Cross-Site Request Forgery (CSRF). Remote Code Execution (RCE)

Pierluigi Paganini November 23, 2020
TikTok fixed security issues that could have led one-click account takeover

TikTok has addressed a couple of security issues that could have been chained to led account takeover.  The first issue addressed by the social media platform is a reflected XSS security flaw that has been reported by the bug bounty hunter Muhammed “milly” Taskiran via the bug bounty platform HackerOne. The Cross-Site-Scripting flaw affected the company […]

Pierluigi Paganini December 03, 2015
3G/4G modems continue to be vulnerable

Researchers have conducted a series of tests on popular 3G/4G mobile modems (data dongles) and routers discovered an impressive number of serious flaws.  Sometimes old news came back threatening our cyber security, all because 3G/4G dongles keep in being as vulnerable as they were in the past. In the last report issued by the SCADA […]