Friday, January 15, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

WordPress iOS app leaked authentication tokens

April 2, 2019
in Internet Security
WordPress iOS app leaked authentication tokens
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Thousands of WordPress sites hacked, redirected to tech support scams
Malicious code redirects users to tech support scams, some of which use new “evil cursor” Chrome bug.

Automattic, the company behind the WordPress.com blogging platform, said it fixed a bug in its official iOS application that might have exposed users’ account authentication tokens to third-party websites.

You might also like

Toyota slapped with $180 million fine for violating Clean Air Act

More than 10mil users installed Android apps that showed out-of-context ads

Xiaomi added to US list of alleged Communist Chinese military companies

“The issue created the potential of exposing security credentials to third-party websites, and only affected private websites with images hosted externally (e.g., with a service like Flickr) that are viewed or composed with the app,” the company said in an email it sent to its users this week.

“We’ve fixed the issue and released an updated version of the app to the App Store,” it said.

Automattic said no usernames and passwords were exposed, but only “security tokens that the app uses to communicate/authenticate with WordPress.com.”

This means that if a WordPress.com blog owner used the iOS app to create or edit a blog post that contained an image hosted on another site, then that site might have received the WordPress.com security token by accident.

There is now a danger that WordPress.com authentication tokens are presently recorded in server logs at various websites and online services, and that unethical website owners or employees might go looking for these tokens in their web server logs.

The value of these tokens is that they can be used to access a user’s WordPress.com account without a password.

Self-hosted WordPress sites are not impacted, as the open-source version uses its self-standing user system to grant users access to their sites, and not WordPress.com accounts.

Automattic did not reveal in-depth technical details, did not say how they discovered the leak, nor did they say how many users were impacted.

A copy of Automattic’s email is available below:

More data breach coverage:

Credit: Source link

Previous Post

MapR Brings tight integration with Kubernetes

Next Post

Machine learning eye exams aid neurological research

Related Posts

Toyota slapped with $180 million fine for violating Clean Air Act
Internet Security

Toyota slapped with $180 million fine for violating Clean Air Act

January 15, 2021
More than 10mil users installed Android apps that showed out-of-context ads
Internet Security

More than 10mil users installed Android apps that showed out-of-context ads

January 15, 2021
Xiaomi added to US list of alleged Communist Chinese military companies
Internet Security

Xiaomi added to US list of alleged Communist Chinese military companies

January 15, 2021
Security software maker Tufin soars on raised Q4 outlook
Internet Security

Security software maker Tufin soars on raised Q4 outlook

January 15, 2021
Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL
Internet Security

Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL

January 15, 2021
Next Post
Machine learning eye exams aid neurological research

Machine learning eye exams aid neurological research

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Toyota slapped with $180 million fine for violating Clean Air Act
Internet Security

Toyota slapped with $180 million fine for violating Clean Air Act

January 15, 2021
AI Research at Amazon: Brand Voice, Entanglement Frontier, Humor Recognition  
Artificial Intelligence

AI Research at Amazon: Brand Voice, Entanglement Frontier, Humor Recognition  

January 15, 2021
Machine Learning in Manufacturing Market 2020 Report Forecast By Global Industry Trends, Future Growth, Regional Overview
Machine Learning

Machine Learning in Manufacturing Market 2020 Report Forecast By Global Industry Trends, Future Growth, Regional Overview

January 15, 2021
More than 10mil users installed Android apps that showed out-of-context ads
Internet Security

More than 10mil users installed Android apps that showed out-of-context ads

January 15, 2021
Chief Data Scientist Seen as Bridging CTO to Business Managers 
Artificial Intelligence

Chief Data Scientist Seen as Bridging CTO to Business Managers 

January 15, 2021
Data Science and Machine Learning Service Market size and Key Trends in terms of volume and value 2020-2025
Machine Learning

Data Science and Machine Learning Service Market size and Key Trends in terms of volume and value 2020-2025

January 15, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Toyota slapped with $180 million fine for violating Clean Air Act January 15, 2021
  • AI Research at Amazon: Brand Voice, Entanglement Frontier, Humor Recognition   January 15, 2021
  • Machine Learning in Manufacturing Market 2020 Report Forecast By Global Industry Trends, Future Growth, Regional Overview January 15, 2021
  • More than 10mil users installed Android apps that showed out-of-context ads January 15, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates