8 matches found
[update] American Airlines suffers data breach after phishing incident
Major airline American Airlines has fallen victim to a data breach after a threat actor got access to the email accounts of several employees via a phishing attack. According to a published notice of a security incident, the data breach was discovered in July 2022. How it happened American Airlin...
Airline Passenger Mistakes Vintage Camera for a Bomb
I feel sorry for the accused: The "security incident" that forced a New-York bound flight to make an emergency landing at LaGuardia Airport on Saturday turned out to be a misunderstanding -- after an airline passenger mistook another travelers camera for a bomb, sources said Sunday. American...
The Latest in Creepy Spyware
The Nest home alarm system shipped with a secret microphone, which -- according to the company -- was only an accidental secret: On Tuesday, a Google spokesperson told Business Insider the company had made an "error." "The on-device microphone was never intended to be a secret and should have bee...
americanairlines.de XSS vulnerability
Open Bug Bounty ID: OBB-322813 Description| Value ---|--- Affected Website:| americanairlines.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
americanairlines.com Open Redirect vulnerability
Vulnerable URL: https://www.americanairlines.com/utilities/AACruises.jsp?path=http:openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 55611 VIP website...
Sony PlayStation Network Taken Down By DDoS Attack
It’s been a bad weekend for Sony Playstation. The entire PlayStation Network was down much of the day after a dedicated distributed denial-of-service DDoS attack by online attackers, which left the network inaccessible to users. It's possible that EVE Online and Guild Wars 2 have also been hit by...
LivePerson Cross Site Scripting
Exploit Title: LivePerson Cross Site Scripting Date: 15.03.2012 Author: Sony Software Link: http://liveperson.com/ Google Dorks: inurl:/window/top.asp?site= or inurl:/window/main.asp?site= Web Browser : Mozilla Firefox Site : http://insecurity.ro PoC:...
American Airlines Local File Inclusion
American Airlines' domains have been vulnerable to Local file Include I wonder if anyone has flown free using this http://www.aa.com.do/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd...