Report : PHP SuperGlobals are Vulnerable to Hackers

In the most recent Hacker Intelligence Initiative Report – “PHP SuperGlobals: Supersized Trouble“, Imperva analyses vulnerabilities found in the SuperGlobal parameters of the PHP platform, and finds that a multi-step attack requires a multi-layered application security solution. In addition to local and global scope variables, PHP has several predefined variables that are called SuperGlobals. These […]

Continue Reading

Facebook Vulnerability that Allowed any Photo to be Deleted Earns $12,500 Bounty

An Indian electronics and communications engineer who describes himself as a “security enthusiast with a passion for ethical hacking” has discovered a Facebook vulnerability that could have allowed for any photo on the site to be deleted without the owner’s knowledge. Arul Kumar, a 21 year old from Tamil Nadu, discovered that he could delete […]

Continue Reading

Android Malware Exploiting Google Cloud Messaging Service

Researchers have discovered a number of malicious Android apps are using Google’s Cloud Messaging (GCM) service and leveraging it as a command and control server to carry out attacks. A post on Securelist today by Kaspersky Lab’s Roman Unuchek, breaks down five Trojans that have been spotted checking in with GCM after launching. Trojan-SMS.AndroidOS.FakeInst.a Trojan-SMS.AndroidOS.Agent.ao […]

Continue Reading