Monthly Archives: November 2014

Full Disclosure

[The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360

Posted by Pedro Ribeiro on Nov 09

Hi,

This is the 8th part of the ManageOwnage series. For previous parts see [1].

This time we have a file upload leading to remote code execution and a
blind SQL injection in ManageEngine OpManager, Social IT Plus and
IT360.
ManageEngine have released an emergency fix, see details in the
advisory below. The proper fixed version will be 11.5, which will come
out at the end of the year.

I had already released a Metasploit exploit for RCE back in…

Panda Security

How to strengthen the security of your Twitter account

twitter-security

Like Facebook and Gmail, Twitter also lets you strengthen the security of your account through the session login procedure.

This way, you can prevent unauthorized access to your account as in order to enter, you will need a code that Twitter sends to the phone number you provide.

Here we tell you step-by-step how to activate this feature.

How to strengthen access verification in Twitter

The first thing you have to do is go to your Twitter account. Go to “Settings” and from there, go to “Security and Privacy”.

twitter-settings

twitter-security-privacy

There, select “Send login verification requests to my phone”.

twitter-send-login

Then add the telephone number that you want the code to be sent to. The logical thing is to include the number of the phone that you usually carry around with you.

twitter-mobile

Twitter will immediately send you an SMS with a code that you’ll have to enter here.

twitter-code

And once you have done that, you’re finished!

twitter-phone-activated

So as you can see, it’s easy to boost security in Twitter. So will you do it?

The post How to strengthen the security of your Twitter account appeared first on MediaCenter Panda Security.