Complete application ownage via Multi-POST XSRF
We had determined that the primary threat would be for a user to escalate privileges and access information from other accounts. In order to achieve this goal we concentrated on t…
Warning — Facebook Color Changer App is Just a Scam, Infects 10000 Users
The malicious app promises users to change the characteristic blue colour of Facebook’s header and interface to one of nine other colours including pink, purple, green, yellow, or…
Researcher Uncovers Vulnerability Oracle Data Redaction Security Feature
Data Redaction is one of the new Advanced Security features introduced in Oracle Database 12c. The service is designed to allow administrators to automatically protect sensitive d…
Attacks on ISP Networks allows to steal $83,000 from Bitcoin Mining pools
The researchers uncovered the theft of Bitcoin made with the use of bogus Border Gateway Protocol (BGP) broadcasts to hijack networks of at least 19 Internet service providers.
Critical Vulnerability Found in Popular WordPress Contact Form Plugin
A critical, remotely exploitable vulnerability has been found in a popular WordPress plugin that allows users to easily customize every aspect of the contact forms they embed into…