A researcher reported a cross-site request forgery vulnerability to eBay in August, and despite repeated communication from the online auction that the code has been repaired, the site remains vulnerable to exploit.
Browsing Tag: Web Application Security
The United States is no longer the most obese country in the world (thanks to Mexico), but it still ranks No.1 as the globally preeminent source of Web-based attacks, according to the Imperva Web Application Attack Report.
A widespread Ruby on Rails exploit has surfaced that builds a botnets of compromised servers via IRC. Developers are urged to apply a five-month-old patch for the bug.
Loose security protecting voice mailboxes at mobile carrier AT&T provided a key element necessary to successfully hack the Google Enterprise Apps account of tech firm CloudFlare, according to an account of the hack posted by CEO Matthew Prince.
A security compromise at Linode, the New Jersey-based Linux cloud provider, has warned customers that hackers breached a Web-based customer service portal used by the company and emptied the Bitcoin accounts of eight Linode customers. One Linode customer reports the theft of Bitcoins totalling around $14,000.
The whistle-blower Web site Wikileaks has published what it claims are the first of millions of internal e-mails taken from the Texas based strategic intelligence firm Stratfor.
The hacking group TeaMp0isoN claims to have compromised Web servers used by T-Mobile, and absconded with account information for company employees, including members of T-Mobile’s media team.
The website of Texas-based security and intelligence think tank, Stratfor, is back online with a newly designed site today after being hacked by the Anonymous Internet collective on December 25.
Microsoft said in a post on the Technet Web site that it plans to release seven security bulletins on Tuesday, fixing eight security holes in a variety of products. Among them will be a fix for a new class of software vulnerability – the “Security Feature Bypass,” which could be used by attackers to make other exploits more potent, Microsoft said.
A partial analysis of another massive leak of user passwords has again shone a light on the scourge of weak passwords used to protect sensitive data in online accounts, according to a report by The Tech Herald.