527 matches found
Twitter Enables Two-Factor Authentication
Responding to a wave of high-profile account takeovers in recent months, Twitter has implemented a phone-based two-factor authentication scheme that will require a numerical code along with a username and password when users log in to their accounts. The feature, known as login verification, is...
Microsoft Reportedly Adding Two-Factor Authentication to User Accounts
Microsoft reportedly will implement two-factor authentication on users’ accounts at some point down the line, according to reports this week. Microsoft fansite Liveside.net first reported about the company’s plans yesterday with a blog post that includes a handful of screenshots from the purporte...
Apple Adds Two-Factor Authentication to iTunes Accounts
Apple has introduced a new two-factor authentication system designed to help protect users’ iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users’ accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification...
Hacking Google users with Google's GooPass phishing attack
Google Drive is the new home for Google Docs, that users can access everywhere for Storing files safely. In a recent demonstration hacker successfully performed an attack on Google Docs to trick users to grab their Facebook, Gmail, Yahoo credentials with Credit Card Information. Security research...
APT1-Themed Spear Phishing Campaign Linked to China
Researchers at Seculert have discovered a link between spear phishing campaigns targeting Japanese and Chinese journalists, post-Mandiant’s APT1 report, and domains connected to the Aurora attacks on Google and the Shady RAT campaign. In particular, in the attacks against the Japanese, the malwar...
Twitter added DMARC support to prevent email phishing
Twitter announced via its blog today that it has begun using a new method called Domain-based Message Authentication, Reporting and Conformance DMARC to help prevent email phishing. DMARC is actually a standard for preventing email spoofing, in order to make it harder for attackers to send phishi...
Google Says Gmail Security Measures Have Reduced Account Hijacks By 99 Percent
Gmail accounts are high-priority targets for attackers of all stripes, particularly spam crews and state-sponsored attackers who use them to monitor the activities of activists and journalists. Hijacking those accounts can be quite useful for spammers and malware gangs as well, but Google said th...
Gmail warning Myanmar Journalists about State-sponsored attacks
Several Myanmar journalists have recently received warnings from Google that their Gmail accounts may have been targets of state-sponsored attacks. After they login to their Gmail accounts, warning message,"We believe state-sponsored attackers may be attempting to compromise your account or...
Gmail warning Myanmar Journalists about State-sponsored attacks
Several Myanmar journalists have recently received warnings from Google that their Gmail accounts may have been targets of state-sponsored attacks. After they login to their Gmail accounts, warning message,“We believe state-sponsored attackers may be attempting to compromise your account or...
Opera - security update to 12.11 (important)
Opera 12.11 is a recommended upgrade offering security and stability enhancements: -fixed an issue where HTTP response heap buffer overflow could allow execution of arbitrary code; -fixed an issue where error pages could be used to guess local file paths; see our advisory -fixed several issues...
CVE-2012-6313
The CVE-2012-6313 issue affects the WordPress plugin Simple Gmail Login (simple-gmail-login.php) prior to version 1.1.4. The root cause is an error path that occurs when a request lacks a valid timezone, causing a stack trace that discloses the installation path. This information disclosure could...
Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability
Application- Wordpress Plugin Simple Gmail Login Exploit - Stack Trace Error URL- http://wordpress.org/extend/plugins/simple-gmail-login/ Author- Aditya Balapure Link - http://adityabalapure.blogspot.in/ Description Once you have installed this plugin you can login to wp-admin using your ordinary...
Update on CVE assigned for Wordpress Plugin Simple Gmail Login
Application- Wordpress Plugin Simple Gmail Login Exploit - Stack Trace Error URL- http://wordpress.org/extend/plugins/simple-gmail-login/ Author- Aditya Balapure Link - http://adityabalapure.blogspot.in/ CVE Assigned- CVE-2012-6313. Description Once you have installed this plugin you can login to...
WordPress Plugin Simple Gmail Login - Stack Trace Information Disclosure
WordPress Plugin Simple Gmail Login - Stack Trace Information Disclosure source: https://www.securityfocus.com/bid/56860/info The Simple Gmail Login plugin for Wordpress is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may...
WordPress Plugin Simple Gmail Login - Stack Trace Information Disclosure
source: https://www.securityfocus.com/bid/56860/info The Simple Gmail Login plugin for Wordpress is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Simple Gmail Login 1.1.3 and prior are vulnerabl...
WordPress Simple Gmail Login Path Disclosure
Application- Wordpress Plugin Simple Gmail Login Exploit - Stack Trace Error URL- http://wordpress.org/extend/plugins/simple-gmail-login/ Author- Aditya Balapure Link - http://adityabalapure.blogspot.in/ CVE Assigned- CVE-2012-6313. Description Once you have installed this plugin you can login to...
WordPress Simple Gmail Login Plugin - Stack Trace Information Disclosure
WordPress Simple Gmail Login plugin is prone to an information disclosure vulnerability that allows an attacker to obtain sensitive information and in this way lead to further attacks. Solution Update the plugin...
Simple Gmail Login < 1.1.4 - FPD
The Simple Gmail Login WordPress plugin was affected by a FPD security vulnerability...
KMPlayer 3.3.0.33 - Multiple Vulnerabilities
KMPlayer 3.3.0.33 - Multiple Vulnerabilities Exploit Title: The KMPlayer v3.3.0.33 Multiple Vulnerabilities Date: October, 26, 2012 Discovered By: Mr.XHat Exploit Author: Mr.XHat E-Mail: Mr.XHat AT Gmail.com Vendor: http://www.kmplayer.com/ Version: 3.3.0.33 Tested On: WinXP SP3 EN Buffer Overflo...
German Police eavesdropping Facebook, Gmail, Skype Conversations
An eavesdropping tool allegedly used by the German government to intercept Skype calls is full of security problems and may violate a ruling by the country's constitutional court, according to a European hacker club. The information was released as part of a move towards financial transparency. T...