Lucene search
+L

129 matches found

threatpost
threatpost
added 2017/04/19 12:58 p.m.26 views

Patched Flaw in Bosch Diagnostic Dongle Allowed Researchers to Shut Off Engine

Two vulnerabilities were identified in Bosch’s Drivelog Connect OBD-II dongle and smartphone app that allowed researchers to shut off the engine of a vehicle. One of the issues was patched via server-side fix, Bosch said in an April 13 statement, while the other in the dongle itself will be handl...

0.9AI score
Exploits0References2
threatpost
threatpost
added 2017/02/02 12:33 p.m.8 views

Google Adds Security Key Enforcement to G Suite Apps

Google on Wednesday pumped more life into the use of physical keys as a second form of authentication when it added Security Key enforcement support to G Suite. Admins inside enterprises managing deployments of the suite of cloud-based productivity apps, formerly known as Google Apps, can now...

7AI score
Exploits0References4
thn
thn
added 2016/11/14 9:45 p.m.16 views

WhatsApp Adds​ ​2-Step Verification Passcode — Enable this Security Feature

WhatsApp has introduced a new security feature that fixes a loophole in the popular messaging platform, which if exploited, could allow an attacker to hijack victim's account with just knowing the victim's phone number and some hacking skills. The attack does not exploit any vulnerability in...

6.6AI score
Exploits0
threatpost
threatpost
added 2016/08/29 9:58 a.m.12 views

Dropbox Forces Password Reset for Older Users

Online storage service Dropbox began notifying users over the weekend that if they haven’t updated their password since 2012, they’ll be prompted to update it the next time they log into their account. The company claims the move is “purely a preventative measure” and stressed that there’s no pro...

0.4AI score
Exploits0References4
thn
thn
added 2016/06/22 12:59 a.m.21 views

Google makes 2-Factor Authentication a lot Easier and Faster

When it comes to data breaches of major online services like LinkedIn, MySpace, Twitter and VK.com, it's two-factor authentication that could save you from being hacked. Two-factor authentication or 2-step verification is an effective way to secure online accounts, but many users avoid enabling t...

7.1AI score
Exploits0
hackerone
hackerone
added 2016/03/21 7:41 p.m.279 views

Shopify: Bypassed password authentication before enabling OTP verification

When we enable Two step verification then shopify first ask for password then allow user to set OTP verification. Here i bypassed this password verification. Steps to reproduce the vulnerability. 1.To produce this vulnerability i created two account on shopify . For easy understand let give them...

0.4AI score
Exploits0
threatpost
threatpost
added 2016/03/21 1:20 p.m.24 views

Yahoo Deploys Passwordless Account Key Tool

In hopes of eliminating the password, at least on the company’s mobile apps, Yahoo on Friday deployed a stable version of its Account Key mechanism. The feature, essentially two-step authentication—without the first step—allows Yahoo users to log into the company’s Finance, Fantasy, Mail,...

7.2AI score
Exploits0References6
thn
thn
added 2016/02/17 4:34 a.m.11 views

Instagram Adds Two-Step Verification to Prevent Account from being Hacked

Hijacking an online account is not a complicated procedure, not at least in 2016. Today, Instagram confirmed that the company is in the process to roll out two-factor authentication for its 400 Million users. It is impossible to make your online accounts hack-proof, but you can make them less...

7.2AI score
Exploits0
thn
thn
added 2015/08/30 11:37 p.m.20 views

Here's How Iranian Hackers Can Hack Your Gmail Accounts

Hackers are getting smarter in fooling us all, and now they are using sophisticated hacking schemes to get into your Gmail. Yes, Iranian hackers have now discovered a new way to fool Gmail's tight security system by bypassing its two-step verification – a security process that requires a security...

7.4AI score
Exploits0
threatpost
threatpost
added 2015/08/24 8:31 p.m.13 views

Charlie Miller to Leave Twitter Security Team

Charlie Miller, one of the more respected and accomplished security researchers in the industry, is leaving Twitter’s security team after three years. Miller said on Monday that he is leaving the company at the end of this week and that he plans to announce his new job next week. Miller joined...

0.4AI score
Exploits0References5
hackerone
hackerone
added 2015/06/12 8:58 p.m.21 views

Automattic: Verification code issues for Two-Step Authentication

Hi there, I noticed two issues regarding the verification code that is sent to the phone as Two-Step Authentication for Wordpress accounts. I found out that verification code sent as SMS while enabling Two-Step Authentication can be reused infinitely for login. Issue1 The application does not...

0.9AI score
Exploits0
threatpost
threatpost
added 2015/06/11 10:0 a.m.12 views

Apple Moving to 2FA, Six-Digit Passcodes in iOS 9

With each new release of iOS, Apple has been improving the security of the mobile operating system, adding new features, inserting exploit mitigations, and taking away avenues for attack. In the forthcoming iOS 9.0 release, the company is continuing this movement with the addition of two-factor...

0.8AI score
Exploits0References3
threatpost
threatpost
added 2014/12/17 10:32 a.m.13 views

Google Adds Content Security Policy Support to Gmail

Google has added another layer of security for users of Gmail on the desktop, which now supports content security policy, a standard that’s designed to help mitigate cross-site scripting and other common Web-based attacks. CSP is a W3C standard that has been around for several years, and it’s bee...

6.7AI score
Exploits0References7
thn
thn
added 2014/10/24 10:29 p.m.31 views

Twitter Launches Digits – A Password Free Login Service For App Developers

There’s a good news for app developers. On Wednesday at Twitter’s first annual developer conference Flight, the company announced a new tool for developers which will allow users to log-in to mobile applications using their phone numbers rather than a traditional username and password combination...

7.1AI score
Exploits0
threatpost
threatpost
added 2014/10/14 10:28 a.m.19 views

Dropbox Denies Hack, Says 'Your Stuff is Safe'

Dropbox officials on Monday said that a large cache of usernames and passwords posted online and alleged to have come from the company’s users are not related to Dropbox customer accounts. A spate of media reports reported yesterday that attackers had stolen several million sets of credentials fr...

2.4AI score
Exploits0References2
seebug
seebug
added 2014/07/01 12:0 a.m.27 views

vBulletin Two-Step External Link Module 'externalredirect.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39597/info Two-Step External Link module for vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execut...

7.1AI score
Exploits0
thn
thn
added 2014/05/27 12:6 a.m.17 views

Apple Devices Hacked by 'Oleg Pliss', held to Ransom

From last few years Ransomware malwares are targeting Windows users Worldwide and experts predicted that it was just a matter of time until ransomware would hit mobile devices and other Desktop operating systems like Mac, iOS, Android etc. A Few weeks back we reported about a Ransomware malware...

7AI score
Exploits0
thn
thn
added 2014/04/18 9:25 p.m.26 views

Warning: Malware Campaign targeting Jailbroken Apple iOS Devices

A new piece of malicious malware infection targeting jailbroken Apple iOS devices in an attempt to steal users’ credentials, has been discovered by Reddit users. The Reddit Jailbreak community discovered the malicious infection dubbed as ‘Unflod Baby Panda’, on some jailbroken Apple iOS devices o...

6.9AI score
Exploits0
thn
thn
added 2014/03/20 12:47 a.m.8 views

EA Games website hacked; Phishing page hosted to steal Apple IDs

Recently we aware you about the tricky phishing scam targeting Google Docs and Google Drive, a similar phishing scam has been detected by the researchers targeting Apple users to steal users’ credentials. According to the researchers at Netcraft, a UK based security services company, the hackers...

7.5AI score
Exploits0
thn
thn
added 2014/02/18 12:45 a.m.17 views

Ultrasonic Password Security for Google Accounts

Does a Strong Password Guarantee you the Security of your Online Account? If yes, then you should once check out our 'Data breaches' section on the website. A Startup Company, SlickLogin has developed a technology that enables you to login into online accounts using Ultrasonic sound, instead of...

7AI score
Exploits0
Rows per page
Query Builder