account hijacking

Pierluigi Paganini October 20, 2021
YouTube creators’ accounts hijacked with cookie-stealing malware

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. According to Google’s Threat Analysis Group (TAG) researchers, who spotted the campaign, the attacks were launched by multiple hack-for-hire […]

Pierluigi Paganini March 03, 2021
Bug bounty hunter awarded $50,000 for a Microsoft account hijack flaw

A researcher received a $50,000 bug bounty by Microsoft for having reported a vulnerability that could’ve allowed to hijack any account. Microsoft has awarded the security researcher Laxman Muthiyah $50,000 for reporting a vulnerability that could have allowed anyone to hijack users’ accounts without consent. According to the expert, the vulnerability only impacts consumer accounts. […]

Pierluigi Paganini July 16, 2020
Several High-Profile Twitter accounts hacked in a Bitcoin scam

The social media platform Twitter suffered one of the biggest cyberattacks in its history, multiple high-profile accounts were hacked. Social media platform Twitter has suffered one of the biggest cyberattacks in its history, hackers breached a number of high-profile accounts, including those of Barak Obama, US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon […]

Pierluigi Paganini May 01, 2017
Yahoo awarded $7,000 a bug hunter for Flickr account hijacking vulnerability

Yahoo awarded $7,000 to the bug hunter Michael Reizelman, aka mishre, for Flickr account hijacking vulnerability. Reizelman was a popular bug hunter that discovered vulnerabilities in many web services, including Badoo, Dropbox, GitHub, Google, Imgur, Slack, Twitter, and Uber. The expert has discovered three vulnerabilities in the company’s image and video hosting service that could have been chained together […]

Pierluigi Paganini June 05, 2015
How to easily hack a WhatsApp Account?

TheHackerNews has reported a simple trick that allows to hijack a WhatsApp account easily on every mobile platform by knowing the victim’s phone number. The popular mobile messaging app WhatsApp is vulnerable to hijacking exposing hundreds of Millions of users vulnerable to attack. It could be quite easy to take over a WhatsApp account when the attacker […]

Pierluigi Paganini May 27, 2014
Serious WordPress issue exposes users to hijacking even if 2FA is enabled

Unencrypted cookies leave WordPress accounts exposed to hijacking on insecure networks, even if the two-factor authentication is enabled. WordPress administrators must be aware that it is quite easy for hackers to hijack their web site if they login from the same WI-Fi connection (e.g. From a public place) even if it is protected by two-factor authentication, . […]