Language Selection

English French German Italian Portuguese Spanish

Phishing flaw catches Xbox 360 site

Filed under
Microsoft
Security

Microsoft has patched a potentially dangerous flaw on its www.xbox360.com website after security experts warned the software giant of a cross-site scripting vulnerability which could be exploited by hackers to launch phishing attacks.

The vulnerability could be used by web criminals to gather personal and confidential information, such as email address, home address and credit card number, from innocent consumers wishing to pre-order Microsoft's forthcoming gaming console.

IT security firm Finjan Software said that it provided Microsoft with full technical details on 19 May, including proof-of-concept, in order to assist the company with the fix.

Within 12 hours of Finjan's report Microsoft had removed the flaw from its website, which is no longer exposed to this specific vulnerability.

Shlomo Touboul, chief executive and founder of Finjan Software, said: "This discovery is another example of our co-operation with Microsoft and other leading software vendors to fix vulnerabilities before they are exploited by the hacking community."

Source.

More in Tux Machines

Kernel Space/Linux

Distros for Games

  • Editorial: Valve have not abandoned SteamOS or Linux, things are looking pretty good
    To re-iterate something I've said every time: SteamOS was never, ever going to be an overnight success. New platforms generally take quite some time to make a difference, but SteamOS has already made a massive difference to Linux gaming.
  • Meet Manjaro Linux Gaming 16.06, an Arch Linux-Based Distro Designed for Gamers
    Today, May 30, 2016, we would like to introduce our Linux readers to an upcoming edition of the Arch Linux-based Manjaro Linux operating system designed for gamers. Meet Manjaro Linux Gaming, a special flavor of the popular Manjaro Linux distribution built on top of the latest Arch Linux technologies, using a highly customized Xfce desktop environment with a dark setup to make it easy on your eyes, and preloaded with some of the best open-source software for gamers.

Upcoming Linux Events

  • Join the Linuxing in London Event to Celebrate Linux, Here Are All the Details
    I recently had a quick chat with Linux evangelist Brian Byrne, known by many as Brian Linuxing, who invited me to an upcoming event that I want to tell you about in this short and painless blog entry. The event is called Linuxing in London, and it is the first of its kind for those who live in London, England, or surrounding areas. It is a Linux event for those who are curious about Linux as an operating system for their personal computers, but also for vendors who want to distribute a free OS with open-source software on their devices.
  • ContainerCon and LinuxCon Japan 2016 Events to Take Place July 13-15 in Tokyo
    The Linux Foundation, a non-profit organization, trying to promote Linux and the open source ecosystem among IT professional, computer manufacturers, and enterprises, announced two important upcoming Linux events. LinuxCon Japan 2016 and ContainerCon Japan 2016 are two of the most anticipated Linux conference events in Asia, promising to bring together top experts from all over the world, including, but not limited to kernel developers, system administrators, IT industry leaders, community managers, and last but not least users.

Parsix GNU/Linux 8.10 and 8.5 Receive the Latest Security Fixes, Update Now

A lot of good things are happening lately for the Debian-based Parsix GNU/Linux operating system, and the distribution's maintainers announced a few hours ago, May 29, 2016, the availability of new security fixes for supported releases. Both the stable Parsix GNU/Linux 8.5 "Atticus" and the upcoming Parsix GNU/Linux 8.10 "Erik" operating system have received important security fixes for various core components, including expat, libgd2, libndp, ImageMagick, libidn, jansson, IceDove, libarchive, QEMU, Wireshark, librsvg, WebSVN, libxstream-java, xerces-c, swift-plugin-s3, and atheme-services. Read more