Microsoft confirms phishing attack compromised the employee's email account

Social Engineering attacks is one of the most successful attack method- Even the system which is claimed to be 100% secure can be hacked, if an attacker is able to manipulate one employee.

We recently covered a news about the recent Microsoft's twitter account hack in which Syrian hackers compromised the email accounts of Microsoft's employees through a phishing attack.

Microsoft has finally admitted that the Syrian Electronic Army has hacked into several Microsoft employee email accounts via phishing attack.

"A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted." Microsoft spokesperson said in an email sent to Geekwire.

Microsoft said that the compromised accounts have been recovered. They also claimed that no customer info stolen in the attak.

"We continue to take a number of actions to protect our employees and accounts against this industry-wide issue."

Comments

Click-jacking or UI Redressing

Hi! Just want to share my finding, I have found Click-jacking or UI Redressing Vulnerability in on Google Map , enjoy ;-) This bug was reported to Google Security Team, fixed immediately. About Title: ClickJacking or UI Redressing on Google Map Business Risk: Normal Discovery Date: October 8, 2013 Author: Jitendra Jaiswal (me) Poc Details Impact On victim : 1. attacker change victim profile pic by useing his webcam and upload 2. update status acording to attacker Best, Jeet Jaiswal

Evil App Steal Facebook Access Token

Evil App Steal Facebook Access Token Facebook say about this users Responsible for this its not an issue for facebook so After 3 month i am disclose this may be now they make some change but its still work ....... so users not allow any app to access your data on facebook or dont login anywhere using Facebook may be this an Attacker and After steal your Facebook Access Token he Can Hack your facebook Account Easily.... [#] Title : Evil App Steal Facebook Access Token [#] Status : Unfixed [#] Severity : very High [#] Works on : Any browser with any version [#] Homepage : www.facebook.com [#] Author : Jitendra Jaiswal [#] Email : jeetjaiswal0@gmail.com This Vulnerability is exploitable to all users who are use facebook apps and allow access of apps an attacker can modify all app setting in url Impact of Vulnerability: An attackers can store user access token with 2 month no Expires also token not expire if user

Edward Snowden nominated for Nobel Peace Prize 2014

Now there is really great news for all the supporters of Former National Security Agency ( NSA ) contractor Edward Snowden , as he is nominated for the 2014 Nobel Peace Prize by two Norwegian lawmakers. Snorre Valen and Baard Vegar Solhjell , parliamentarians from Norway’s Socialist Left Party said, “ He has contributed to revealing the extreme level of surveillance by nations against other nations and of citizens ,” Edward Snowden revealed various widely extended NSA spying projects and responsible for handing over the material from one of the world's most secretive organizations the NSA. He faces charges of theft and espionage and is in Russia on temporary asylum. “ Snowden contributed to people knowing about what has happened and spurring public debate ” on trust in government, which he said was “ a fundamental requirement for peace ”. Snorre Valen also added that, “ There’s no doubt that the actions of Edward Snowden may have damaged the securi

Hacking Concepts

Search This Blog