Get a Pentest and security assessment of your IT network.

Cyber Security

Grindr fixed a bug allowing full takeover of any user account

Grindr has fixed a security flaw that could have allowed attackers to easily hijack any Grindr account if they knew the user’s email address. The vulnerability was discovered by French security researcher Wassime Bouimadaghene. The reset token generated when resetting an account’s password could be obtained using the web browser’s dev tools as it was leaked in the page response content. Grindr said they are working on making it easier for researchers to report such issues and that a new bug bounty program is in the works.

Source: https://www.bleepingcomputer.com/news/security/grindr-fixed-a-bug-allowing-full-takeover-of-any-user-account/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation