InfoSecBulletin Cybersecurity for mankind
Samip Aryal informed a Nepali media outlet about discovering a vulnerability in Facebook that could allow for an ‘account takeover.’ According to Aryal, the vulnerability could be exploited to take control of any user’s account with minimal effort.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
While he is currently ranked as one of the top hackers, there may be someone with a higher score in that position. Aryal mentioned that for now, 2024 is ranked first. Previously, Aryal reported security vulnerabilities to Facebook and was ranked 27th.
Finding this type of security vulnerability is a top priority for cyber security researchers. Aryal also made it a priority.
“This is Facebook’s Priority Based Vulnerability (priority security weakness),” he said. Earlier I looked at two factor authentication bypass. That is also a priority. This is definitely the highest priority.”
For discovering this weakness, Facebook has honored him in the Hall of Fame and given him a monetary reward.
Aryal found a weakness that could take over anyone’s account, but accounts with two-factor authentication cannot be taken over. OTP is needed to access these accounts, and it cannot be accessed because it goes to phone or email. Aryal recommends enabling two-factor authentication for added Facebook account security.
