Flipboard says hackers stole user details
29th May 2019 | Website: Flipboard | Reported Here
The news aggregation site, Flipboard, has disclosed that their databases had been hacked and unauthorized users have potentially downloaded the data contained within them. This data included the personal account information and digital tokens for some of their over 100 million users.
According to emails seen by BleepingComputer and a security incident notice published on their site, Flipboard stated that hackers gained access to some of their databases during two different time periods.The first time was between June 2nd, 2018 and March 23, 2019 and the second was between April 21st and 22nd, 2019.
It is not known if these were the same users accessing the databases at different periods or two separate data breaches.
Australian ‘unicorn’ Canva hacked
24th May 2019 | Website: Canva | Reported Here
Australian graphic-design-as-a-service company Canva has alerted its users to an attack that has seen “a number of our community’s usernames and email addresses … accessed.”
The attack was detected on Saturday, Australian time. The company’s letter to users also adds “The hackers also obtained passwords in their encrypted form (for technical people: all passwords were salted and hashed with bcrypt). This means that our user passwords remain unreadable by external parties.”
WhatsApp Hack – Hackers Installed Spyware By Placing A Phone Call
14th May 2019 | Software: WhatsApp | Reported Here
WhatsApp pressed users to update its messaging service, following a report that a vulnerability in the software allowed attackers to hack into people’s phones using commercial Israeli spyware. The chat app, owned by Facebook Inc., said it had discovered a vulnerability in early May that could enable attackers to insert and execute code on mobile devices.
Hackers Steal $40 Million Worth of Bitcoin From Binance Exchange
7th May 2019 | Website: Binance | Reported Here
Hackers have stolen $41m (£31m) worth of Bitcoin in a major crypto-currency heist.
The Binance exchange, which stores Bitcoin and other crypto-currencies for members, said hackers took 7,000 bitcoins in one go. Withdrawals have now been suspended on the platform.
“We beg for your understanding in this difficult situation,” Binance said.
However, the exchange said it would replace the lost cash with the help of its emergency insurance fund.
According to Binance, the attackers used a variety of techniques to break in. They deployed viruses and used phishing attacks to get security information.
Phishing Method Which Can Trick Google Chrome Users With Fake Address Bar
29th April 2019 | Application: Google Chrome | Reported Here
Why display the URL bar on a mobile device when you can give users more screen space by hiding it?
Google Chrome for Android does just that after a page has loaded, concealing information about the URL and expanding the screen space available to display content from the web page.
The feature is handy for users, but developer James Fisher is drawing attention to the possibility that phishing attackers can abuse it to catch users off guard when browsing.
Virgin Media Phishing Email
17th April 2019 | Site: My Virgin Media | First Reported Here
A phishing email sent to Virgin Media customers, telling them their payment for latest Virgin Media bill has failed and asking them to update billing details.
The Nasty List Phishing Scam
15th April 2019 | Site: Instagram | Reported Here
A new phishing scam called the “The Nasty List” is sweeping through Instagram and is targeting victim’s login credentials.
- If a user falls victim, the hackers will utilize their accounts to further promote the phishing scam.
- The Nasty List scam is being spread through hacked accounts that send messages to their followers stating that they were spotted on a so-called “Nasty List”.
- These profile descriptions also include a link that supposedly allows you to see this Nasty List and why you are on it.
- To avoid falling for an Instagram phishing scam like the Nasty List, if you are at a page that does not belong to the instagram.com web site, never enter your login credentials.
- If you have been hacked by the “Nasty List” phishing scam and you still have access to your account, the first thing you should do is verify that your account is using the correct phone number and email address.
Wells Fargo Bank – Wellsfargo Online Customer Service
10th April 2019 | Site: Wells Fargo Bank | Reported Here
Here is another good example of a phishing email that is presently being circulated. It makes for compelling reading, but it is a scam. Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.
Fake cancerous nodes in CT scans
3th April 2019 | Target: Hospital | Reported Here
A computer virus that can add fake tumours to medical scan images has been created by cyber-security researchers.
In laboratory tests, the malware altered 70 images and managed to fool three radiologists into believing patients had cancer.
The altered images also managed to trick automated screening systems.
The team from Israel developed the malicious software to show how easy it is to get around security protections for diagnostic equipment.
The program was able to convincingly add fake malignant growths to images of lungs taken by MRI and CT scanning machines.
American Express – Important Security Message
20th March 2019 | Company: American Express | Reported Here
Microsoft’s Office 365 Threat Research uncovered an active American Express (Amex) email phishing campaign that emerged over the weekend. The Amex phishing campaign is especially dangerous as it prompts the recipient for their credit card numbers, account logins, as well as other common password reset questions.