Hi Guys, Today we will discuss about a basic hunt of a reflected cross site vulnerability in SimpleRisk platform but first lets know some general details about the platform itself What is SimpleRisk? SimpleRisk is an open-source risk management system released under Mozilla Public License and used for risk management activities. It enables risk managers […]
Hi Guys, I hope you all are fine and doing well. Yes you read it right, We managed to find a vulnerability in a framework used to exploit vulnerabilities! “Today is me tomorrow will be you” 🙂 Today we will talk about a CSRF vulnerability affects the web application of both versions (Express, […]
Hi Folks, I’m not going to talk a lot about this issue because it’s a little bit trivial but it affects Godaddy’s parked domains redirector/processor.
Pic Source: zona3.mx/sites/default/files/Facebook-Messenger-iPhone-6.png This article was originally covered by Tom Spring of ThreatPost. On Tuesday, Seekurity Founder and Cyber Security Advisor, Mohamed A. Baset, published a proof-of-concept video demonstrating what he calls a Facebook flaw that allows an attacker to access audio or video files from Facebook servers and play them back. Facebook is dismissing […]
Introduction Before we start we need to explain some frequently mentioned terms which are: QR Code, SSO and Clickjacking. What is QR Code? QR code (abbreviated from Quick Response Code) is the trademark for a type of matrix barcode (or two-dimensional barcode) first designed for the automotive industry in Japan. A barcode is a […]
Hi Folks, Let me tell you the story about some typical vulnerabilities that was discovered by @Seekurity Team in BMW ConnectedDrive service which will allow any beginner attacker to hijack the whole service! . First what is BMW ConnectedDrive service? BMW ConnectedDrive – a technology packet full of services and apps that connects you closely to […]
RunKeeper is a GPS fitness-tracking app for iOS and Android with over 40 million users. First launched in 2008 by CEO Jason Jacobs with the help of “moonlighting engineers”. In late 2011 RunKeeper secured $10 million in a Series B financing, led by Spark Capital. In February, 2016, RunKeeper was acquired by ASICS.
Hi Folks, TopCode.com is a website where the most skilled top coders around the world are solving challenges, Competing and writing codes to achieve a specific tasks. Top high profile companies like (Facebook, Google, Twitter, etc..) are getting help from such websites in their recruitment process!
Introduction: Modern Web Applications nowadays are relaying on a lot of technologies where typical web applications vulnerabilities are hard to find (eg. Clickjacking is an ABC security bug) but bug hunters are always the best! Yammer is a freemium enterprise social networking service used for private communication within organizations. Access to a Yammer network is […]
Your privacy on the internet is the biggest concern ever and when it comes to “Dating websites” and “Social Networks” it means more and more! Let me tell you a story of two websites that don’t respect yours and putting it on danger…
Fiverr.com, a global online marketplace which provides a platform for people to sell their services for five dollars per job, is vulnerable to a critical web application vulnerability that puts its millions of users at risk. Fiverr raised $30 million in a third round of institutional funding to continue supporting the new version of its […]