Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect)

  Paypal Online Website OAuth 2.0 Covert Redirect (OpenIDconnect) Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: paypal.com   “PayPal is an American worldwide online payments system. Online money transfers serve as electronic alternatives to traditional paper methods… Continue Reading

LinkedIn Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  LinkedIn Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: linkedin.com   “LinkedIn /ˌlɪŋkt.ˈɪn/ is a business-oriented social networking service. Founded in December 2002 and launched on May 5, 2003, it is… Continue Reading

GitHub Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  GitHub Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)     (1) Domain: github.com   “GitHub is a web-based Git repository hosting service, which offers all of the distributed revision control and source… Continue Reading

Sina OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Sina OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)   (1) Domain: sina.com     “Sina (新浪) is a Chinese online media company for Chinese communities around the world. Sina operates four major business lines: Sina… Continue Reading

Continúan los problemas: OAuth y OpenID también son vulnerables

Un nuevo fallo de seguridad amenaza Internet. En este caso se trata de Covert Redirect y ha sido descubierto por un estudiante chino en Singapur. Las empresas tienen en sus manos solucionar este problema.     Cuando aún resuenan los… Continue Reading

Falha de segurança afeta logins de Facebook, Google e Microsoft

Um estudante de PHD de Singapura, Wang Jing, identificou a falha, chamada de “Covert Redirect”, que consegue usar domínios reais de sites para verificação de páginas de login falsas, enganando os internautas.   Os cibercriminosos podem criar links maliciosos para… Continue Reading

Alibaba Alipay Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Alibaba Alipay Online Website OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)     (1) Domain: alipay.com   “Alipay.com is a third-party online payment platform with no transaction fees. It was launched in China in… Continue Reading

Mail.ru Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Mail.ru Online Service OAuth 2.0 Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: mail.ru     “Mail.Ru Group (London Stock Exchange listed since November 5, 2010) is a Russian Internet company. It was started in… Continue Reading

Tencent QQ OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Tencent QQ OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)       (1) Domain: qq.com     “Tencent QQ, popularly known as QQ, is an instant messaging software service developed by Chinese company Tencent Holdings… Continue Reading

Sohu OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect)

  Sohu OAuth 2.0 Service Covert Redirect Web Security Bugs (Information Leakage & Open Redirect) (1) Domain: sohu.com   “Sohu, Inc. (Chinese: 搜狐; pinyin: Sōuhú; literally: “Search-fox”) is a Chinese Internet company headquartered in the Sohu Internet Plaza in Haidian District, Beijing.… Continue Reading