Another major security vulnerability has been discovered that allows attackers to use malicious redirects that appear to be part of a legitimate site and appears as a pop-up asking for your login credentials. Many sites using popular login tools, OAuth and OpenID are facing enormous cost and complexity in preventing these malicious redirects.
Some of the sites affected are:
As with the Heartbleed bug, the widespread damage that can or has been potentially done will take months if not years to be fully revealed. Many of the providers simply do not have the motivation to implement the steps necessary to fix this problem.
Not just a motto but a principle put into practice into each of our solutions.
Be sure to like us on facebook if you enjoyed this blog