Pacosite's Blog

Comunicaciones, Linux, Tecnología e Internet

ALPACA – the wacky TLS security vulnerability with a funky name

Posted on June 11, 2021 by Frank Cisco

Don’t panic – this isn’t another Heartbleed. But it’s a fascinating reminder of why doing things the easy way isn’t always the best way.

from Naked Security https://ift.tt/3zia7pL
via IFTTT

Details Emerge on How Gaming Giant EA Was Hacked

Posted on June 11, 2021 by Frank Cisco

Hacking group stole source code to FIFA 21 and the company’s Frostbite engine.

from Dark Reading: https://ift.tt/35auzLl
via IFTTT

Many Mobile Apps Intentionally Using Insecure Connections for Sending Data

Posted on June 11, 2021 by Frank Cisco

A new analysis of iOS and Android apps released to Apple’s and Google’s app stores over the past five years found many to be deliberately breaking HTTPS protections.

from Dark Reading: https://ift.tt/3vdvJjR
via IFTTT

Secure Access Trade-offs for DevSecOps Teams

Posted on June 11, 2021 by Frank Cisco

Thanks to recent advancements in access technologies, everyone can apply identity-based authentication and authorization and zero-trust principles for their computing resources.

from Dark Reading: https://ift.tt/3x6mYcO
via IFTTT

[webapps] WoWonder Social Network Platform 3.1 – Authentication Bypass

Posted on June 11, 2021 by Frank Cisco

WoWonder Social Network Platform 3.1 – Authentication Bypass

from Exploit-DB.com RSS Feed https://ift.tt/3czkonX
via IFTTT

[webapps] Zenario CMS 8.8.52729 – ‘cID’ Blind & Error based SQL injection (Authenticated)

Posted on June 11, 2021 by Frank Cisco

Zenario CMS 8.8.52729 – ‘cID’ Blind & Error based SQL injection (Authenticated)

from Exploit-DB.com RSS Feed https://ift.tt/3gcKnDK
via IFTTT

[webapps] Solar-Log 500 2.8.2 – Unprotected Storage of Credentials

Posted on June 11, 2021 by Frank Cisco

Solar-Log 500 2.8.2 – Unprotected Storage of Credentials

from Exploit-DB.com RSS Feed https://ift.tt/3whI8od
via IFTTT

[webapps] Solar-Log 500 2.8.2 – Incorrect Access Control

Posted on June 11, 2021 by Frank Cisco

Solar-Log 500 2.8.2 – Incorrect Access Control

from Exploit-DB.com RSS Feed https://ift.tt/3pGS601
via IFTTT

[webapps] Grocery crud 1.6.4 – ‘order_by’ SQL Injection

Posted on June 11, 2021 by Frank Cisco

Grocery crud 1.6.4 – ‘order_by’ SQL Injection

from Exploit-DB.com RSS Feed https://ift.tt/2TXpbJk
via IFTTT

[webapps] WordPress Plugin Database Backups 1.2.2.6 – ‘Database Backup Download’ CSRF

Posted on June 11, 2021 by Frank Cisco

WordPress Plugin Database Backups 1.2.2.6 – ‘Database Backup Download’ CSRF

from Exploit-DB.com RSS Feed https://ift.tt/3zjqWkd
via IFTTT