WTF.uzz

We come across so many links via social networking websites, and we unknowingly click many of these. The malicious links have catastrophic results and the system as well as yours privacy is either compromised or your data takes the hit. Here is one such analysis of a link dated 17.April.2012 that I came across via [...]

One of our readers, Farhan has discovered* that some of websites having PayPal portal for payment are vulnerable and can be exploited using simple JavaScript. The JavaScript bypasses the payment page and redirects the user to download page for products like software or eBooks. He has already informed the PayPal about this issue and they [...]

Rishi Narang, a security researcher and consultant, has discovered multiple vulnerabilities in LinkedIn (www.linkedin.com) which can enable an attacker to modify an account “without password”. Read information of this session management nightmare at www.wtfuzz.com or contact him at twitter (@rnarang) for further details.

I could see lots of people publishing this content on my wall, so felt to give it a shot to analyze. The link that is spreading a lot is www.stump.ws/rdgct7s. After analyzing this link, in a non-Facebook session, here is what it resolves to – www.1119999977u7.info. This page further redirects to www.2220000099×9.info. This page looks [...]

All the CXO, security enthusiasts know this term – Pentest (Penetration Testing). What is pentesting  and how has it evolved all these years? Is it catching up with the hackers of this century, or now this trend is just side tracked? Pentest as per Wikipedia, is a method of evaluating the security of a computer [...]