Security Alerts & News
by Tymoteusz A. Góral

History
#956 Verizon patches serious email flaw that left millions exposed
Verizon fixed a critical flaw in its Verizon.net messaging system that permitted attackers to hack the email settings of other customers and forward email to any email account.

The flaw, found by Randy Westergren, a senior software developer with XDA Developers, impacted any of Verizon’s estimated 7 million FiOS subscribers who depended on their Verizon.net email accounts. Westergren initially reported the vulnerability to Verizon on April 14. The vulnerability was fixed by Verizon on May 12. Public disclosure of the flaw was Monday.

“I confirmed a very serious vulnerability: any user with a valid Verizon account could arbitrarily set the forwarding address on behalf of any other user and immediately begin receiving his emails — an extremely dangerous situation given that a primary email account is typically used to reset passwords for other accounts that a user might have, .e.g banking, Facebook, etc.,” Westergren wrote in a technical description of the vulnerability.
Read more
#958 Telegram calls claims of bug in messaging service bogus
#957 Is that email really from your boss? FBI warns fake CEO scams now $3.1bn crime
#956 Verizon patches serious email flaw that left millions exposed
#955 Microsoft June patch Tuesday fixes 44 vulnerabilities
#954 Hacker steals 45 million accounts from hundreds of car, tech, sports forums
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12