7 matches found
A week in security (September 26 – October 2)
Last week on Malwarebytes Labs: Why almost everything we told you about passwords was wrong Two new Exchange Server zero-days in the wild Local government cybersecurity: 5 best practices Optus data breach "attacker" says sorry, it was a mistake Fast Company hacked to send obscene and racist...
The NSA's Tips to Keep Your Phone From Tracking You
Plus: A Canon ransomware hack, a nasty Twitter bug, and more of the week's top security news...
X (Formerly Twitter): Creating malformed URLs via new line character in-between two URLs leads to misrepresented hyperlinks in Tweets/DMs
Summary When composing a tweet or a direct message it is possible to use a new line character %0d to seperate two URLs within the actual hyperlinking process, but not the URL displaying process. The new line character acts as an invisible character that disrupts the actual hyperlinking process,...
Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year
The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with. A bug in Twitter's API inadvertently exposed some users' direct messages DMs and protected tweets to unauthorized third-party app developers who weren't supposed to get...
This Week in Security News: Exposure and Susceptibility
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, a new report revealed that the Equifax breach had a larger impact than previously thought. In addition, The Senate Intelligence Committee...
Apple Yosemite operating system local to mention the right to: EXP length of not more than a Twitter-bug warning-the black bar safety net
Apple's latestoperating systemYosemite was broke a local mention the right vulnerability, the vulnerability is by the German security researcher Stefan Esser discovered and has been in OS X 10.10-10.10.4 version of the test is successful. If you want to fix the vulnerability, please upgrade to th...
Twitter Bug Allowed Apps to Access Direct Messages Without Permission
Social networking sites such as Twitter and Facebook have become not just communication hubs, but also authentication mechanisms for third-party sites. Many sites and Web applications allow users to sign in with their Facebook or Twitter credentials rather than registering, which is a nice...