|
|
|
|
|
| Twitter and Google account vulnerabilities |
|
Search
|
|
|
|
Security News
|
|
 |
Mathew J. Schwartz, InformationWeek |
2010-08-27 14:11:17 |
Email and peer-to-peer networks also rank as significant venues for malware attacks, which have increased slightly in the U.S. but declined in Europe, according to Panda Security. |
|
 |
Hugo Jean, Heptacube Inc. |
2010-08-24 14:51:53 |
The motivation behind the $7.68 billion deal is unclear, but Intel says it wants to integrate computer security into its hardware. |
|
|
IT Directory
|
| Wiseleap Solutions Inc. | |
|
Founded in 2005, Wiseleap Solutions Inc.'s mission consists in providing companies with the information necessary to make cri [...]
|
| IT Ration Consulting Inc. | |
|
IT-Ration Consulting inc has been a NetSuite Partner since 2005 and helps your enterprise grow by aligning your Information T [...]
|
| HumanWare | |
|
Empowering People
Focused on enhancing the lives of people with visual and learning disabilities, HumanWare provide [...]
|
|
|
|
By Zeljka Zorz, Help Net Security
|
 |
|
2010-01-04 17:31:15
|
Nir Goldshlager, a security researcher and penetration tester, discovered some XSS vulnerabilities in Twitter and Google Calendar that can be exploited by attackers to steal cookies and session IDs - which could lead to a hijacking of accounts.
Another security issue is a vulnerability that allows HTML injection attacks with the intention of redirecting users to malicious sites.
According to eWeek, Twitter and Google were contacted and notified about these security issues, and while Twitter has already issued a fix, Google is still looking into the matter. In the meantime, they said that they don't think the danger is great.
"Trying to trick someone into copying unfamiliar, suspicious code into a Google Calendar text field is neither a likely attack vector nor one that we are seeing being exploited," they said.
|
|
Tags |
Calendar Google Twitter XSS |
