Hello Everyone, I’m Seif Elsallamy an Application Penetration Tester at @Seekurity Today I will introduce to you beautiful readers a bug that we discovered in Twitter social network, We are going to go a bit deeper. This vulnerability was discovered back in 2018 and we decided to publish it as we were restricted to sharing […]
Hello Everyone, I’m Seif Elsallamy an Application Penetration Tester at @Seekurity First of all, this is a very old blog post (the issue was originally discovered back in 2017) but we thought it might be useful to publish it hope it helps someone else in their research. If you’re an Edge user you should be […]
IntroductionTelecommunications companies nowadays became huge enough to have millions of subscribers under its hood, those companies are doing their best to digitalize and revolutionize their online services to serve the needs of the mass subscribers, In a result of this digitalization process, many security weakness may appear which could affect the safety of customers data […]
Los gobiernos en México, tanto municipales, estatales o federales, tienen poco o nulo interés por la seguridad informática. Tras un trabajo de investigación, encontramos más de dieciséis sitios gubernamentales, vulnerados y que permanecen en el abandono o que sus administradores no se han dado cuenta que alguien los ha hackeado. Anteriormente Seekurity notificó a instancias […]
TL;DR A year ago we have been contacted by one of our clients from Middle east regarding looking for/implementing a payment processing solution for their own eCommerce solution and asked us to assist them in order to give them some candidates working in the same field in the middle east but we refused because our […]
Supp!, How are you guys! I hope you’re fine, I’m Seif Elsallamy (again) if you don’t remember me read my previous blog here: Stored XSS in the heart of the Russian email provider giant (Mail.ru) Before we go in depth, lets know What is Linkshim ?
Hi Guys, I am Ali Kabeel an Application Security Intern at Seekurity team. This is my first blog i hope you like it. In this blog post I will be mainly focusing on Business Logic vulnerabilities by offering some tips and tricks on how to abuse invitation systems using real-world examples from my Facebook Bug […]
2 months ago we have installed some servers in countries such as Germany and Singapore in which constantly we are receiving automated SSH bruteforce attacks trying to compromise the root user mainly from countries like China, Argentina, Brasil, Ecuador, Taiwan, Korea and India. After analyzing the traffic, we disabled the root user but hours later […]
Introduction Before we start we need to explain some frequently mentioned terms which are: QR Code, SSO and Clickjacking. What is QR Code? QR code (abbreviated from Quick Response Code) is the trademark for a type of matrix barcode (or two-dimensional barcode) first designed for the automotive industry in Japan. A barcode is a […]
Adopting new technologies such as VoIP by small, medium and large companies, isn’t only about the benefit representing a decrease in costs, is about an risk increase exposure too, which can be reflected in the payment of large sums of money , because (national or international) calls made by people outside the company.