Archives
-
PenTest – What to look for?
Published Source (PenTest Magazine, June 2011): http://pentestmag.com/june-issue-what-should-you-look-for/ Vulnerabilities are increasing by leaps and bounds and any industry – technical or non-technical has to grow its security in sync or else, it is highly vulnerable and lucrative target. There is news of data loss, breaches every now and then. A rough estimate of the growth of [...]
Feb 24th, 2012 | Filed under PenTest -
Critical Vulnerability in PayPal
One of our readers, Farhan has discovered* that some of websites having PayPal portal for payment are vulnerable and can be exploited using simple JavaScript. The JavaScript bypasses the payment page and redirects the user to download page for products like software or eBooks. He has already informed the PayPal about this issue and they [...]
Jul 2nd, 2011 | Filed under Security -
LinkedIn SSL Cookie Vulnerability
Rishi Narang, a security researcher and consultant, has discovered multiple vulnerabilities in LinkedIn (www.linkedin.com) which can enable an attacker to modify an account “without password”. Read information of this session management nightmare at www.wtfuzz.com or contact him at twitter (@rnarang) for further details.
Tags: cookie, exploit, GST, hack, leo_auth_token, LIM, linkedin, narang, network, networking, POC, professional, research, rishi, rishi.narang, rishinarang, rnarang, security, session, ssl, twitter, vulnerability