Tag Archives: cyber

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities

CVE-2015-2349 – SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Web Security Vulnerabilities Exploit Title: CVE-2015-2349 – SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter XSS Web Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5.*.0.* 4.*.0.* Tested Version: 5.*.0.* 4.*.0.* Advisory Publication: March 11, 2015 Latest … Continue reading

Posted in Computer & Web Technology, IT Technology, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Security-Bug: Facebook- und Google-Login unsicher, Covert Redirect

Security-Bug: Facebook- und Google-Login unsicher, Covert Redirect Der nächste Hammer nach dem OpenSSL-Bug: Die sehr weit verbreiteten Login-Protokolle OpenID und OAuth 2.0 haben eine Sicherheitslücke, über die Angreifer an vertrauliche Daten der Nutzer gelangen können. Dies fand Wang Jing, ein … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Keep calm e fate attenzione: OpenID e OAuth sono vulnerabili

Keep calm e fate attenzione: OpenID e OAuth sono vulnerabili Solo un paio di settimane dopo il preoccupante bug conosciuto comeHeartbleed, un utente di Internet come me e voi ha scoperto una nuova e a quanto pare diffusa vulnerabilità, anche … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Covert Redirect Mengancam OAuth 2.0 dan OpenID

Covert Redirect Mengancam OAuth 2.0 dan OpenID Pada Jumat lalu, Wang Jing, seorang mahasiswa program PhD di Nanyang Technological University di Singapura, menerbitkan sebuah laporan yang memjabarkan tentang metode serangan yang disebut dengan “Covert Redirect” dan memperkenalkannya sebagai kerentanan atau … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Une faille dans l’intégration d’OAuth 2.0 et OpenID touche les acteurs du we

Un chercheur a trouvé une faille dans les spécifications des protocoles de sécurité OAuth 2.0 et OpenID qui affecte les grands acteurs du web.    Depuis la découverte de la faille Heartbleed, le monde du web se penche sur la … Continue reading

Posted in Computing Science, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Falha de segurança afeta logins de Facebook, Google e Microsoft

Um estudante de PHD de Singapura, Wang Jing, identificou a falha, chamada de “Covert Redirect”, que consegue usar domínios reais de sites para verificação de páginas de login falsas, enganando os internautas.   Os cibercriminosos podem criar links maliciosos para … Continue reading

Posted in Computer Technology, Web Application Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Alvorlig feil i utbredt innloggingssystem

Alvorlig feil i utbredt innloggingssystem Benyttes av Facebook, Google, Yahoo, LinkedIn, Microsoft og mange flere. Wang Jing, en doktorgradstudent ved Nanyang Technological University i Singapore, har oppdaget en alvorlig sårbarhet knyttet til autentiseringssystemene OAuth 2.0 og OpenID. Sårbarheten, som er … Continue reading

Posted in Computer & Web Technology, Web Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment