Lucene search
K

19 matches found

ThreatPost
ThreatPost
added 2013/07/18 1:19 p.m.10 views

Tumblr Patches Password Sniffing Bug for iOS

Popular blogging platform Tumblr pushed out an emergency update to its iOS app yesterday, patching an apparent password sniffing bug that attackers may have been using to steal users’ logins and passwords. The update, version 3.4.1 on iOS addresses “an issue that allowed passwords to be compromis...

6.8AI score
Exploits0References3
The Hacker News
The Hacker News
added 2011/09/09 6:22 p.m.2 views

Google Web History vulnerable to new Firesheep Addon

Google Web History vulnerable to new Firesheep Addon Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim's Google Web History, a record of everything an individual has searched for. The core weakness discovered by the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/09/09 6:22 p.m.10 views

Google Web History vulnerable to new Firesheep Addon

Google Web History vulnerable to new Firesheep Addon Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim's Google Web History, a record of everything an individual has searched for. The core weakness discovered by the...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/17 1:13 p.m.7 views

Vulnerability in Google ClientLogin Protocol !

Vulnerability in Google ClientLogin Protocol ! A group of security and privacy researchers from the Institute of Media Informatics at Ulm University in Germany, is claiming to have discovered a serious security vulnerability in Google's ClientLogin protocol. In a recent analysis of the Android...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/03/17 1:0 p.m.12 views

Twitter offers encryption to beat hackers !

Twitter is offering users better protection from hackers with a new option to always use an encrypted connection to access its microblogging service. The measure is particulary designed to defend those who access Twitter via unsecured public Wi-Fi networks, which can make it easy for hackers to...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/03/03 7:14 p.m.10 views

Celebrity Ashton Kutcher Firesheep'd at TED Conference

High profile celebrity Ashton Kutcher had his Twitter account hijacked at the celebrity infested Technology, Entertainment, Design TED Conference, TED2011, in Long Beach, California, on Wednesday. Kutcher, best known for his role on the sitcom That 70’s Show and, later, as host of MTV’s Punk’d...

1.3AI score
Exploits0References7
The Hacker News
The Hacker News
added 2011/03/03 4:18 a.m.7 views

Ashton Kutcher's Twitter Account Hacked By Geek Activist !

Hey, look: Ashton Kutcher's Twitter account was hacked in the name of Internet justice. Someone broke into his account and tweeted the messages above. Judging from their message, they probably used the notorious "Firesheep" application, which makes it easy for anyone to hijack other people's...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2011/01/26 5:28 p.m.8 views

Facebook Kills Firesheep With New Secure Browsing Feature

Facing a wave of criticism for not offering a secured browsing option, Facebook has finally added a new feature to browse the popular social network on a secure connection https. However, the https:// browsing is not turned on by default and must be manually activated from an “Account Settings”...

6.8AI score
Exploits0References1
The Hacker News
The Hacker News
added 2010/12/01 8:21 a.m.12 views

HTTPS Everywhere : Another Tool to Protect from Firesheep !

HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. The EFF launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2010/11/09 10:19 p.m.113 views

FireSheep Fallout: Microsoft Adds HTTPS Option for Hotmail

Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. The company said on...

0.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2010/11/08 4:58 p.m.8 views

BlackSheep Plugin Bites Back: Detecting FireSheep Hijack Attempts

With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. The plug-in doesn’t protect users...

1.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2010/11/03 3:32 p.m.10 views

Creator Defends FireSheep: App Does More Good Than Harm

One of a pair of developers who created FireSheep, a Firefox browser plug-in that makes it easy to snoop on others’ social networking sessions, has written a blog post defending his creation, saying it has helped elevate discussion about security on the Web. In a post on his blog, Eric Butler, a...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2010/10/31 1:6 a.m.16 views

Firesheep – Social Network Session Stealing/Hijacking Tool

A huge wave has been made by this tool in the mainstream media this week as it makes session stealing/hijacking a click and go procedure. It was released at Toorcon 12 and is simply a Firefox Add-on. Stealing sessions/passwords and so on is something we've been able to do for a LONG time using...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2010/10/30 6:53 a.m.5 views

New Firefox add-on "Firesheep" - hijacks Facebook, Twitter sessions

A new Firefox add-on called "Firesheep," developed by Seattle-based freelance Web application developer Eric Butler, enables almost anyone to scan a Wi-Fi network and hijack others' access to popular services like Facebook, Twitter, and others. Butler unveiled Firesheep at the ToorCon security...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/10/29 7:51 p.m.69 views

To Combat Firesheep, Microsoft's Bing Looking Into SSL

Microsoft’s Bing is looking into SSL and other privacy settings for the next version of their search engine. Currently the site strips SSL when forced into HTTPS and in turn, brings up an advisory on browsers signaling an unsafe connection. Introduced at Toorcon, the Firefox extension allows...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2010/10/29 2:21 p.m.8 views

Week in Security: Toorcon and SecTor Wrap-up, Bugs and Stuxnet Stances

Autumn conferences grabbed the headlines this week as presentations at the Toorcon Conference in San Diego and SecTor in Toronto wrapped up October, with revelations about the vulnerability of social networking sessions and critical infrastructure headlining. In San Diego, talks at Toorcon came...

6.6AI score
Exploits0References14
ThreatPost
ThreatPost
added 2010/10/27 4:59 p.m.10 views

New FireSheep-Style Tool Hijacks Twitter Sessions

Days after researchers at the ToorCon Security Conference in San Diego released a tool to hijack insecure Web sessions on Facebook, iGoogle and Flickr, a developer has released a similar tool, dubbed “Idiocy” that does the same for insecure Twitter sessions. There’s a twist, though. Rather than...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2010/10/26 12:48 p.m.5 views

Pwning Just Keeps Getting More Fun

Exploit tools are the new point and shoot video games. If my grandma were alive, she could probably figure out how to install a Firefox plug-in and pwn all her nursing home friends on Facebook. Unfortunately, you can¹t say it’s getting easier to protect yourself on the Internet. If anything, it’s...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2010/10/25 12:46 p.m.20 views

Plugin, FireSheep, Lays Open Web 2.0 Insecurity

HED: New Tool, FireSheep, Lays Open Web 2.0 Insecurity DEK: The Browser Plug In Offers One Click Session Hijacking for Popular Social Networking Apps. Creators call for better session security. It’s no secret that Web sessions that use the bare HTTP protocol to transmit and receive data are...

0.3AI score
Exploits0References2
Rows per page
Query Builder