Cross-site Request Forgery

Pierluigi Paganini January 31, 2014
Lack of auth in 3G/4G USB modems exposes control panels to hackers

Andreas Lindh has discovered serious vulnerabilities in an unknown number of 3G/4G USB modems that can be exploited by attackers for spear phishing attacks.  The researcher Andreas Lindh has discovered serious vulnerabilities in an unknown number of 3G and 4G USB modems that can be exploited by attackers to steal user’s credential. The expert has found a Cross Site […]

Pierluigi Paganini December 29, 2013
eBay XSRF flaw allows attacker to make unauthorized purchases

EBay website is vulnerable to XSRF (Cross-site request forgery) attack that would allow an attacker to hijack an account and make unauthorized purchases. A new flaw has been discovered in the official EBay website, the vulnerability allows an attacker to hijack an account and make unauthorized purchases from the victim’s account. The flaw is not […]

Pierluigi Paganini July 31, 2013
Q2 2013 Superfecta report, constant increase for automated attacks

FireHost Secure cloud hosting company issued Q2 2013 Superfecta report that revealed a sharp increase in blended, automated attacks. FireHost announced the Q2 2013 Superfecta report, an interesting set of statistic related to attacks against web applications. The Superfecta is a group of four attack types considered by the FireHost Secure cloud hosting company as being the most […]