, the Federal Bureau of Investigation (FBI) has been screwed up and left with no option to retrieve data from iPhone that belonged to San Bernardino shooter Syed Farook. Apple has finally responded to the Department of Justice (DoJ) court filing that attempts to force Apple to comply with an FBI request to help the feds unlock Farook's iPhone, but Apple refused to do so. According to Apple, the company had been helping feds with the investigation since early January to provide a way to access Farook's iPhone, but the problem is that the feds approached the company after attempting a 'blunder' themselves. Here's How the FBI Screwed itself On October 19, 2015, Roughly six weeks before the San Bernardino terrorist attacks, Syed Farook made a last full iCloud backup of his iPhone 5...

Today's admins certainly have plenty on their plates, and boosting ecosystem security remains a top priority. On-premises, and especially remote, accounts are gateways for accessing critical information. Password management makes this possible. After all, authentication should ensure that a user is whom they claim to be. This initial layer of security is crucial for protecting one's entire infrastructure. Unfortunately, the personal nature of passwords has its shortcomings. Passwords are easily forgotten. They may also be too simplistic; many companies don't enforce stringent password-creation requirements. This is where the Active Directory Password Policy comes in. Additionally, the following is achievable: Changing user passwords Recording password changes and storing them within a history log Active Directory accounts for any impactful changes across user accounts. We'll assess why and how administrators might leverage these core features. Why change user ...