Security experts from Imperva reported a new Facebook flaw that could have exposed private info of users and their friends A new security vulnerability has been reported in Facebook, the flaw could have been exploited by attackers to obtain certain personal information about users and their network of contacts. The recently discovered issue raises once again […]
An unpatched vulnerability in Magento platform could be exploited by hackers to compromise fully web servers that host the e-commerce sites. An unpatched vulnerability in the Magento e-commerce platform could be exploited by attackers to upload and execute malicious PHP scripts on web servers that host online shops. The vulnerability was reported by experts at […]
The Russian security tester Timur Yunusov has discovered critical flaw affecting routers and 3G and 4G mobile modems from Huawei, ZTE, Gemtek, and Quanta. The Russian security tester Timur Yunusov has discovered critical vulnerabilities affecting routers and 3G and 4G mobile modems from Huawei, ZTE, Gemtek, and Quanta. The security holes could be exploited by remote attackers […]
At the recent ShmooCon conference a researcher presented a LastPass phishing attack that could allow hackers to steal your password. We discussed several times the importance of password managers such as LastPass, but sometimes hackers could exploit them to launch their attacks. The security researcher Sean Cassidy has presented on Saturday at the ShmooCon hacker conference […]
The Egyptian security researcher Mohamed M. Fouad has spotted three critical vulnerabilities in the StarBucks website that open users to cyber attacks. If you are one of the millions StarBucks users don’t waste time and change your password as soon as possible. StarBucks users who have registered an account and linked their credit card to it […]
The security expert Egor Homakov from Sakurity firm has released the Reconnect tool that allows hackers to hijack accounts on sites that use Facebook logins. The security expert Security Egor Homakov has developed a hacking tool dubbed Reconnect that exploit a flaw in Facebook to hijack accounts on sites that use Facebook logins. Homakov, with works for […]
A young hacker disclosed the details of an attack that by exploiting a couple of flaws in Facebook allowed him to delete any comment on the social network. The 19-year-old hacker Joe Balhis has discovered the way to delete any comment on Facebook by leveraging a session validation flaw and a cross-site request forgery (CSRF) vulnerability. The expert highlighted that […]
Ubuntu has released several patches for security vulnerabilities in different versions of the OS, including some CSRF, DoS and remote code execution flaws. Ubuntu has patched several security vulnerabilities that affect different OSs, some of them are affecting Thunderbird client included in Ubuntu release and could be exploited to remotely run arbitrary code. Thunderbird is a popular Mozilla […]
A report issued by the China Software Testing Center revealed that 93 percent of Chinese websites are vulnerable to cyber attacks. Nearly 93 percent of 1,000 Chinese government websites under evaluation is affected by vulnerabilities and other security issues. The data is part of a study conducted by the China Software Testing Center under the Chinese […]
A CSRF (Cross-site request forgery) vulnerability affects the Fiverr.com website, millions users are potentially at risk. The Egyptian Information Security Evangelist, Mohamed Abdelbaset, reported to the colleagues of The Hacker News a serious CSRF (Cross-site request forgery) vulnerability on the popular Fiverr website. The Fiverr.com website is a marketplace where people offers their services for five dollars per […]