Supermarket giant TESCO customers passwords and email details leaked online. Tesco has deactivated more than 2000 of its customers online accounts after their personal details were published on text sharing site Pastebin by some unknown hackers on Thursday, allowing access to online shopping accounts, personal details and Tesco Clubcard vouchers, reported by The Guardian. The security breach does not appear to have come from Tesco’s end though. The supermarket giant said the data must have been compiled by taking user
Security expert Ebrahim Hegazy, Cyber Security Analyst Consultant at Q-CERT, has found a serious vulnerability in Twitter. The Twitter Unrestricted File Upload Vulnerability allows an attacker to upload files of any extension including PHP. When an application does not validate or improperly validates file types before uploading files to the system, called Unrestricted File upload vulnerability. Such flaws allow an attacker to upload and execute arbitrary code on the target system which could result in execution of arbitrary HTML and script
Cyber Security Expert and Penetration tester, Ebrahim Hegazy has found a serious vulnerability in Yahoo’s website that allows an attacker to remotely execute any commands on the server i.e. Remote Command Execution vulnerability. According to Ebrahim blog post, the vulnerability resides in a Chinese subdomin of Yahoo website. Last week, He reported the flaw to Yahoo Security Team and also tip-off them of more threat. Yahoo remote command execution vulnerability fixed by Yahoo Security Team within a day after he reported.