- Security Fixes and Improvements
- By Catalin Cimpanu
- September 20th, 2016
Facebook Gives $16,000 to Researcher Who Found a Way to Hijack Business Pages
Researcher receives $16,000 for his work
- Incidents
- By Catalin Cimpanu
- June 22nd, 2016
Carbonite Online Backup Service Resets All Users Passwords After Cyber-Attack
One day after GoToMyPC, Carbonite suffers the same fate
- Incidents
- By Catalin Cimpanu
- June 19th, 2016
GoToMyPC Remote Desktop Service Under Attack, Resets User Passwords
Incident seems to be another ATO (account takeover) attack
- Security
- By Catalin Cimpanu
- June 19th, 2016
Attackers Used Nearly One Million IPs to Brute-Force a Financial Institution
ATO attacks are becoming the norm these days
- Security
- By Catalin Cimpanu
- June 1st, 2016
"Deploy on Heroku" Buttons Lead to Complete Pwnage of Heroku Accounts
Heroku OAuth was leaking global API access token
- Security
- By Catalin Cimpanu
- April 13th, 2016
Google Fixes XSS Bug in Account Recovery Procedure
Attackers could take over any Google account they wanted
- Security
- By Catalin Cimpanu
- March 28th, 2016
Facebook Fixes Instagram Issue That Allowed Account Takeover
Instagram account verification process flawed
- Security
- By Ionut Ilascu
- November 7th, 2014
Manually Hijacking Accounts Is More Successful than Bot-Driven Attacks
After collecting info on the victim a phishing attack ensues