Google Security Issue #1: Youtube CSRF Attack
Some of you may know that Google has started this vulnerability reward program. This is the first post in a series of 5 6 7 8 (so far) about the security issues discovered by me and submitted to Google...
View ArticleM-au pus in alta sala
Mai stiti cum Chrome e foarte rotund fiindca nu a fost hacuit? Posibil sa fie si din cauza ca se pregatesc din timp si arunca cu bani in cei care le raporteaza problemele de securitate. Cumva am reusit...
View ArticleGoogle Security Issue #3: Light CSRF on Google Analytics
Light meaning the damage is minor, but still a CSRF. You could delete all scheduled e-mails, this is how it used to work: If you go to Google Analytics->My Customization->Email. The following...
View ArticleLa device-uri mici, probleme mari
Se pare ca securitatea pe site-urile mobile nu este luata in serios chiar de toata lumea. Navigam frumos pe site-ul mobil al Realitatii, cand am dat peste o eroare care ii arata vulnerabili la cel mai...
View ArticleUn asa reportaj frumos
Mai rar am vazut. Andrei Udisteanu a realizat pentru emisiunea Din Interior, difuzata pe Digi 24, un reportaj despre securitate in IT. Integral se poate vedea aici:...
View ArticleAndroid Vulnerability: Install App Without User Explicit Consent
This vulnerability allows an app to install any number of apps with any type of permissions without user’s explicit consent. It is based on two things: You can install an app from Google Play using...
View Article