Twitter, Microsoft, LinkedIn, Yahoo open to hijacking 

Twitter, Microsoft, LinkedIn, Yahoo open to hijacking

In Applications - By Darren Pauli, 22 March 2013 4:30 PM
Cookie cockup permits account takeover.
Spammers stole Yahoo Xtra contact lists: exec 

Spammers stole Yahoo Xtra contact lists: exec

In Messaging - By Darren Pauli, 11 February 2013 5:47 PM
Users smashed.
Mega security bugs detailed 

Mega security bugs detailed

In Web/client - By Darren Pauli, 11 February 2013 1:28 PM
Serious bugs found.
XSS attacks boomed 

XSS attacks boomed

In Applications - By SC Staff, 31 January 2013 9:40 AM
Cross-site scripting (XSS) and SQL injection attacks remain the most prominent cyber attack method.
Hacker nabs Yahoo! site backups 

Hacker nabs Yahoo! site backups

In Hackers - By Darren Pauli, 17 December 2012 8:32 AM
Finds website flaws.
Researcher owns blue chip managed service platforms 

Researcher owns blue chip managed service platforms

In Cloud - By Darren Pauli, 18 November 2012 1:06 AM
Zero day dropped at #Kiwicon.
Microsoft fixes twin XSS, issues new cert requirement 

Microsoft fixes twin XSS, issues new cert requirement

In Applications - By Danielle Walker, 13 September 2012 9:08 AM
Vulnerabilities aren't high-risk.
Website holes fall but xss still dominates 

Website holes fall but xss still dominates

In Applications - By SC Staff, 3 July 2012 1:23 PM
Five per cent of web sites vulnerable to XSS.
Menshn dismiss claims of major security flaws 

Menshn dismiss claims of major security flaws

In Web/client - By Dan Raywood, 26 June 2012 9:25 AM
Owner says don't publish 'spurious claims'.
Amazon's EC2, Eucalyptus hacked 

Amazon's EC2, Eucalyptus hacked

In Cloud - By Darren Pauli, 28 October 2011 2:33 PM
Customer accounts could be accessed.
Holes found in SonicWall god box 

Holes found in SonicWall god box

In Networks - By Darren Pauli, 5 October 2011 2:49 PM
Pen tests poke holes in NSA 4500.
Joomla! XSS turns users to admins 

Joomla! XSS turns users to admins

In Applications - By SC Australia Staff, 30 September 2011 8:58 AM
Affects versions up to 1.70
US uni warned, then hacked 

US uni warned, then hacked

In Hackers - By Darren Pauli, 8 September 2011 5:27 PM
Hacker warned of multiple cross site scripting vulnerabilities on uni site.
Kaspersky website vulnerable to XSS 

Kaspersky website vulnerable to XSS

In Web/client - By SC Australia Staff, 1 September 2011 7:36 PM
Reddit post outs flaw.
Skype XSS hole is harmless 

Skype XSS hole is harmless

In Applications - By Darren Pauli, 23 August 2011 10:04 AM
Exploit resembled another Skype attack.
Video details Android browser intercept flaw 

Video details Android browser intercept flaw

In Applications - By Darren Pauli, 4 August 2011 2:26 AM
Users must wait for Frozen Yoghurt fix.
Researchers spot security holes in McAfee website 

Researchers spot security holes in McAfee website

In Web/client - By Nicole Kobie, 30 March 2011 9:41 AM
Security firm says trio of vulnerabilities aren't serious
Firefox 4 aid to thwart web attacks, ad tracking 

Firefox 4 aid to thwart web attacks, ad tracking

In Web/client - By Angela Moscaritolo, 25 March 2011 10:59 AM
Mozilla catches up with IE9 for do-not-track ad feature.
Trojans still reigning in malware top 10 

Trojans still reigning in malware top 10

In Hackers - By Alvaro Guzman Bastida, 7 March 2011 11:52 AM
Trojan-based attacks continue to be the biggest malware treat, a report from GFI Software has shown.
RSA11: User-generated content threat to Twitter users 

RSA11: User-generated content threat to Twitter users

In Applications - By Dan Raywood, 21 February 2011 10:37 AM
Be careful what you tweet.
RSA11: Drive by download attacks get their P-plates 

RSA11: Drive by download attacks get their P-plates

In Web/client - By Dan Raywood, 21 February 2011 10:37 AM
State of website security worse than you may expect.
Security risk spotted on Qantas site 

Security risk spotted on Qantas site

In Web/client - By Brett Winterford, 30 November 2010 9:18 AM
Mysterious XSS vulnerability could be bad news.
Google-owned social network sees 400,000 users hit by XSS attack 

Google-owned social network sees 400,000 users hit by XSS attack

In Messaging - By Dan Raywood, 29 September 2010 1:01 PM
Attack on Orkut required no user interaction.
Vic highschooler sparks Twitter’s onMouseOver woes 

Vic highschooler sparks Twitter’s onMouseOver woes

In Messaging - By Liz Tay, 22 September 2010 3:49 PM
Javascript command used to distribute malware.
Twitter.com plagued with malware 

Twitter.com plagued with malware

In Messaging - By Brett Winterford, 22 September 2010 9:29 AM
Update: Microblogging site fixes flaw.
Researcher demonstrates Twitter XSS vulnerability  

Researcher demonstrates Twitter XSS vulnerability

In Applications - By Angela Moscaritolo, 25 June 2010 12:23 PM
Vulnerability could allow an attacker to take over users' accounts.
Microsoft to patch Internet Explorer XSS filter in June 

Microsoft to patch Internet Explorer XSS filter in June

In Applications - By Dan Raywood, 27 April 2010 2:17 PM
Malicious code injection possible.
Apache.org hit by targeted XSS attack 

Apache.org hit by targeted XSS attack

In Web/client - By Angela Moscaritolo, 14 April 2010 10:54 AM
Users advised to change their passwords.
Google patches XSS hole in Buzz 

Google patches XSS hole in Buzz

In Applications - By Angela Moscaritolo, 18 February 2010 12:07 PM
Common flaw strikes again.
Researcher demonstrates Pentagon XSS vulnerability 

Researcher demonstrates Pentagon XSS vulnerability

In Web/client - By Dan Kaplan, 9 December 2009 11:10 AM
Though users more at risk than data.
Disability site vulnerable to XSS attack 

Disability site vulnerable to XSS attack

In Web/client - By Dan Raywood, 10 November 2009 11:09 AM
Betsie under threat.
Reddit succumbs then cleans up from XSS attack 

Reddit succumbs then cleans up from XSS attack

In Applications - By Dan Kaplan, 29 September 2009 9:16 AM
Reddit is the latest Web 2.0 site to be slowed by a cross-site scripting attack.
Twitter among web apps affected by patched XSS bug 

Twitter among web apps affected by patched XSS bug

In Applications - By Dan Kaplan, 7 September 2009 3:46 PM
Flaw lies in "escaping code".
Twitter XSS vulnerability not yet fixed 

Twitter XSS vulnerability not yet fixed

In Messaging - By Angela Moscsaritolo, 27 August 2009 10:43 AM
Claims patch doesn't work.
XSS vulnerabilities discovered in Facebook, closed quickly 

XSS vulnerabilities discovered in Facebook, closed quickly

In Applications - By Angela Moscaritolo, 17 December 2008 9:34 AM
Researchers this week released proof-of-concept code for a number of cross-site scripting flaws on Facebook, but the social networking site said it closed the vulnerabilities ...
XSS vulnerability found in McAfee HackerSafe sites 

XSS vulnerability found in McAfee HackerSafe sites

In Web/client - By Sue, 1 May 2008 10:36 AM
For the second time this year, a security researcher has found websites certified as McAfee HackerSafe that contain vulnerabilities.
Microsoft Internet Explorer XSS vulnerabilty could attract phishers 

Microsoft Internet Explorer XSS vulnerabilty could attract phishers

In Web/client - By Dan Kaplan, 16 March 2007 6:29 AM
Microsoft's Internet Explorer 7 (IE7) is vulnerable to cross-site scripting that could allow attackers to spoof a trusted site to launch a phishing attack.
1
Sign up to receive SC Magazine email newsletters
   FOLLOW US...
Most Read