8 matches found
COVID-19 testing service in US exposes patients’ photos, passports
By Habiba Rashid COVID-19 testing service in the State of Utah stored passport scans and other highly personal data on unsecured Amazon S3 buckets. This is a post from HackRead.com Read the original post: COVID-19 testing service in US exposes patients photos, passports...
This One Time on a Pen Test: CSRF to Password Reset Phishing
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report...
This One Time on a Pen Test: I Know...Everything
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. It...
CVE-2018-9070
For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides ext...
This Week in Security News: HR and Heritage Hacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the details of 92 million accounts for MyHertitage were discovered on a private server outside of the company. Also, companies using service...
Common Admission Test (CAT) Site Hacked and this buzz makes IIMs website go offline !
The Indian Institutes of Management on Monday dismantled the web portal of their Common Admission Test CAT amid fears that some students managed to access their results in the 2010 CAT through the website ten days before schedule. The IIMs dismissed speculation that the CAT website "www.catiim.in...
www.eVuln.com : HTTP Response Splitting in Social Share
www.eVuln.com advisory: HTTP Response Splitting in Social Share Summary: http://evuln.com/vulns/168/summary.html Details: http://evuln.com/vulns/168/description.html -----------Summary----------- eVuln ID: EV0168 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low Type: HTT...
www.eVuln.com : "link" and "linkdescription" XSS in Social Share
www.eVuln.com advisory: "link" and "linkdescription" XSS in Social Share Summary: http://evuln.com/vulns/165/summary.html Details: http://evuln.com/vulns/165/description.html -----------Summary----------- eVuln ID: EV0165 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low...