Home Gareth Corfield

Author: Gareth Corfield (Gareth Corfield)

Post
Epic’s Fortnite fail: Ancient UT2004 server used for login-stealing proof-of-concept

Epic’s Fortnite fail: Ancient UT2004 server used for login-stealing proof-of-concept

A tale of XSS, SQL injection and OAuth implementation Crafty infosec bods exploited XSS vulns on dusty corners of Epic Games’ web infrastructure to steal Fortnite gamers’ login tokens and compromise their accounts – using a genuine Epic Games URL to phish their marks. Infosec biz Check Point discovered the XSS vuln, which, when combined...

Post

HPE Aruba’s 510 line of campus hotspots do 802.11ax. Which in plain English is Wi-Fi 6, duh

Of course they’ve crammed some AI in there too HPE Aruba today released a line of wireless hotspots supporting next year’s 802.11ax/Wi-Fi 6 standard – and then immediately sullied them by applying the AI marketing buzzword. The Aruba 510 access points, along with “complementary access switches”, support the long-in-the-pipeline Wi-Fi 6 standard. That standard was...