Microsoft Yammer Clickjacking – Exploiting HTML5 Security Features

 

Introduction:

Modern Web Applications nowadays are relaying on a lot of technologies where typical web applications vulnerabilities are hard to find (eg. Clickjacking is an ABC security bug) but bug hunters are always the best!

Yammer is a freemium enterprise social networking service used for private communication within organizations. Access to a Yammer network is determined by a user’s Internet domain so that only individuals with approved email addresses may join their respective networks.

Continue reading “Microsoft Yammer Clickjacking – Exploiting HTML5 Security Features”

Share

When your privacy disclosure is a “feature” not a “bug” – Badoo & HotorNot failure!

badoo10

Your privacy on the internet is the biggest concern ever and when it comes to “Dating websites” and “Social Networks” it means more and more!

Let me tell you a story of two websites that don’t respect yours and putting it on danger…

Continue reading “When your privacy disclosure is a “feature” not a “bug” – Badoo & HotorNot failure!”

Share

Web Application Security on Fire – PHP Developers Cheat Sheet version

Web Application Security on Fire – PHP Developers Cheat Sheet version


Hey!
Building a website? Or already built a one? Think twice before going public and let us protect your business!

Share

Facebook ClickJacking – How we put a new dress on Facebook UI

facebook-banner

Hi Bug Hunters,

Today we will explain how we redressed facebook ui and made it so easy to fool a victim to for example, Add the attacker as a member in one of his own secret groups on facebook.

Here’s some details about the issue:

Share

VoIP Security Analysis with Asterisk

fb-1
Adopting new technologies such as VoIP by small, medium and large companies,
isn’t only  about the benefit representing a decrease in costs, is about an risk increase exposure too,
which can be reflected in the payment of  large sums of money , because (national or international)
calls made by people outside the company.
Share