Security bugs reinfect financial giant’s website

Five months after Ameriprise Financial fixed a bug that could have helped
criminals steal user authentication credentials, the financial giant's website
is vulnerable again.

The flaw looks almost identical to one The Register reported in August. It
allows attackers to inject malicious code into official Ameriprise webpages that
steals user cookies. Websites often use such files to authenticate users before
giving them access to restricted content or services.

← Ранее Число кибератак на Facebook и Twitter в 2009 году утроилось

Далее → Product Watch: Security Scoreboard Goes Live

Далее по этой теме
Ранее по этой теме

Cisco bugs surrender control of building`s critical systems

Cisco Systems has warned of serious vulnerabilities in a device that connects a building'…

27.05.2010
2 мин на чтение
Backstreet`s Back: total destruction of the Backstreet Boys band

Salute, my dear admirer of the Backstreet Boys band! Today I will tell you an interesting…

05.02.2010
52 мин на чтение
Researchers to Demonstrate Database Man-in-the-Middle Attacks at Black Hat

Two researchers from Trustwave will demonstrate how a man-in-the-middle attack on Oracle …

12.04.2010
3 мин на чтение
Adobe`s New Privacy Feature For Flash Clashes With Online Fraud Detection

When Adobe releases Flash Player 10.1 in the next couple of months, users of the applicat…

05.05.2010
4 мин на чтение
Air colander: A tale about how one large wireless provider was hacked

Admit that "Wireless Internet in every home" is a very attractive slogan. It so…

06.09.2010
40 мин на чтение
Knocked-Out AOL: How The AOL Servers Were Hacked

AOL Corporation has always been a kind of honey pie for all possible kinds of hackers. Mi…

02.11.2010
50 мин на чтение

Serious web vuln found in 8 million Flash files

A security researcher has identified more than 8 million Adobe Flash files that make the …

23.12.2009
2 мин на чтение
User Authentication No Longer Thwarts Online Bank Thieves

Security measures such as the use of one-time passwords and phone-based user authenticati…

19.01.2010
1 мин на чтение
Internet Explorer exploit published online

An exploit for Internet Explorer was published online yesterday, showing signs of poor re…

23.11.2009
2 мин на чтение
MS knew of Aurora exploit four months before Google attacks

Microsoft first knew of the bug used in the infamous Operation Aurora IE exploits as long…

25.01.2010
3 мин на чтение
Symantec Japan website bamboozled by hacker

A Symantec-run website was vulnerable to Blind SQL Injection problems that reportedly exp…

24.11.2009
1 мин на чтение
JB Hi-Fi website served malware

JB Hi-Fi's website was redirecting customers to malicious web pages over the weekend in a…

01.12.2009
2 мин на чтение

Security bugs reinfect financial giant’s website

Cisco bugs surrender control of building`s critical systems

Backstreet`s Back: total destruction of the Backstreet Boys band

Researchers to Demonstrate Database Man-in-the-Middle Attacks at Black Hat

Adobe`s New Privacy Feature For Flash Clashes With Online Fraud Detection

Air colander: A tale about how one large wireless provider was hacked

Knocked-Out AOL: How The AOL Servers Were Hacked

Serious web vuln found in 8 million Flash files

User Authentication No Longer Thwarts Online Bank Thieves

Internet Explorer exploit published online

MS knew of Aurora exploit four months before Google attacks

Symantec Japan website bamboozled by hacker

JB Hi-Fi website served malware

Подпишись на наc в Telegram!

Из рубрики «Взлом»

Tunnels Nightmare. Используем провайдерские протоколы для пивотинга

HTB Pilgrimage. Повышаем привилегии через уязвимость в Binwalk

Абьюз сессий Windows по-новому. Получаем билеты TGT методом GIUDA

Большая охота. Практикуемся в Threat Hunting

Трюки

Фишинг в соцсетях. Как социальные сети помогают хакерам

Сделай мне красиво! Изобретаем персональный нейросетевой фотоувеличитель

Инструменты разведчика. Извлекаем данные из Instagram, Telegram, GitHub и других источников

Письмо с сюрпризом. Изучаем уловки и хитрости для доставки писем с малварью

Последние новости

Хак-группа Chimera более 2,5 лет сохраняла доступ к сети полупроводниковой компании NXP

Японское космическое агентство JAXA пострадало от хакерской атаки

Группировка Rare Wolf ворует данные с помощью фальшивых накладных «1С:Предприятие»

Уязвимость в ownCloud уже взяли на вооружение хакеры

Google срочно патчит в Chrome шестую уязвимость нулевого дня в этом году