Home » News » Vulnerabilities

Vulnerabilities

XSS flaw of Facebook is unpatched and explored for Wall posting

By Gina on March 30, 2011 | Vulnerabilities

XSS flaw of Facebook is unpatched and explored for Wall posting It was recently noted that unpatched XSS flaw in the mobile API version of Facebook has been used by cybercriminals for posting messages on user’s Walls. These rogue messages link victims to the website which exploits the vulnerability. This recent vulnerability has been exploited for some time; however, it spreads widely just now. Nowadays Indonesians have been targeted by various groups that use this flaw for their malicious intentions. Read more.

New Adobe vulnerability has no patch yet

By Gina on March 15, 2011 | Vulnerabilities

New Adobe vulnerability has no patch yet Critical Adobe flaw was found in a current version of Adobe Flash Player on all supported platforms. The flaw is connected exploited via the authplay.dll Flash Player integration. Vulnerability affected Flash Player installations, Adobe Reader and Acrobat as well. However, there is no effective cure for now which will help against the exploitation but it is recommended only to open reliable documents from trusted sources. Read more.

Critical Microsoft Windows flaw

By Gina on February 1, 2011 | Vulnerabilities

Critical Microsoft Windows flaw Microsoft Windows vulnerability was discovered. This flaw may allow hackers to conduct cross-site scripting (XSS) attacks. However, vulnerability is patched and hasn’t been used by the malicious people. Critical flaw is a result of misinterpretation of MHTML protocol handler that has influence with MIME-formatted requests for content that is designed with various blocks connected with each other through the document. Read more.

Adobes’s sandbox is not bulletproof

By Gina on January 7, 2011 | Vulnerabilities

Adobes’s sandbox is not bulletproof Recently, Billy Rios, a Google security researcher, published a method of how he had broken in Adobe's sandbox which was created to prevent attacks of hackers. Billy Rios explains his method of how he was able to bypass the local-with-file system sandbox in Adobe's Flash Player. Sandbox was designed to make harder for hackers to get users data to their systems. Sandbox method supposedly has to lock so-called SWF files that can‘t be located by hackers. Read more.

Gmail vulnerability exchange Google’s attention

By Gina on November 23, 2010 | Vulnerabilities

Gmail vulnerability exchange Google’s attention 21 year old Armenian hacker has found vulnerability in the Google Apps Script API that enabled Gmail addresses to be used in sending messages without user’s permission or knowledge. It has to be noted, that emails were send from legitimate Gmail addresses. The way of message is still unknown but the flaw is already fixed. An attack wasn’t malicious one. Read more.

1 | 2 | 3 | 4 | 5 | 6 | 7 Last »

News categories

Popular news