泄露任何谷歌用户的电话号码
从速率限制到无限制:IPv6庞大的地址空间和巧妙的BotGuard绕过漏洞,使得每个谷歌用户的电话号码都面临泄露风险。研究人员发现攻击者可以绕过谷歌的安全防护,通过系统漏洞获取用户关联的手机号码。
相关报道
DDoSecrets has released 410 GB of heap dump data obtained from a hack of TeleMessage's archive server. The data includes information from the company's customers, which reportedly include law enforcement agencies and financial institutions.
A new phishing-as-a-service called Starkiller uses disguised links to load real login pages from target brands. It acts as a relay between victims and legitimate sites, forwarding usernames, passwords, and MFA codes to bypass security measures.
An analysis of the Android Telegram client Telega found that it routes network traffic through a Man-in-the-Middle (MitM) infrastructure located in Russia, raising serious security and privacy concerns for users.
TeleMessage's customer list includes DC Police, Andreessen Horowitz, JP Morgan, and hundreds of other organizations, according to analysis of 410 GB of Java heap dumps from the company's archive server.
An investigation uncovered a large network of fake support groups on Telegram that spread cryptocurrency stealers and drainers. The network was found to be actively promoting malicious tools designed to drain crypto wallets.