Threat Post

Session Fixation: The Forgotten Vulnerability?

In this video from the OWASP AppSec Research 2010 conference in Sweden, Michael Schrank, Bastian Braun and Martin Johns discuss the problem of session fixation and what can be done to solve it. In ...
ZDNet

Slack fixes vulnerability exploitable for session hijacking, account takeovers

A researcher fresh to the HackerOne bug bounty platform made their debut with a critical vulnerability in Slack that could be exploited for account takeovers. This form of attack tampers with the ...
ZDNet

Safari browser flaw: Session fixation attacks possible

Another day, another unpatched Safari browser vulnerability. According to this flaw warning found on the NVD (National Vulnerability Database), Apple's flagship browser is vulnerable to session ...
Threat Post

SAP Patches Critical HANA Vulnerability That Allowed Full Access

SAP patched a critical vulnerability in its cloud-based business platform HANA today that if exploited, could allow for a full system compromise, without authentication. SAP patched a series of ...
Security

Positive Technologies tech experts find vulnerabilities in Hirschmann switches that endanger industrial companies

April 27, 2018-- German vendor Hirschmann, a Belden company, has published information about fixes for five vulnerabilities in network switches used in energy, chemical manufacturing, transportation, ...