Showing posts with label Vulnerability. Show all posts
Showing posts with label Vulnerability. Show all posts
undefined undefined

XSS and Cookie Handling Vulnerabilities Identified on HTC Website, Allows Attacker to Hijack Account

16-year-old security researcher Thamatam Deepak has identified a number of three cross-site scripting (XSS) vulnerabilities and a cookie handling flaw on the website of world-renowned smartphone manufacturer HTC.The expert said the vulnerabilities – which affected pages such as product security, account information, and...
undefined undefined

Default Configuration Flaw in W3 Total Cache Exposes Tens of Thousands of Sites

W3 Total Cache, which boasts high-traffic sites like Mashable and Lockergnome among its users, has serious vulnerabilities, according to this post on the Full Disclosure list.The default setup – that is, when users simply choose “add plugin” from the WordPress catalogue – left cache directory listings enabled, according...
undefined undefined

Unpatched Java Vulnerability Exploited – Macs Infected With Flashback Malware

A Java vulnerability that hasn't yet been patched by Apple is being exploited by cybercriminals to infect Mac computers with a new variant of the Flashback malware, according to security researchers from antivirus firm F-Secure.Flashback is a computer Trojan horse for Mac OS that first appeared in September 2011. The first...
undefined undefined

Android Bug Allows Hackers to Install Malicious Code Without Warning

It's been more than a month since researchers reported two serious security vulnerabilities in Android, but so far there's no indication when they will be purged from the Google-spawned operating system that's the world's most popular smartphone platform.The first flaw allows apps to be installed without prompting users...