InfoSecBulletin Cybersecurity for mankind
Samip Aryal informed a Nepali media outlet about discovering a vulnerability in Facebook that could allow for an ‘account takeover.’ According to Aryal, the vulnerability could be exploited to take control of any user’s account with minimal effort.
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
GitLab Releases Security Update For Multiple Vulns
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
While he is currently ranked as one of the top hackers, there may be someone with a higher score in that position. Aryal mentioned that for now, 2024 is ranked first. Previously, Aryal reported security vulnerabilities to Facebook and was ranked 27th.
Finding this type of security vulnerability is a top priority for cyber security researchers. Aryal also made it a priority.
“This is Facebook’s Priority Based Vulnerability (priority security weakness),” he said. Earlier I looked at two factor authentication bypass. That is also a priority. This is definitely the highest priority.”
For discovering this weakness, Facebook has honored him in the Hall of Fame and given him a monetary reward.
Aryal found a weakness that could take over anyone’s account, but accounts with two-factor authentication cannot be taken over. OTP is needed to access these accounts, and it cannot be accessed because it goes to phone or email. Aryal recommends enabling two-factor authentication for added Facebook account security.
