WTF.uzz

One of our readers, Farhan has discovered* that some of websites having PayPal portal for payment are vulnerable and can be exploited using simple JavaScript. The JavaScript bypasses the payment page and redirects the user to download page for products like software or eBooks. He has already informed the PayPal about this issue and they [...]

Rishi Narang, a security researcher and consultant, has discovered multiple vulnerabilities in LinkedIn (www.linkedin.com) which can enable an attacker to modify an account “without password”. Read information of this session management nightmare at www.wtfuzz.com or contact him at twitter (@rnarang) for further details.

I could see lots of people publishing this content on my wall, so felt to give it a shot to analyze. The link that is spreading a lot is www.stump.ws/rdgct7s. After analyzing this link, in a non-Facebook session, here is what it resolves to – www.1119999977u7.info. This page further redirects to www.2220000099×9.info. This page looks [...]

All the CXO, security enthusiasts know this term – Pentest (Penetration Testing). What is pentesting  and how has it evolved all these years? Is it catching up with the hackers of this century, or now this trend is just side tracked? Pentest as per Wikipedia, is a method of evaluating the security of a computer [...]

Frankly speaking its been a long time since I switched to Firefox since my primary default browser is set to Chrome (oh yes! I am a chrome fan and supporter). But today, I decided to spent some time on Firefox bleeding edge version (4.0b11, latest till date). I am surprised that Firefox is trying to [...]