Security News
Researchers have discovered 14 new types of cross-site data leakage attacks against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari, Opera, among others. "The purpose of the same-origin policy is to prevent information from being stolen from a trusted website. In the case of XS-Leaks, attackers can nevertheless recognize individual, small details of a website. If these details are tied to personal data, those data can be leaked."
IT security researchers from Ruhr-Universität Bochum and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. These types of side-channel attacks are called 'XS-Leaks,' and allow attacks to bypass the 'same-origin' policy in web browsers so that a malicious website can steal info in the background from a trusted website where the user enters information.
Cannazon, one of the largest dark web marketplaces for buying marijuana products, shut down last week after suffering a debilitating distributed denial of service attack. The admins posted that message on November 23, 2021, and today, Cannazon went offline, allegedly forever.
VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client.
A high-severity security vulnerability in CloudLinux's Imunify360 cybersecurity platform could lead to arbitrary code execution and web-server takeover, according to researchers. Imunify360 is a security platform for Linux-based web servers that allows users to configure various settings for real-time website protection and web-server security.
Security researchers have checked the web's public key infrastructure and have measured a long-known but little-analyzed security threat: hidden root Certificate Authorities. You can be reasonably confident that your bank website is actually your bank website when it presents your browser with an end-user or leaf certificate that's linked through a chain of trust to an intermediate certificate and ultimately the X.509 root certificate of a trusted CA. Each browser relies on a trust store consisting of a hundred or so root certificates that belong to a smaller set of organizations.
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins. S/he then uploaded a webshell and modified the server code to intercept customer data."
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins. S/he then uploaded a webshell and modified the server code to intercept customer data."
Are these hacking services as abundant as rumored, or is the dark web full of scammers that are merely waiting to snatch the money of aspiring spies? Analysts at SOS Intelligence have searched the dark web for providers of SS7 exploitation services and found 84 unique onion domains claiming to offer them.
The past year in web app cybersecurity was anything but calm, and if predictions on the coming year from PerimeterX CTO Ido Safruti are accurate, it's going to be another year of struggles to protect web apps. Safruti predicts a 2022 in which custom-tailored malware, bot attacks and post-login fraud spike, causing leaders to finally confront the reality of online fraud: It varies greatly, is becoming more selective in its targets and is present everywhere from before login to well after a username and password are entered.