Browsing Category: Social Engineering

verizon building

Simple Bug Exposed Verizon Wireless Users’ SMS History

A security researcher discovered a simple vulnerability in Verizon Wireless’s Web-based customer portal that enabled anyone who knows a subscriber’s phone number to download that user’s SMS message history, including the numbers of the people he communicated with.

Read more...

fb_timeline

Facebook Privacy Feature Gone for Good

Categories: Social Engineering

Late last year the world’s largest social network announced that it would begin removing a popular privacy feature that let users regulate whether other users could search for and locate their profiles with the Facebook search function.

Read more...

bitcoin

Bitcoins, Web-Exchanges Make Following Money Near Impossible

Cybercriminals’ use of Bitcoins and Web-based currency exchanges has made a tried-and-true law enforcement strategy of following the money to arrest criminals close to impossible.

Read more...

syrianbombspam

Fake CNN Alert Says US Bombed Syria; Leads to Malware

A new phishing campaign is disseminating malicious links with emails purporting to come from CNN saying that the United States has initiated military strikes against the embattled regime of Syrian President Bashar al Assad.

Read more...

times front

Inside the Response to the New York Times Attack

Late Tuesday morning, one of the engineers in CloudFlare’s San Francisco office saw a message on Twitter saying that the New York Times Web site was down. Minutes later, more messages appeared, as security researchers and others began looking into the situation and realized that someone may have compromised the site’s DNS records. Understanding the ramifications of that sort of attack, if that’s in fact what it was, Matthew Prince, CloudFlare’s CEO sent an email to Rajiv Pant, the CTO of the Times, saying that the company’s engineers would be available if Pant needed some help figuring out the situation. He did.

Read more...

money wall

With No Facebook Bounty Coming, Researcher Gets $12k Reward From Security Community

Like most major Web and software companies, Facebook receives a lot of bug reports. As one researcher learned recently, not all bugs are created equal, and Facebook doesn’t like people messing with its users–or its executives.

Read more...

zuck

Facebook Stands By Bug Disclosure Policy Following Zuckerberg Hack

A member of Facebook’s security team acknowledged over the weekend that the group could’ve taken further steps to verify a vulnerability initially brought to their attention by an independent security researcher last week but that the company largely adhered to its bug disclosure policy.

Read more...

blackhat

How to Fail at Black Hat

Every summer, the hacker intelligentsia descends on Las Vegas like a swarm of thirsty locusts that spends seven days chasing free drinks and avoiding sunlight at all costs. Black Hat and DEF CON week can be an overwhelming and confusing experience, especially for the uninitiated or agoraphobic. But fear not, Threatpost has your back.

Read more...