19 matches found
Tumblr Patches Password Sniffing Bug for iOS
Popular blogging platform Tumblr pushed out an emergency update to its iOS app yesterday, patching an apparent password sniffing bug that attackers may have been using to steal users’ logins and passwords. The update, version 3.4.1 on iOS addresses “an issue that allowed passwords to be compromis...
Google Web History vulnerable to new Firesheep Addon
Google Web History vulnerable to new Firesheep Addon Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim's Google Web History, a record of everything an individual has searched for. The core weakness discovered by the...
Google Web History vulnerable to new Firesheep Addon
Google Web History vulnerable to new Firesheep Addon Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim's Google Web History, a record of everything an individual has searched for. The core weakness discovered by the...
Vulnerability in Google ClientLogin Protocol !
Vulnerability in Google ClientLogin Protocol ! A group of security and privacy researchers from the Institute of Media Informatics at Ulm University in Germany, is claiming to have discovered a serious security vulnerability in Google's ClientLogin protocol. In a recent analysis of the Android...
Twitter offers encryption to beat hackers !
Twitter is offering users better protection from hackers with a new option to always use an encrypted connection to access its microblogging service. The measure is particulary designed to defend those who access Twitter via unsecured public Wi-Fi networks, which can make it easy for hackers to...
Celebrity Ashton Kutcher Firesheep'd at TED Conference
High profile celebrity Ashton Kutcher had his Twitter account hijacked at the celebrity infested Technology, Entertainment, Design TED Conference, TED2011, in Long Beach, California, on Wednesday. Kutcher, best known for his role on the sitcom That 70’s Show and, later, as host of MTV’s Punk’d...
Ashton Kutcher's Twitter Account Hacked By Geek Activist !
Hey, look: Ashton Kutcher's Twitter account was hacked in the name of Internet justice. Someone broke into his account and tweeted the messages above. Judging from their message, they probably used the notorious "Firesheep" application, which makes it easy for anyone to hijack other people's...
Facebook Kills Firesheep With New Secure Browsing Feature
Facing a wave of criticism for not offering a secured browsing option, Facebook has finally added a new feature to browse the popular social network on a secure connection https. However, the https:// browsing is not turned on by default and must be manually activated from an “Account Settings”...
HTTPS Everywhere : Another Tool to Protect from Firesheep !
HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. The EFF launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection...
FireSheep Fallout: Microsoft Adds HTTPS Option for Hotmail
Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. The company said on...
BlackSheep Plugin Bites Back: Detecting FireSheep Hijack Attempts
With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. The plug-in doesn’t protect users...
Creator Defends FireSheep: App Does More Good Than Harm
One of a pair of developers who created FireSheep, a Firefox browser plug-in that makes it easy to snoop on others’ social networking sessions, has written a blog post defending his creation, saying it has helped elevate discussion about security on the Web. In a post on his blog, Eric Butler, a...
Firesheep – Social Network Session Stealing/Hijacking Tool
A huge wave has been made by this tool in the mainstream media this week as it makes session stealing/hijacking a click and go procedure. It was released at Toorcon 12 and is simply a Firefox Add-on. Stealing sessions/passwords and so on is something we've been able to do for a LONG time using...
New Firefox add-on "Firesheep" - hijacks Facebook, Twitter sessions
A new Firefox add-on called "Firesheep," developed by Seattle-based freelance Web application developer Eric Butler, enables almost anyone to scan a Wi-Fi network and hijack others' access to popular services like Facebook, Twitter, and others. Butler unveiled Firesheep at the ToorCon security...
To Combat Firesheep, Microsoft's Bing Looking Into SSL
Microsoft’s Bing is looking into SSL and other privacy settings for the next version of their search engine. Currently the site strips SSL when forced into HTTPS and in turn, brings up an advisory on browsers signaling an unsafe connection. Introduced at Toorcon, the Firefox extension allows...
Week in Security: Toorcon and SecTor Wrap-up, Bugs and Stuxnet Stances
Autumn conferences grabbed the headlines this week as presentations at the Toorcon Conference in San Diego and SecTor in Toronto wrapped up October, with revelations about the vulnerability of social networking sessions and critical infrastructure headlining. In San Diego, talks at Toorcon came...
New FireSheep-Style Tool Hijacks Twitter Sessions
Days after researchers at the ToorCon Security Conference in San Diego released a tool to hijack insecure Web sessions on Facebook, iGoogle and Flickr, a developer has released a similar tool, dubbed “Idiocy” that does the same for insecure Twitter sessions. There’s a twist, though. Rather than...
Pwning Just Keeps Getting More Fun
Exploit tools are the new point and shoot video games. If my grandma were alive, she could probably figure out how to install a Firefox plug-in and pwn all her nursing home friends on Facebook. Unfortunately, you can¹t say it’s getting easier to protect yourself on the Internet. If anything, it’s...
Plugin, FireSheep, Lays Open Web 2.0 Insecurity
HED: New Tool, FireSheep, Lays Open Web 2.0 Insecurity DEK: The Browser Plug In Offers One Click Session Hijacking for Popular Social Networking Apps. Creators call for better session security. It’s no secret that Web sessions that use the bare HTTP protocol to transmit and receive data are...