Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

"user=admin". Sometimes you don't even need to log in., (Tue, Sep 30th)

published on 2025-09-30 15:02:21 UTC by
Content:
One of the common infosec jokes is that sometimes, you do not need to "break" an application, but you have to log in. This is often the case for weak default passwords, which are common in IoT devices. However, an even easier method is to tell the application who you are. This does not even require a password! One of the sad recurring vulnerabilities is an HTTP cookie that contains the user's username or userid.
Article: "user=admin". Sometimes you don't even need to log in., (Tue, Sep 30th) - published 4 days ago.

https://isc.sans.edu/diary/rss/32334   
Published: 2025 09 30 15:02:21
Received: 2025 09 30 15:14:04
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 2

Custom HTML Block

Click to Open Code Editor