Twitter plugs black-box website vuln
Last Updated on Tuesday, 21 September 2010 05:21 Written by External Post Tuesday, 21 September 2010 05:21
Twitter’s security team said it has fixed a serious vulnerability on the site that created micro-blogging mayhem on Tuesday. The cross-site scripting flaw on the Twitter.com site creates a means for posting code into updates that activated when users
Go to Source
Sophos highlights Twitter URL vulnerability
Last Updated on Tuesday, 21 September 2010 05:20 Written by External Post Tuesday, 21 September 2010 05:20
Sophos has found that Twitter profiles are vulnerable to a ‘mouseover’ hack, something that many users are already exploiting. (Credit: Sophos screengrab of Twitter) Security firm Sophos highlighting a new and potentially dangerous hack of Twitter’s Web
Go to Source
Spammers exploit another Facebook flaw
Last Updated on Tuesday, 7 September 2010 04:00 Written by External Post Tuesday, 7 September 2010 04:00
Spammers have taken advantage of a vulnerability in Facebook to spread auto-replicating links, a trick that makes it possible to spread crud without using social engineering. Simply clicking on any application spam links was enough to ‘share’ the
Go to Source
Nasty Data-Stealing Bug Haunts Internet Explorer 8
Last Updated on Sunday, 5 September 2010 01:00 Written by External Post Sunday, 5 September 2010 01:00
Trailrunner7 writes “There’s an unpatched vulnerability in Internet Explorer 8 that enables simple data-stealing attacks by Web-based attackers and could lead to an attacker hijacking a user’s authenticated session on a third-party site. The flaw, which
Go to Source
Google vs. Microsoft: The battle of Ormandy
Last Updated on Thursday, 22 July 2010 01:20 Written by External Post Thursday, 22 July 2010 01:20
Software developers should never take reports of security vulnerabilities lightly. But to ignore a vulnerability to the extent that you won’t even commit to a timeframe to fix it is utterly irresponsible.
Go to Source
Google Researcher Issues How-To On Attacking XP
Last Updated on Friday, 11 June 2010 02:40 Written by External Post Friday, 11 June 2010 02:40
theodp writes ‘A Google engineer Thursday published attack code that exploits a zero-day vulnerability in Windows XP, giving hackers a new way to hijack and infect systems with malware. But other security experts objected to the way the Google engineer
Go to Source
‘Clickjacking’ worm hits hundreds of thousands on Facebook
Last Updated on Tuesday, 1 June 2010 10:01 Written by External Post Tuesday, 1 June 2010 10:01
A vulnerability on Facebook forced hundreds of thousands of users to endorse a series of webpages over the holiday weekend, making the social networking site the latest venue for an attack known as clickjacking. The exploit works by presenting people
Go to Source
Clickjacking Worm Exploits Facebook “Like” Feature
Last Updated on Monday, 31 May 2010 06:41 Written by External Post Monday, 31 May 2010 06:41
An anonymous reader writes ‘For the last 24 hours, a series of attacks have exploited Facebook’s ‘Like’ feature through a clickjacking vulnerability. Using subjects such as ‘This Girl Has An Interesting Way Of Eating A Banana, Check It Out!’ hackers have
Go to Source
Amazon purges account hijacking threat from site
Last Updated on Tuesday, 20 April 2010 07:40 Written by External Post Tuesday, 20 April 2010 07:40
Amazon.com administrators on Tuesday closed a security vulnerability that made it possible for attackers to steal user login credentials for the highly trafficked e-commerce website. The XSS, or cross-site scripting, bug on Amazon Wireless
Go to Source
Internet Explorer zero-day exploit published
Last Updated on Friday, 12 March 2010 10:45 Written by External Post Friday, 12 March 2010 10:45
Internet Explorer , Microsoft , An Israeli security researcher has published exploit code for an unpatched hole in Internet Explorer that Microsoft disclosed two days ago. Microsoft had warned in an advisory that a new vulnerability in Internet Explorer
Go to Source
