Security Alerts & News
by Tymoteusz A. Góral

#902 Facebook Messenger vulnerability patched
Facebook has patched a vulnerability in the desktop and mobile versions of its Messenger app that allows an attacker to access and modify chats, exposing the victim to potential fraud and malware.

Researchers at Check Point Software Technologies privately disclosed the issue May 2 to Facebook, which patched it two weeks later. The flaw, Check Point said, allows an attacker to, among other things, access chat history and add or change links to a chat session. If the victim is persuaded to click on what is now a malicious link, they could start a malware download or establish a connection to an attacker’s command and control server.

Check Point said the victim would be unaware of the changes, and that chat threads could be deleted or modified, and also links and files could be replaced or added; researcher Roman Zaikin is credited with the discovery.
Read more
#903 How your phone, fitness band vibration motors can be hacked for eavesdropping
#902 Facebook Messenger vulnerability patched
#901 White hat demonstrates how Better Business Bureau’s site leaked PII
#900 'Alarming' rise in ransomware tracked
#899 Android security: Google's June update splats dozens of critical, high-severity bugs
#898 Protecting your PC from ransomware gets harder with EMET-evading exploit
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12