Cross-site Scripting (XSS)

Pierluigi Paganini November 23, 2020
TikTok fixed security issues that could have led one-click account takeover

TikTok has addressed a couple of security issues that could have been chained to led account takeover.  The first issue addressed by the social media platform is a reflected XSS security flaw that has been reported by the bug bounty hunter Muhammed “milly” Taskiran via the bug bounty platform HackerOne. The Cross-Site-Scripting flaw affected the company […]

Pierluigi Paganini December 03, 2015
3G/4G modems continue to be vulnerable

Researchers have conducted a series of tests on popular 3G/4G mobile modems (data dongles) and routers discovered an impressive number of serious flaws.  Sometimes old news came back threatening our cyber security, all because 3G/4G dongles keep in being as vulnerable as they were in the past. In the last report issued by the SCADA […]

Pierluigi Paganini December 16, 2013
Advanced Power hits Firefox Users to conduct vulnerability scanning

KrebsOnSecurity has discovered an unusual botnet that disguises itself as a legitimate add-on for Mozilla Firefox to perform website vulnerability scanning. Krebson security blog posted an interesting article on a new concerning botnet infected more than 12,500 systems disguises itself as a legitimate add-on for Mozilla Firefox to hack websites on a large scale.  The botnet, […]

Pierluigi Paganini July 31, 2013
Q2 2013 Superfecta report, constant increase for automated attacks

FireHost Secure cloud hosting company issued Q2 2013 Superfecta report that revealed a sharp increase in blended, automated attacks. FireHost announced the Q2 2013 Superfecta report, an interesting set of statistic related to attacks against web applications. The Superfecta is a group of four attack types considered by the FireHost Secure cloud hosting company as being the most […]