Jump to content

Showing results for tags 'flaw'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • The Consumer Forums: The Mall
    • Welcome to the Consumer Forums
    • FAQs
    • Forum Rules - Please read before posting
    • Consumer Forums website - Post Your Questions & Suggestions about this site
    • Helpful Organisations
    • The Bear Garden – for off-topic chat
  • CAG Community centre
    • CAG Community Centre Subforums:-
  • Consumer TV/Radio Listings
    • Consumer TV and Radio Listings
  • CAG Library - Please register
    • CAG library Subforums
  • Banks, Loans & Credit
    • Bank and Finance Subforums:
    • Other Institutions
  • Retail and Non-retail Goods and Services
    • Non-Retail subforums
    • Retail Subforums
  • Work, Social and Community
    • Work, Social and Community Subforums:
  • Debt problems - including homes/ mortgages, PayDay Loans
    • Debt subforums:
    • PayDay loan and other Short Term Loans subforum:
  • Motoring
    • Motoring subforums
  • Legal Forums
    • Legal Issues subforums

Categories

  • News from the National Consumer Service
  • News from the Web

Blogs

  • A Say in the Life of .....
  • Debt Diaries

Categories

  • The Youth Academy
    • The Youth Consumer Service
  • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location

Found 4 results

  1. By Graham Cluley on Jan 13, 2016 | It’s 2016, and it would be nice to think that after several years of doing business online, companies have got a better handle on how to protect their websites from attacks. I’m afraid I have depressing news for you. Many sites are continuing to make big mistakes. Well-known threats like cross-site scripting (XSS) attacks continue to challenge many websites, including household names. Take eBay, for instance. As Motherboard reports, a security researcher going by the name of MLT discovered a critical XSS flaw on eBay’s website in early December, which could allow malicious hackers to create fraudulent login pages and steal passwords. As far as the user is concerned, they have clicked on a link to the main ebay.com site and are being asked by eBay to enter their password. Even sceptical users who check the browser bar will probably be reassured that the password request is legitimate because they see ebay.com as the domain they are visiting. MLT has even produced a YouTube video demonstrating the XSS attack against eBay for non-believers, showing how simple it would be to trick users into handing over their passwords to hackers.
  2. By Graham Cluley on Jan 13, 2016 | 1 Comment It’s 2016, and it would be nice to think that after several years of doing business online, companies have got a better handle on how to protect their websites from attacks. I’m afraid I have depressing news for you. Many sites are continuing to make big mistakes. Well-known threats like cross-site scripting (XSS) attacks continue to challenge many websites, including household names. Take eBay, for instance. As Motherboard reports, a security researcher going by the name of MLT discovered a critical XSS flaw on eBay’s website in early December, which could allow malicious hackers to create fraudulent login pages and steal passwords. As far as the user is concerned, they have clicked on a link to the main ebay.com site and are being asked by eBay to enter their password. Even sceptical users who check the browser bar will probably be reassured that the password request is legitimate because they see ebay.com as the domain they are visiting. MLT has even produced a YouTube video demonstrating the XSS attack against eBay for non-believers, showing how simple it would be to trick users into handing over their passwords to hackers. Full article
  3. Dell admits security flaw was built into computers A security hole that could allow attackers to access users' personal data was inadvertently placed on Dell computers, the company has admitted. The hole represented a "profound security flaw" that could allow access to bank details and other personal data, experts said. Dell has issued guidance on removing the software that produced it. READ MORE HERE: http://www.bbc.co.uk/news/technology-34910649 This is the direct link to Dell article and removal instructions: http://www.dell.com/support/article/us/en/19/SLN300321
  4. There was a serious flaw in the software of BMW, Mini and Rolls Royce that come equipped with ConnectedDrive and affects some 2.2 million vehicles leaving them vulnerable. The flaw allowed the cars doors and windows to be open from a mobile phone. Researchers working for German automobile association ADAC discovered the security vulnerabilities and the potential for vehicles to be broken into last summer, but kept quiet about them. BMW have now uploaded a patch. If you are worried that your vehicle may not have received the update (perhaps because it has been parked in an underground car park or other places without a mobile phone signal, or if its starter battery has been disconnected) then you should choose “Update Services” from your car’s menu. The cars affected are: BMW 1 Series Convertible, Coupé and Touring (E81, E82, E87, E88, F20, F21) 2er Active Tourer, Coupé and Convertible (F22, F23, F45) 3 with Convertible, Coupe, GT, Touring and M3 (E90, E91, E92, E93, F30, F31, F34, F80) 4p Coupe, Convertible, Gran Coupe and M4 (F32, F33, F36, F82, F83) 5 Series GT and Touring (F07, F10, F11, F18) 6 Series Gran Coupe Convertible (F06, F12, F13) 7 Series (F01, F02, F03, F04) I3 (I01), I8 (I12) X1 (E84), X3 (F25), X4 (F26) X 5 (E70, F15, F85), X6 (E71, E72, F16, F86), Z 4 (E89) Mini Three-door and five-door hatchback (F55, F56) Rolls Royce Phantom Coupe and Drophead Coupe (RR1, RR2, RR3) Ghost (RR4) Wraith (RR5)
×
×
  • Create New...