Skip to main content

Airline, Myspace, Banks, Goverment Websites Vulnerable To Hackers

 


Cross Site Scripting (XSS) is currently the most common vulnerability in the world. This is vulnerability of some host which allows anyone to inject code/scripts into the page. The injected scripts could be html tags, javascript script, vbscript scripts.

A Hacker with virtual name 'Human mind cracker' expose similar vulnerabilities in some big and Important sites, like Israel airline, Myspace, MTV website, Sweden government, Bangladesh bank, Nasa subdomain, Brown University, Afghanistan government website and Rome government website.
In a pastebin note, hacker disclose the vulnerabilities and exact working links. These Cross Site Scripting existence is because of the lack of filtering engines to user inputs at websites, forms and web servers.

Most of the time readers thinks that XSS is a very minor bug and having very less impact. But if implemented in a better way, that can harm all the visitors who will visit infected site.


One of the biggest risk here is to the administrator of such vulnerable sites (that most obvious belongs to government agencies, banking departments, educational administrations) fris upon receiving an email with a script or link that will use the XSS vulnerability on the administrator and will steal his files/data/passwords/cookies.

We know that XSS combined with Social Engineering always perform best for an attacker. Technology is changing, and hacker attacks are getting more sophisticated but with our aim we are keep on trying educate maximum number of people via The Hacker News. Be in touch, Be regular, Be Safe !

Comments

Post a Comment

Popular posts from this blog

How has lockdown impacted Indian farmers?

How has lockdown impacted Indian farmers?             Generally compare to other sectors it's not major impacted by our Indian farmers but we acceptable minor impacts. Here we separate major two farming cultures one is mono farming culture another one poly farming culture. Mono farming :             The major impacts from our Indian farmer for monoculture. Here I have briefly explained what are the things we had faced our local farmers. Here I explain two different crops type: Daily crops : * We harvest more than 100-kilo grams daily crops like brinjal but we unable to sell those in local markets. * We are unable to reach urban markets. * We don't have enough transport facilities. * We unable buy require fertilizer and other complements * In the early stage we are facing manpower shortage but later it's not an issue. * We unable to do value-added products. * Waste is very high for somedays Se...
Post a Comment
Read more

How to use ng-href directive in AngularJS

ng-Href Directive                  ng-Href directive is hyper link markup to a text in angularJs. This hyperlink will change able to implement dynamic url {{hash}} value. Hash value to assign in a controller to happened user click event fire to assign dynamic url. This Value is undefined means it will return to 404 page. ng-Href directive Example  HTML:      <div ng-app="anchor">     <div ng-controller="anchorController">         <a ng-href="http://www.google.com" ng-click="show($event)">Anchor Tag</a>     </div>   </div> Javascript :  var anch = angular.module('anchor', []); anch.controller('anchorController',['$scope', '$window', function($scope, $window){     $scope.show = function(obj) {       $window.open(obj.target.href);     } }]); Result :  Dem...
4 comments
Read more

Google's Neverending Big Adventure

Google's Neverending Big Adventure   Why would Google want to send its Street View cameras into a vast crack in the Earth where there's nary a street to be found? It can't be as simple as "because it can." There must be some financial motive. Perhaps -- but monetization "is not how Google typically thinks about it," said tech analyst Greg Sterling. "This is part of the logic of Google's mission to map the real world in a complete way." In its ongoing effort to create the perfect map of the world at ground level, Google took a trek into the Grand Canyon this week. Although this is part of its Google Maps Street View project, there are of course no streets in the national park. Google Street View Product Manager Ryan Falor Google Street View Product Manager Ryan Falor controls the Trekker with his Android device. Earlier this month, Google announced that it had doubled the number of special collections in its Street View catalo...
1 comment
Read more