A widespread Ruby on Rails exploit has surfaced that builds a botnets of compromised servers via IRC. Developers are urged to apply a five-month-old patch for the bug.
Browsing Tag: Web Application Security
Loose security protecting voice mailboxes at mobile carrier AT&T provided a key element necessary to successfully hack the Google Enterprise Apps account of tech firm CloudFlare, according to an account of the hack posted by CEO Matthew Prince.
A security compromise at Linode, the New Jersey-based Linux cloud provider, has warned customers that hackers breached a Web-based customer service portal used by the company and emptied the Bitcoin accounts of eight Linode customers. One Linode customer reports the theft of Bitcoins totalling around $14,000.
The whistle-blower Web site Wikileaks has published what it claims are the first of millions of internal e-mails taken from the Texas based strategic intelligence firm Stratfor.
The hacking group TeaMp0isoN claims to have compromised Web servers used by T-Mobile, and absconded with account information for company employees, including members of T-Mobile’s media team.
The website of Texas-based security and intelligence think tank, Stratfor, is back online with a newly designed site today after being hacked by the Anonymous Internet collective on December 25.
Microsoft said in a post on the Technet Web site that it plans to release seven security bulletins on Tuesday, fixing eight security holes in a variety of products. Among them will be a fix for a new class of software vulnerability – the “Security Feature Bypass,” which could be used by attackers to make other exploits more potent, Microsoft said.
A partial analysis of another massive leak of user passwords has again shone a light on the scourge of weak passwords used to protect sensitive data in online accounts, according to a report by The Tech Herald.
Recent data shows that the share of Web traffic in the U.S. that’s being viewed on the troubled Internet Explorer Version 6 browser has finally dropped beneath 1%, and nobody is happier about it than parent company, Microsoft, which launched a program to eradicate IE6 back in March, 2011.
A researcher at Kaspersky Lab is warning of a new scam that pastes racy photos to victims’ Facebook pages while forcing them to view Web-based advertisements promoted by the scammers.