Tag Archives: Covert Redirect

Covert Redirect Mengancam OAuth 2.0 dan OpenID

Covert Redirect Mengancam OAuth 2.0 dan OpenID Pada Jumat lalu, Wang Jing, seorang mahasiswa program PhD di Nanyang Technological University di Singapura, menerbitkan sebuah laporan yang memjabarkan tentang metode serangan yang disebut dengan “Covert Redirect” dan memperkenalkannya sebagai kerentanan atau … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Continúan los problemas: OAuth y OpenID también son vulnerables, Covert Redirect

Un nuevo fallo de seguridad amenaza Internet. En este caso se trata de Covert Redirect y ha sido descubierto por un estudiante chino en Singapur.     Cuando aún resuenan los ecos de Heartbleed y el terremoto que sacudió la … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Une faille dans l’intégration d’OAuth 2.0 et OpenID touche les acteurs du we

Un chercheur a trouvé une faille dans les spécifications des protocoles de sécurité OAuth 2.0 et OpenID qui affecte les grands acteurs du web.    Depuis la découverte de la faille Heartbleed, le monde du web se penche sur la … Continue reading

Posted in Computing Science, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Falha de segurança afeta logins de Facebook, Google e Microsoft

Um estudante de PHD de Singapura, Wang Jing, identificou a falha, chamada de “Covert Redirect”, que consegue usar domínios reais de sites para verificação de páginas de login falsas, enganando os internautas.   Os cibercriminosos podem criar links maliciosos para … Continue reading

Posted in Computer Technology, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

하트블리드 이어 ‘오픈ID’와 ‘오쓰(OAuth)’서도 심각한 보안 결함

‘하트블리드(Heartbleed)’ 버그에 이어 가입자 인증 및 보안용 오픈소스 SW인 ‘오픈ID’와‘오쓰(OAuth)’에도 심각한 결함이 발견됐다고 씨넷, 벤처비트 등 매체들이 보도했다.   싱 가폴난양대학교에 재학중인 ‘왕 징(Wang Jing)’ 박사는 수 많은 웹사이트와 구글, 페이스북, 링크드인, MS, 페이팔 등에서 사용하고 있는 로그인 툴인 ‘OAuth’와‘오픈ID’에 … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Facebook, Google Users Threatened by New Security Flaw, Covert Redirect

  A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed “Covert Redirect” by its discoverer, exists in two open-source … Continue reading

Posted in Covert Redirect, Phishing, Privilege Escalation, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment