Entries in exploit (4)

Wednesday
Jan112017

Exploit shows autofill makes it easy to expose your credit card info on Chrome and Safari

Autofill on browsers are convenient. You input things once and then you’re all set every time. But the price you pay for that convenience could be that you’re giving away important personal data—like your credit card information. Viljami Kuosmanen, a hacker at Futurice, shared on Github and Twitter a simple exploit that makes it easy for malicious websites to rip you off based on the information you allowed to be saved as autofill on both Chrome and Safari.

Browsers will determine what type of information the site is looking for and then it’ll keep the rest. But hackers have a way to obscure certain text boxes and users wouldn’t even notice they’re being autofilled, especially when what’s being filled out is sensitive personal data (e.g. credit card info). A quick way to avoid this is to disable autofill on both browsers, you can head to chrome://settings and find it under Show Advanced Settings tab on Chrome or heading to Preferences on Safari and unchecking the boxes in the Autofill tab.

Source: Gizmodo

Friday
Nov142014

Apple issues statement on Masque Attack exploit

Apple has responded to the Masque Attack exploit which is a vulnerability within iOS which powers iPhones, iPads and iPod Touches. The exploit happens with websites, messages or emails luring users to install an app from a source other than the iOS App Store or their organisations’ system. The attack to succeeds when a user installs an untrusted app, such as one delivered through a phishing link.

Click to read more ...

Tuesday
Jul092013

Google plugs serious Android exploit, OEMs to issue fixes

There was a huge, gaping exploit that enabled hackers to enslave regular apps in the Play Store with malicious code. Well, it seems that Google has finally gotten around to patching this particularly problematic flaw and OEM partners are expected to push out updates to secure the millions of devices that are open to attack. Companies like Samsung and even custom ROM's like CyanogenMod have started pushing out updates to address the issue. As for the rest of Google' partners and carriers, only time will tell when they will update their customer's devices.

Thursday
Mar212013

Apple TV update 5.2.1 brings bug fixes and serves up increased security

Apple iOS devices have been the focus of various hacks and exploits of late and the Apple TV is no exception. Apple has provided the update 5.2.1 that brings various bug fixes and seals the exploit where some users can execute unassigned code. US users get a redesigned Hulu app but since we're in Canada, we don't know what Hulu is. For the full details on the update, check here.

Click to read more ...