Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

FFmpeg 3.2.2 "Hypatia" Open-Source Multimedia Framework Released with 30 Fixes

Today, December 6, 2016, the development team behind the powerful, open-source, free, and cross-platform FFmpeg multimedia framework released a new maintenance update in the FFmpeg 3.2 "Hypatia" series. Read more

Ubuntu-Based BackBox Linux 4.7 Is Out with Kernel 4.4 LTS, Updated Hacking Tools

On December 6, 2016, the developers behind the Ubuntu-based, hacking-oriented BlackBox Linux operating system proudly announced the release of BackBox Linux 4.7. Read more

Doyodo RetroEngine Sigma is a Linux-powered classic video game emulation console

The Nintendo NES Classic is quite an amazing console. True, it is not as powerful as modern game systems like Xbox One and PlayStation 4, but it comes pre-loaded with many classic NES titles. Unfortunately, its strength is also its weakness -- those pre-loaded titles are the only games you can play. You cannot load other games, so you are stuck with what you got. Read more

LibreOffice 5.3 Beta 2 to Land Soon as Third Bug Hunting Event Is Held This Week

Today, December 6, 2016, The Document Foundation, through Italo Vignoli, was proud to announce the upcoming third bug hunting session for the LibreOffice 5.3 open-source office suite. Read more