API Vulnerabilities Found on USPS Website Expose Private User Data

5 December 2018

A little over a year ago, an anonymous researcher pointed out a vulnerability on the USPS website that allowed site visitors to see users’ personal account info, including usernames and street addresses. Now, a year later, this vulnerability is finally being addressed by USPS, who cites an authentication API weakness on their website as the reason user information was made accessible to anyone.

Read full news article on Dzone

Date:

5 December 2018

Categorie(s):

NEWS

Tag(s):

Api, Customer Data, Found, Private, Security Pro, Tracking, User Data, Vulnerability, Websites

Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks6 May 2024
eBook: CISSP fundamentals in focus6 May 2024
These top cybersecurity firms are vital defenders against evolving digital threats in 20246 May 2024
Celebrating our 12th Anniversary at RSA conference 20245 May 2024
Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024