L33tdawg: Video of their talk from #HITB2013AMS is available on YouTube.Products frequently follow a trajectory from customized prototypes to mass-produced goods, and -- when the market matures --... read more
Featured Slideshow
OAuth
Twitter OAuth feature can be abused to hijack accounts, researcher says
Submitted by l33tdawg on Mon, 2013-04-15 06:44
A feature in the Twitter API (application programming interface) can be abused by attackers to launch credible social engineering attacks that would give them a high chance of hijacking user accounts, a mobile application developer revealed Wednesday at the Hack in the Box security conference in Amsterdam.
- Read more about Twitter OAuth feature can be abused to hijack accounts, researcher says
- Log in or register to post comments
- 1281 reads
Do OAuth tokens sustain hacking attacks?
Submitted by l33tdawg on Fri, 2013-02-22 09:25
‘Tis the season to be hacked, I guess. Twitter joined a bunch of other companies in revealing that it was the target of a sophisticated attack that may have exposed the information for about 250,000 users. While the data that was allegedly exposed, including encrypted/salted versions of passwords, was not as bad as in some other attacks recently, Twitter did take some proactive measures in resetting passwords (and letting the users know that they need to set a new one) and revoking session tokens.
- Read more about Do OAuth tokens sustain hacking attacks?
- Log in or register to post comments
- 915 reads