The Guardian published documents that reveal NSA and GCHQ infiltrate gaming platforms and communities including World of Warcraft and Second Life NSA and British GCHQ are working to infiltrate the virtual world of online games considered as an attractive environment for cyber terrorists and hackers, this is the last chapter of the Snowden‘s Saga. The Guardian […]
LinkedIn iOS app parses HTML in the messages, and this can be used to phish for credentials or be escalated into a full blown attack. Senior CyberSecurity Specialist Zouheir Abdallah @ZuZ  (Twitter handle), has publicly and responsibly disclosed a vulnerability in LinkedIn’s mobile app. Zouheir is known for reporting a serious vulnerability in DropBox’s 2 Factor […]
Researcher Irene Abezgauz from the Quotium Seeker Research Center discovered a Facebook flaw that allows anyone to see a profileâs private friend list. Facebook is the privileged target for hackers and cybercriminals, the popular social network is a mine of data that could be used to acquire information on a specific target or to conduct […]
Researcher Dan Melamed recently discovered an open url redirection flaw in Facebook that allowed to have a facebook.com link redirect to any website. A Facebook Open URL Redirection vulnerability is the last discovery of security expert Dan Melamed that reported it in a recent post. Dan is an old acquaintance of Security Affairs, he revealed […]
Search engines are formidable tools for reconnaissance, Google Hacking is essential knowledge for professionals searching for website vulnerabilities. Search engines are powerful tools for attackers that need to conduct passive reconnaissance, their use could help to gather information on the target network organization, application used and related vulnerabilities, sensitive documents and info on company personnel. […]
The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]
Google Hacking is a formidable method for reconnaissance. Mass website hacking tools based on Google-dorks advantage the malicious online activities. Google hacking is a must for hackers and pen testers, the popular search engine is a mine of information for targeted analysis and reconnaissance phase. In the past we discussed on how to use Google […]
A misleading script to increase the number of “I like” and an invasive technology to track screen cursors are threatening the Facebook users. The social media are money machines, the interest of private companies, governments and cybercrime are increasing exponentially. Security experts are observing an alarming trend, a growing number of subjects are spending a […]
Security expert Ebrahim Hegazy has found another serious vulnerability in Twitter, he has discovered an Unrestricted File Upload Vulnerability. The popular Ebrahim Hegazy has found another serious vulnerability in Twitter, the cyber security analyst and Consultant at Q-CERT has discovered a flaw in the social media that allows Unrestricted File Upload. When a user creates a […]
The hack of a social media account is a common incident that could have a serious impact of our digital identity. How to prevent it? What to do in case of hack? Social media, cloud computing and mobile are technologies that most of all attract cybercriminals due their high penetration, exploiting this channels attackers could […]