amazon.com.dnstree.com XSS vulnerability

On the 30.12.2017 security researcher reported a XSS vulnerability affecting the amazon.com.dnstree.com website via the Open Bug Bounty coordinated vulnerability disclosure program. Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitted via Open Bug Bounty| 30 Decembe...

amazon.com XSS vulnerability

Vulnerable URL: http://www.amazon.com/gp/kindle/kcpApp.html?ref=appleDirectW1=data:text/html;base64,PHNjcmlwdD5hbGVydCgvWFNTUE9TRUQvKTwvc2NyaXB0Pg== Details: Description| Value ---|--- Patched:| Yes, at 11.04.2015 Latest check for patch:| 11.04.2015 11:22 GMT Vulnerability type:| XSS Vulnerabilit...

CVE-2014-3908

CVE-2014-3908 affects the Kindle App for Android prior to version 4.5.0, which does not verify X.509 certificates from SSL servers. This insecure TLS validation can allow MITM attackers to spoof servers and obtain sensitive information via forged certificates. Public references from NVD/JVN confi...

Anonymous Claims Responsibility for Moneybookers Attack

Anonymous, a loosely affiliated group of Internet vigilantes, has claimed responsibility for various Internet attacks against organizations perceived as hostile to WikiLeaks. Today, the group sought to portray itself as more focused on symbolic protest rather than outright disruption. These claim...

Dutch Police Arrest 16-Year-Old for Pro-WikiLeaks Cyber Attacks

Dutch authorities announced the arrest of a 16-year-old hacker involved in the pro-WikiLeaks attacks on the websites of MasterCard and PayPal. The Dutch National Prosecutors Office reported that the teen, whose name was not disclosed, was arrested by a high-tech crime team last night. The arrest...

Malware-Spiked Spam Uses Amazon.com Lure

A currently spamvertised malware campaign is brand-jacking Amazon.com, in an attempt to trick end users into visiting a client-side exploits serving URL. Read the full article. ZDNet...