HackerTrans
トップ新着トレンドコメント過去質問紹介求人

aviCC

no profile record

投稿

[untitled]

1 ポイント·投稿者 aviCC·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 aviCC·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 aviCC·3 年前·0 コメント

Ask HN: Print “Hello World” in Python/C/Bash without use W&numbers in your code

1 ポイント·投稿者 aviCC·3 年前·1 コメント

OAuth Flaw Exposed Social Media Logins to Account Takeover

bankinfosecurity.com
3 ポイント·投稿者 aviCC·3 年前·0 コメント

[untitled]

1 ポイント·投稿者 aviCC·3 年前·0 コメント

A New OAuth Vulnerability in a Framework Used in Hundreds of Websites

salt.security
9 ポイント·投稿者 aviCC·3 年前·1 コメント

Booking.com account takeover shows possible pitfalls in OAuth implementations

csoonline.com
11 ポイント·投稿者 aviCC·3 年前·1 コメント

Researchers took over Booking.com accounts using a legitimate Facebook link

4 ポイント·投稿者 aviCC·3 年前·1 コメント

[untitled]

1 ポイント·投稿者 aviCC·3 年前·0 コメント

コメント

aviCC
·2 年前·議論
Wow if that's true and affects more websites, then it's super cool and huge
aviCC
·2 年前·議論
And a link, if you want to read the official blog post: https://salt.security/blog/security-flaws-within-chatgpt-ext...
aviCC
·2 年前·議論
Technical details: "The plugin does not authenticate the request, which means that the attacker can insert another memberId (aka the victim) and get a code that represents the victim. With that code, he can use ChatGPT and access the GitHub of the victim."
aviCC
·3 年前·議論
Invest money on companies who want to improve our life
aviCC
·3 年前·議論
https://platform.intervee.io/

Provides practical challenges with guidance for graduates in various subjects including Linux, Network, Security, and more..

Computer Science can sometimes be theoretical and learning from practical example is a must.
aviCC
·3 年前·議論
Actually, the CVE-2023-283131 vulnerability was published with the full details just two days ago. In April Expo published a short post but without too much technical information. You can find more details about CVE-2023-283131 in the link I shared here:

https://salt.security/blog/a-new-oauth-vulnerability-that-ma....

Thank you for bringing up the distinction, and I agree that OpenID can help address some of the issues, but not all of them...
aviCC
·3 年前·議論
TLDR: A direct link to the interesting technical information: https://salt.security/blog/a-new-oauth-vulnerability-that-ma...
aviCC
·3 年前·議論
Original article: https://salt.security/blog/traveling-with-oauth-account-take...
aviCC
·3 年前·議論
https://salt.security/blog/traveling-with-oauth-account-take...

Video: https://youtu.be/IK_AV1UFS-0
aviCC
·3 年前·議論
This is the link to the research, you provided a link to Reddit: https://salt.security/blog/traveling-with-oauth-account-take...