Blog Posts


Critical issue opened private chats of Facebook Messenger users up to attackers

An estimated 1.8-billion active monthly users trust Facebook to keep their accounts, user details and communications secure. On the one hand, the social network is based on sharing: users post some 350-million photos daily and nearly 300-thousand statuses per minute. On the other hand, there is Facebook Messenger, one of […]

... More

Ransomware Epidemic Countermeasures

  In the last three years the ransomware epidemic has grown both in volume and shape (number of infections and number of different variants). Although the first ransomware ever was found in 1989 (see “AIDS Trojan”), it was pretty rare until recently. Nowadays, almost every day, hundreds and even thousands […]

... More

‘SNAP’ – Millions of LG Smartphone Devices are Vulnerable to Phone Hijack

BugSec and Cynet researchers discovered a severe security vulnerability in LG G3 smartphones which allows an attacker to run arbitrary JavaScript code on the devices. The vulnerability can easily lead to sensitive data theft, phishing attacks and to a denial of service (DOS) on the device. To get expert advice […]

... More

Following our last blog post, vendors say they are not worried about the ‘FireStorm’ vulnerability – the video below shows why we think they should be

Our recent post about the “FireStorm” vulnerability resulted in many interesting comments throughout the web, some of them from firewall vendors and some from worried customers. One particular vendor stated their less-than-concerned opinion regarding “FireStorm.” In order to clarify the issue, and for the purpose of advancing the argument from […]

... More

Inline Resource XSS via Gmail Android Application

Google is the largest email provider in the world today, with close to one billion users who manage a significant part of their digital lives through their email platform. This makes the Google mail platform a main target for multiple attackers worldwide. Success in breaking into a Google (Gmail) email […]

... More

FireStorm: Severe Security Flaw Discovered in Next Generation Firewalls

BugSec Group and Cynet discovered a severe vulnerability in Next Generation Firewalls. Head of Offensive Security Stas Volfus uncovered the vulnerability, code-named FireStorm, which allows an internal entity or malicious code to interact and extract data out of the organization, completely bypassing the firewall limitation. It was discovered that the […]

... More