Vulnerability in iPhone's iOS 7 allows to Bypass Lock Screen Security

Bypass Lock Screen Security

Hi, as you all know about the release of Apple's iOS 7. It has the most
interactive interface till now (well that's according to me), also rumors have spread that the interface of iOS 7 is almost similar to the Android. 

          

Vulnerability in Facebook discloses Primary Email Address of any account

When you sign up on Facebook, you have to enter an email address and that email address becomes your primary email address on Facebook.
In a recent disclosure by a Security researcher, Stephen Sclafani - The Social Networking site Facebook was  vulnerable to disclosure of primary email address of any Facebook user to hackers and spammers.

            

Hack Facebook Accounts Using OAuth Vulnerability

In recent few months White hat hacker Nir Goldshlager reported many critical bugs in Facebook OAuth mechanism, that allowed an attacker to hijack any Facebook account without user's interaction.

Another hacker 'Amine Cherrai' reported a new Facebook OAuth flaw, whose explotation is actually very similar to Nir Goldshlager's findings but with a new un-patched way.

Now, if you are aware about the vulnerability used against Facebook OAuth in redirect_url parameter in the URL, there is another way that Amine Cherrai found, to bypass the patch applied by Facebook security team.

He found another file on Facebook, that allow redirection to steal access_token of victim's accounts.
i.e http://facebook.com/connect/xd_arbiter.php?#&origin=http://facebook.com/”
Successful explotation once again allowed hacker to hijack Facebook accounts using OAuth Flaw.
Proof of concept:

http://facebook.com/dialog/oauth?client_id=350685531728&response_type=token&display=page&redirect_uri=http%3A%2F%2Ftouch.facebook.com%2Fconnect%2Fxd_arbiter.php%3F%23%21%2Fapps%2Fmidnighthack%2F%3F%26origin%3Dhttp%3A%2F%2Ffacebook.com%2F

 

Hope you guys found it useful.

If you have any doubts regarding the above 0day, please do mention it below in comments.

I will try to answer you as soon as possible.

Thanks

Critical Clickjacking vulnerability in Rediffmail

Critical Clickjacking vulnerability

Narendra Bhati, an Information security researcher from Sheogan Rajasthan, has identified a critical UI redressing vulnerability in the Rediffmail website - a web based e-mail service provided by Rediff.com

Rediff is the Number one Indian web portal that offers news, information, entertainment, and shopping. Rediff.com was the first website domain name registered in India in 1996.

The website allows other websites to include the iframe of Rediffmail page,

Persistent XSS vulnerability in Zendesk Support Ticket System

Persistent XSS vulnerability

An Information Security Researcher, Sukhwinder Singh, has identified a critical security flaw in one of the top Support ticket system provided by Zendesk.

The title field is vulnerable to Persistent Cross site scripting.   The researcher managed to create a ticket with this title : "><script>alert(/Sukhwinder Singh/)</script>.  

Even though the Developer of this app managed to sanitize the title before being displayed in the user end, he stored the title in the database without sanitizing.

The title is being sanitized every time it is being displayed in the page.  Unfortunately, they failed to remove the special characters before displaying the title in data-text attribute of Twitter_button code.

Samsung Galaxy S3 Lock screen bypass vulnerability

Lock screen bypass vulnerability

Following the partial bypass vulnerability in Note II, a new security flaw has been discovered that allows hackers to completely bypass lock screen on Samsung Galaxy S3 .
The bug was discovered by Sean McMillan and posted as Full disclosure in the Seclists mailing list.
The instruction provided by McMillan : How to bypass the Lock screen in galaxy S3
1) On the code entry screen press Emergency Call
2) Then press Emergency Contacts
3) Press the Home button once
4) Just after pressing the Home button press the power button quickly
5) If successful, pressing the power button again will
bring you to the S3's home screen

McMillan said that it can "take quite a few attempts to get this working, sometimes this method works straight away, other times it can
take more than 20 attempts." 

Two critical Zero-day exploits found within Java

Amazingly two, zero-day vulnerabilities have been found in the current version of Oracle’s Java Runtime Environment!, most of us would predict that it was just a matter of time before the vulnerabilities were weaponised.

Only hours after FireEye Malware Intelligence Lab researcher Atif Mushtaq disclosed his discovery of the vulnerabilities, proof-of-concept code appeared onlineand a module for Rapid7's popular exploit framework Metasploit was developed.