LinkedIn attack Campaign takes over Accounts
An ongoing campaign that came into the limelight recently targeting LinkedIn accounts has led to victims losing control of their accounts or being locked out following repeated login attempts. Whether…
AWS Cross Tenant Confused Deputy Vulnerability
A cross-tenant vulnerability in AWS could be exploited and have allowed attackers to abuse AWS AppSync service to assume IAM and gain access to resources in an organization’s account. The…
TikTok Account takeover bug
Researchers have discovered a vulnerability in TikTok’s Android app which could allow attackers to remotely hijack user accounts. Tracked as CVE-2022-28799, Microsoft reported the vulnerability to TikTok in February 2022, after…
Gitlab fixes Account Takeover Vulnerability
GitLab has addressed a critical security flaw in its service that could result in an account takeover after exploitation. This critical bug tracked as CVE-2022-1680, with CVSS of 9.9 and…
Fantasy Premier League Will Have 2FA from Next Season
A series of account takeover hacks has prompted the EPL to promise to introduce two-factor auth controls to its official Fantasy Premier League game (FPL) from next season. It has more…