Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

Red Hat Pushes Forward with CentOS [VIDEO]

At the beginning of 2014, Red Hat embraced the community CentOS Linux distribution. It's a move that brought the clone of Red Hat Enterprise Linux (RHEL) closer into the Red Hat organization. In a video interview, Paul Cormier, EVP and President at Red Hat, details how the CentOS relationship has worked out over the course of 2014. Read more

FLOSS Works – Now It Has Salesmen

Canonical claimed 20 million PCs had shipped from OEMs in 2013/2014 with Ubuntu GNU/Linux. Read more

Contain yourself: The layman's guide to Docker

Welcome to the age of containerization, where an ecosystem led by startup Docker is leading IT organizations to ineffable peaks of efficiency, helping them scale their workloads ever-higher, and probably baking them a nice cake to boot (it's my birthday, I have cake on the brain, sue me). Microsoft, Google and Amazon Web Services are all tripping over themselves to make sure prospective customers know that their clouds are the place to be if you want to get the most from Docker. Read more

Contain yourself: The layman's guide to Docker

Welcome to the age of containerization, where an ecosystem led by startup Docker is leading IT organizations to ineffable peaks of efficiency, helping them scale their workloads ever-higher, and probably baking them a nice cake to boot (it's my birthday, I have cake on the brain, sue me). Microsoft, Google and Amazon Web Services are all tripping over themselves to make sure prospective customers know that their clouds are the place to be if you want to get the most from Docker. Read more