Man In The DOM (MiTD)

Categories
Injection, Projects, Uncategorized, Web Attacks

You are in the middle of an assessment , things are thick. SE is the only option but you are short on time. Users however are sloppy and the question begs to ask:   What’s the Worst that could happen on an unlocked screen for a few minutes? Well Take these pointers at hand: Users Leave […]

Can Phishers be more uncreative in 2015???

Categories
Uncategorized, Web Attacks

It has become a trend with the 4 phase phish : Identify a target Attack the site Upload phishing page Email and Harvest Well from the previous post we identified some flaws in the phishing attack but that’s 2014. It gets worse when phishers become this uncreative. The uncreativity was an attempt in one of […]

Business Continuity Failures

Categories
Uncategorized, Web Attacks, webdev

Everyone Loves Good Backup Systems to ensure in event of anything you are back to business ASAP. This however can be your biggest downfall if done wrong. As of Yesterday (2014-10-09),  WordPress Ready! Backup Plugin has this done wrong By Breaking two rules of the web: Logging Backup Process to a Web Viewable Interface on […]