Hacks

Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and Ad fraud. Facebook filed the lawsuit on Thursday in the Northern District of California against ILikeAd Media International Company Ltd. as well as a Chinese software developer and a marketing director working for the firm, Chen Xiao Cong and Huang Tao. All three defendants have been alleged to have deceived people into installing malware on their systems, enabling them to compromise user's Facebook accounts and then using those hacked accounts to advertise counterfeit goods and diet pills—which is clearly in violation of Facebook's Terms and Advertising Policies. "The suit seeks to hold accountable ILikeAd Media International Company Ltd. and Chen Xiao Cong and Huang Tao for creating the malware, tri...

A new malware campaign dubbed “RevengeHotels” targeting hotels, hostels, hospitality, and tourism companies worldwide aimed to steal credit card data of users and Travelers from hotel management systems. The campaign uses email as the main attack vector to deliver malware via weaponized Word, Excel or PDF documents. In some cases, it exploits patched Remote Code Execution Vulnerability  CVE-2017-0199  in Microsoft Office or WordPad. Researchers from Kaspersky observed tow hacking groups ProCC and RevengeHotels targeting the hospitality sector and they found to be active at least from 2015. Tactics Used – RevengeHotels Threat actors use to register typo-squatting domains impersonating the legitimate company names to trick the user believing the email is from the legitimate source. They use to send emails with details for booking hotels and the spear-phishing email written in the Portuguese language with the malicious file named  Reserva Advogados Associados(...

Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution flaw that can be exploited by attackers to execute malicious code on vulnerable devices and take control over them. The first vulnerability resides in the way multi-part/form-data requests are processed within the base GoAhead web server application, affecting GoAhead Web Server versions v5.0.1, v.4.1.1, and v3.6.5. According to the researchers at Cisco Talos, while processing a specially crafted HTTP request, an attacker exploiting the vulnerability can cause use-after-free condition on the server and corrupt heap structures, leading to code execution attacks. The second vulnerability, assigned as CVE-2019-5097, also resides in the same component of the GoAhead Web Server and can be exp...

RCS expanded as Rich Communications Services is the next generation SMS protocol aimed to replace the SMS and MMS services. It was taken over by GSM Association in the year February 2008. Starting from April 2018 Google started integrating RCS with its instant messaging mobile app Google Allo. RCS is the IP-based messaging service based on SIP and HTTP to provide various services such as group chats, video calls, file transfers and more. RCS Hacking Attacks According to the Security Research Labs report with some implementations RCS functionality not properly protected and it allows a range of different hacking attacks. The improper implementation of RCS functionality in many networks let hackers gain complete control over the user accounts by stealing RCS configuration files that include SIP and HTTP credentials. The implementation lack in certificate and domain validation which allows an attacker to intercept and manipulate communication in the middle and they also fa...

If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible. Avast Online Security AVG Online Security Avast SafePrice AVG SafePrice Why? Because these four widely installed browser extensions have been caught collecting a lot more data on its millions of users than they are intended to, including your detailed browsing history. Most of you might not even remember downloading and installing these extensions on your web browser, and that's likely because when users install Avast or AVG antivirus on their PCs, the software automatically installs their respective add-ons on the users' browsers. Both online security extensions have been designed to warn users when they visit a malicious or phishing website; whereas, SafePrice extensions help online shoppers learn about best offers, price comparisons, travel deals, and discount coupons from various ...

In a coordinated global law enforcement operation, Europol has taken down more than 30,500 websites for distributing counterfeit and pirated items over the Internet and arrested three suspects. Among other things, the seized domains reportedly offered various counterfeit goods and pirated products and services, including pirated movies, illegal television streaming, music, electronics, cracked software downloads, counterfeit pharmaceuticals, and other illicit products. However, it should be noted that the seized web domains do not include any major pirate websites on the Internet. During the investigation, international law enforcement officials: shut down a total of 30,506 web domains, arrested three suspects, seized 26,000 luxury clothes and perfumes, seized 363 liters of alcoholic beverages, and seized an unspecified number of hardware devices. The officials also identified and froze more than €150,000 from several bank accounts and online payment platforms. The domai...

MixCloud investigating a data breach that impacts more than 20 million registered users for the service. MixCloud is a popular music streaming service. The platform allows the listening and distribution of radio shows, DJ mixes, and podcasts which are uploaded by its users. The company said it has more than 17 million users. MixCloud  was found in the year 2008 and the company located in the United Kingdom and it falls under European data protection rules  GDPR  rules. MixCloud Data Breach A dark web seller knows bt the handle “A_W_S,” listed the data of MixCloud for sale on dark web forums from $4,000, to $5000 or about 0.5 bitcoin. According to Motherboard  analysis  of the data shared by the seller, the data breach found to happen in November and the data found to be authentic. Motherboard verified the data bu using an email sign-up feature, and they found those email addresses are already linked with the account. The following are the data...