14 DAY TRIAL // Members of the TeamHav0k collective identified a major redirect vulnerability on an official Sony website. They discovered that the security hole on sony.net can be easily taken advantage of by attackers with a hidden agenda.
“This vulnerability is a critical one because an attacker could have it redirect to a ripped Sony phishing site and personal info will be easily obtained,” the hackers said.
We’ve contacted Sony and provided them with the information needed to address the issue, so stay tuned to find out if they plan on fixing it.
A few days ago, TeamHav0k also identified a cross-site scripting vulnerability on NASA’s Spaceplace subdomain with the aid of a hacker known as FastFive.
“This was found last week. A hacker by the name of "FastFive" requested the help of one of the TeamHav0k Members in figuring out if this subdomain of NASA was vulnerable to XSS or not, so with a little magic from the teams bag of XSS tricks he pulled it off finding yet another XSS in NASA,” a group spokesperson revealed.