Articles by 'Gotham'

By Gotham, Posted in Security

July 31, SC Magazine – (International) Ubuntu forums back online after attack analysis reveals XSS tactic. The Ubuntu user forums returned to service July 30 after an attacker accessed a moderator account, post announcements, and private messages. The attacker was believed to have used a cross-site scripting (XSS) attack to gain access. Source: http://www.scmagazineuk.com/ubuntu-forums-back-online-after-attack-analysis-reveals-xss-tactic/article/305321/ July 30, IDG News Service – (International) Bogus C... read more.

• August 01, 2013

By Gotham, Posted in Security

July 31, SC Magazine – (International) Ubuntu forums back online after attack analysis reveals XSS tactic. The Ubuntu user forums returned to service July 30 after an attacker accessed a moderator account, post announcements, and private messages. The attacker was believed to have used a cross-site scripting (XSS) attack to gain access. Source: http://www.scmagazineuk.com/ubuntu-forums-back-online-after-attack-analysis-reveals-xss-tactic/article/305321/ July 30, IDG News Service – (International) Bogus C... read more.

• August 01, 2013

By Gotham, Posted in Security

July 30, The Register – (International) Syrian Electronic Army hijacks Reuters’ Twitter feed. Members of the Syrian Electronic Army hacktivist group gained unauthorized access to the official Reuters Twitter account for a time July 29 and used it to tweet propaganda. Source: http://www.theregister.co.uk/2013/07/30/reuters_twitter_pwned/ July 30, Help Net Security – (International) Sharp increase in blended, automated attacks. Quarterly attack statistics from FireHost found that cross-site request forgery... read more.

• July 31, 2013

By Gotham, Posted in Security

July 30, The Register – (International) Syrian Electronic Army hijacks Reuters’ Twitter feed. Members of the Syrian Electronic Army hacktivist group gained unauthorized access to the official Reuters Twitter account for a time July 29 and used it to tweet propaganda. Source: http://www.theregister.co.uk/2013/07/30/reuters_twitter_pwned/ July 30, Help Net Security – (International) Sharp increase in blended, automated attacks. Quarterly attack statistics from FireHost found that cross-site request forgery... read more.

• July 31, 2013

By Gotham, Posted in Security

July 29, The Register – (International) Symantec slams Web Gateway back door on would-be corporate spies. Symantec issued an update for its Web Gateway appliances that closes several critical flaws that could allow remote code execution, cross-site scripting (XSS), and other malicious actions. Source: http://www.theregister.co.uk/2013/07/29/symantec_web_gateway_ vulns_fixed/ July 29, Threatpost – (International) Patch available for DoS vulnerability in BIND nameservers. The Internet Systems Consortium i... read more.

• July 30, 2013

By Gotham, Posted in Security

July 29, The Register – (International) Symantec slams Web Gateway back door on would-be corporate spies. Symantec issued an update for its Web Gateway appliances that closes several critical flaws that could allow remote code execution, cross-site scripting (XSS), and other malicious actions. Source: http://www.theregister.co.uk/2013/07/29/symantec_web_gateway_ vulns_fixed/ July 29, Threatpost – (International) Patch available for DoS vulnerability in BIND nameservers. The Internet Systems Consortium i... read more.

• July 30, 2013

By Gotham, Posted in Security

July 25, The Register – (International) LinkedIn snaps shut OAuth login token snaffling vulnerability. A software developer found and reported a vulnerability in LinkedIn’s customer help Web site that give out the OAuth token of the logged-in user, which could be used to potentially access profile information. The vulnerability was then fixed by LinkedIn. Source: http://www.theregister.co.uk/2013/07/25/linkedin_oauth_token_snaffling_vuln/ July 25, Associated Press; NBC News – (International) 5 charged in... read more.

• July 26, 2013

By Gotham, Posted in Security

July 25, The Register – (International) LinkedIn snaps shut OAuth login token snaffling vulnerability. A software developer found and reported a vulnerability in LinkedIn’s customer help Web site that give out the OAuth token of the logged-in user, which could be used to potentially access profile information. The vulnerability was then fixed by LinkedIn. Source: http://www.theregister.co.uk/2013/07/25/linkedin_oauth_token_snaffling_vuln/ July 25, Associated Press; NBC News – (International) 5 charged in... read more.

• July 26, 2013

By Gotham, Posted in Security

July 24, Softpedia – (International) Syrian Electronic Army hacks Viber, support page defaced. Members of the Syrian Electronic Army hacktivist group breached two minor systems belonging to Viber and defaced a support page. Viber stated that no sensitive information was stolen. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Hacks-Viber-Support-Page-Defaced-370529.shtml July 24, The Register – (International) Google Reader replacement ‘Old Reader’ crashes. RSS reader service The Old Reader... read more.

• July 25, 2013

By Gotham, Posted in Security

July 24, Softpedia – (International) Syrian Electronic Army hacks Viber, support page defaced. Members of the Syrian Electronic Army hacktivist group breached two minor systems belonging to Viber and defaced a support page. Viber stated that no sensitive information was stolen. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Hacks-Viber-Support-Page-Defaced-370529.shtml July 24, The Register – (International) Google Reader replacement ‘Old Reader’ crashes. RSS reader service The Old Reader... read more.

• July 25, 2013