tag:blogger.com,1999:blog-7296557409688326452.post7250927397419415874..comments2023-09-28T04:35:57.294-07:00Comments on Daily Life - Something Trivial , Something Small : Nytimes Covert Redirect Vulnerability Based on Google Doubleclickessayjeanshttp://www.blogger.com/profile/11019920613685827608noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-7296557409688326452.post-58741675125353020052014-10-03T05:30:43.990-07:002014-10-03T05:30:43.990-07:00http://it.people.com.cn/n/2014/0504/c1009-24969253...http://it.people.com.cn/n/2014/0504/c1009-24969253.html<br /><br /> 今晨,继OpenSSL漏洞后,开源安全软件再曝安全漏洞。新加坡南洋理工大学研究人员Wang Jing发现,Oauth2.0授权接口的网站存“隐蔽重定向”漏洞,黑客可利用该漏洞给钓鱼网站“变装”,用知名大型网站链接引诱用户登录钓鱼网站,一旦用户访问钓鱼网站并成功登陆授权,黑客即可读取其在网站上存储的私密信息。据悉,腾讯QQ、新浪微博、Facebook、Google等国内外大量知名网站受影响,360网络攻防实验室已紧急公布了修复方案,企业和个人用户均可通过360安全卫士防范该漏洞攻击。Anonymoushttps://www.blogger.com/profile/04711374055063504976noreply@blogger.com