je.st

Home › flaw

Tag: flaw

School that expelled student hacker may have ignored 16-month-old security flaw

2013-01-22 23:07:45| InfoWorld: Top News

It's tough not to feel pangs of sympathy for Hamed Al-Khabaz, the 20-year-old aspiring computer scientist who was expelled from Dawson College after exposing a security flaw in the school's academic portal.

Tags: school security student hacker

Twitter flaw gave third-party apps unauthorized access to private messages, researcher says

2013-01-22 20:22:34| InfoWorld: Top News

Users who signed into third-party Web or mobile applications using their Twitter accounts might have given those applications access to their Twitter private "direct" messages without knowing it, according to Cesar Cerrudo, the chief technology officer of security consultancy firm IOActive.

Tags: private access messages gave

Major flaw in Java-based Spring Framework allows remote-code execution by attackers

2013-01-17 20:16:15| InfoWorld: Top News

There's a major flaw in the Java-based Spring Framework open-source development code that allows remote-code execution by attackers against applications built with it, according to the security firm Aspect Security, which identified the flaw. "It allows attackers to inject code," says Jeff Williams, CEO at Aspect Security. The weakness is in what's called the "expression language" function in the Spring Framework development code.

Tags: major spring framework execution

Cisco investigates reported Linksys router flaw

2013-01-16 14:10:49| InfoWorld: Top News

Cisco is investigating a reported vulnerability in Linksys firmware that would allow a hacker to gain full control of the wireless router. Security vendor DefenseCode discovered the flaw and reported it to Cisco "months ago." Because Cisco has yet to commit to a fix, DefenseCode plans to release details in a couple of weeks.

Tags: reported cisco router linksys