252 matches found
Hackers Exploited Twitter Bug to Find Linked Phone Numbers of Users
Twitter today issued a warning revealing that attackers abused a legitimate functionality on its platform to unauthorizedly determine phone numbers associated with millions of its users' accounts. According to Twitter, the vulnerability resided in one of the APIs that has been designed to make it...
Razer: Improper access control on easytopup.in.th transaction page leads to user's information disclosure and may lead to account hijacking
The tester discovered a Razer Gold Thailand server was vulnerable to information disclosure due to the use of a predicable reference ID in application URLs which could lead to the ability obtain phone numbers. Razer thanks the tester for his clear report...
Information Leakage Vulnerability in Intensive Intelligent Portal Platform of TORS Information Technology Co.
The main company of TORS Information Technology Co., Ltd. provides general platform products, industry application solutions and data services for key industry markets, such as government, media, security, finance, enterprise, intellectual property, publishing and net credit. Intensive Intelligen...
Two Former Twitter Employees Caught Spying On Users For Saudi Arabia
Two former employees of Twitter have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government, likely with the purpose of unmasking the identity of dissidents. According to an indictment filed on November 5 and unsealed just yesterday, one of the...
Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed "MessageTap ," the backdoor malware is a 64-bit ELF da...
UniCredit Bank Suffers 'Data Incident' Exposing 3 Million Italian Customer Records
UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers. Officially founded in 1870, UniCredit is Italy's biggest banking and financial...
Twitter Puts Profit Ahead of User Privacy—Just Like Facebook Did Before
Twitter funneled two-factor authentication phone numbers into their ad targeting platform—but they weren't the only ones...
An Unprecedented Cyberattack Hit the US Power Grid
Exposed Facebook phone numbers, an XKCD breach, and more of the week's top security news...
Unsecured database leaks phone numbers of 419 million Facebook users
By Sudais The unsecured database contained 133 million records from the US, 18 million in the UK and 50 million in Vietnam - All from Facebook users. This is a post from HackRead.com Read the original post: Unsecured database leaks phone numbers of 419 million Facebook users...
CVE-2019-15514
The Privacy Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers...
Information disclosure
The Privacy Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers...
D-Link DVA-5592 Information Disclosure Vulnerability
The D-Link DVA-5592 is a wireless router from AUO D-Link of Taiwan, China. An information disclosure vulnerability exists in the web interface of the D-Link DVA-5592 version 20180823, which can be exploited by an attacker to access sensitive information Wi-Fi passwords and phone numbers...
Grammarly: Can register any mobile number in MFA without current code.
@chackmate identified a vulnerability that allows a user to connect arbitrary phone numbers with their account. No users affected...
PhoneInfoga - Advanced Information Gathering & OSINT Tool For Phone Numbers
PhoneInfoga is one of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with very good accuracy. Then search for footprints on search engines to...
CVE-2018-17502
The Receptionist for iPad could allow a local attacker to obtain sensitive information, caused by an error in the contact.json file. An attacker could exploit this vulnerability to obtain the contact names, phone numbers and emails...
Design/Logic Flaw
The Receptionist for iPad could allow a local attacker to obtain sensitive information, caused by an error in the contact.json file. An attacker could exploit this vulnerability to obtain the contact names, phone numbers and emails...
Bragging Rights App Has Information Leakage Vulnerability
Bragging App is a chatting software developed by Beijing Qingshu Network Technology Co. There is an information leakage vulnerability in Bragging App, which can be exploited by an attacker to obtain the cell phone numbers of all the members in the group...
Himalaya App has information leakage vulnerability
Himalaya APP is an audio sharing client launched by Shanghai Zendai Himalaya Network Technology Co. There is an information leakage vulnerability in Himalaya APP, which can be exploited by an attacker to obtain registered user's cell phone number information...
X (Formerly Twitter): Protected tweets exposure through the URL
Summary Leaking sensitive information from protected tweets via a prepared website. This vulnerability could lead to exposure of information such as credit card numbers, bank account numbers, phone numbers, tokens, specific words or even the whole phrases but also the exposure of any additional...
Pre-Installed Android App Impacts Millions with Slew of Malicious Activity
A pre-installed Android application on Alcatel smartphones has been found surreptitiously siphoning off geolocation data, email addresses and phone identification numbers and sending the data to a server in China. Analysts with Upstream’s Secure-D platform said that the app, Weather Forecast—Worl...