InfoSec Write-ups - Medium-- I was surfing in one of the famous online transportation applications and its PWA service. After a while I noticed a Critical vulnerability in Payment Gateway Module. So Let me explain the scenario.At the first step, You should enter your mobile number and then it sends an OTP to verify your … Continue reading Unlimited Balance in an Online Transportation Application Account
The Hacker News-- A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research. "This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of websites at once through supply chain attacks, … Continue reading Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers
The Hacker News-- The end of the year is coming, and it's time for security decision-makers to make plans for 2021 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2021 Security Plan PPT Template is built … Continue reading Build Your 2021 Cybersecurity Plan With This Free PPT Template
The Hacker News-- Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week. The rollout addresses flaws, 17 of which are rated as Critical, 93 are rated as Important, and two are rated Low in severity, … Continue reading Microsoft Releases Windows Security Updates For Critical Flaws
InfoSec Write-ups - Medium-- A forensic challenge from the Spanish II NATIONAL CYBERLEAGUE GCContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium
InfoSec Write-ups - Medium-- Directory Traversal | LXD | RCE | Weak passwordContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium
Latest Hacking News-- A new ransomware threat is around to disrupt the business sector. Identified as Pay2Key ransomware, the malware has already targeted New Pay2Key Ransomware Emerges As The Latest Threat For Organizations on Latest Hacking News. View original article on Latest Hacking News
KitPloit - PenTest Tools!-- Based on pywebfuzz, Py3webfuzz is a Python3 module to assist in the identification of vulnerabilities in web applications, Web Services through brute force, fuzzing and analysis. The module does this by providing common testing values, generators and other utilities that would be helpful when fuzzing web applications, API endpoints and developing … Continue reading Py3Webfuzz – A Python3 Module To Assist In Fuzzing Web Applications
Malwarebytes Labs-- Mozilla has issued a critical patch for Firefox, Firefox ESR, and Thunderbird after a security issue was discovered at the Tianfu Cup 2020 International Cybersecurity Contest The security issue has been assigned CVE-2020-26950 which has the “reserved” status. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) list—a … Continue reading Mozilla patches critical security issues in Firefox and Thunderbird
Hacker's Directory 