Softpedia

NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Softpedia News Mobile

Home > News > Tags > cross-site request forgery

Stories about: cross-site request forgery

Hackers Use Social Engineering to Obtain Facebook Security Tokens The Anti-CSRF tokens generated by Facebook and other websites that want to keep their customers protected are being targeted by cybercriminals who can use them to temporarily take over an account. Symantec researchers did a little digging on the matter and found a few cunning plots in which attackers try to dupe use...	28 October 2011 10:26 GMT

Security Updates Released for Ruby on Rails The Ruby on Rails project has released new security updates to address several serious vulnerabilities affecting the Web application development platform.The new 3.0.4 and 2.3.11 versions fix a total of four vulnerability of low and medium impact which facilitate cross-site scripting, cross-site request forgery (CSRF...	11 February 2011 02:27 GMT

CSRF Worm Released on Twitter A cross-site request forgery weakness in the Twitter API and the abuse of an external service led to another rapidly propagating worm on Twitter over the weekend.Overly curious Twitter users found themselves re-posting an embarrassing message about goats after clicking the included t.co shortened link.Unlike the cros...	27 September 2010 02:16 GMT

Critical CSRF Bugs Found in eBox and Snare eBox Technologies and the InterSect Alliance have released updates to their products, eBox Platform and Snare Agent, addressing critical cross-site request forgery (CSRF) vulnerabilities that could compromise the security of the systems.CSRF is a type of flaw, which exploits the inherent trust systems put into alread...	1 July 2010 05:08 GMT

Facebook Bug Exposes Users to Dangerous CSRF Attacks A security researcher exposed a serious security hole in Facebook, which gave attackers an easy way to force users into unknowingly executing various actions on their accounts. Attacks were reportedly still possible after Facebook announced that the problem was fixed. The issue, which renders Facebook's CSRF pr...	19 May 2010 11:03 GMT

Gmail Login Gets CSRF Protection Google has silently implemented cross-site request forgery protection for Gmail authentication. The new feature comes in the form of a unique token stored in a browser cookie and checked when the login request is submitted.Cross-site request forgery (CSRF) attacks involve tricking a browser to perform a request that ...	5 October 2009 09:46 GMT

Feasible Client-Side CSRF Token Brute Force Attack Revealed An application security researcher has devised a proof-of-concept attack capable of bypassing commonly used cross-site request forgery (CSRF) protections, such as assigning random tokens associated with the session. The complete attack leverages on an older technique of searching the browser's history via CSS. ...	20 July 2009 06:50 GMT

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use