Fortnite Hacked Via Insecure Single Sign-On
Leaky Fortnite single sign-on mechanism could have allowed hackers to access game accounts. Source: www.threatpost.com
Vulnerabilities
IDenticard Zero-Days Allow Corporate Building Access, Location Recon
Multiple hardcoded passwords allow attackers to create badges to gain building entry, access video surveillance feeds, manipulate databases and more. Source: https://threatpost.com
Popular Web-Hosting Platform Bluehost Riddled with Flaws, Researcher Claims
He said that similar flaws were also found in the Dreamhost, HostGator, OVH and iPage web hosting platforms. Source: www.threatpost.com
Threatpost Poll: Can We Fix 2FA?
Take our short poll to weigh in on the state of two-factor authentication. Source: www.threatpost.com
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. Source: https://threatpost.com
ThreatList: WordPress Vulnerabilities Tripled in 2018
Despite fewer plugins being added to WordPress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018. Source: www.threatpost.com
Intel Patches High-Severity Privilege-Escalation Bugs
Overall, the chip giant patched five vulnerabilities across an array of its products. Source: www.threatpost.com
Shipping Firms Speared with Targeted ‘Whaling’ Attacks
Bad actors are imitating high-level executives in the shipping industry to launch BEC attacks that could lead to credential theft or worse – system compromise. Source: www.threatpost.com
Microsoft Issues Multiple Critical Patches for Edge Browser
Microsoft January Patch Tuesday roundup includes four critical patches for its Edge browser. Source: https://threatpost.com
Adobe Patches Important Bugs in Connect and Digital Edition
The update comes on the heels of critical fixes in an unscheduled patch last week. Source: www.threatpost.com