Browsing tag
A group of web application security testing experts has released a new version of the tool to remove the encryption imposed by the GandCrab ransomware; according to experts, this new tool could help millions of encryption malware victims unlock their files without having to negotiate a ransom with hackers. GandCrab is one of the most […]
Web application security test specialists published a report detailing a new uncorrected vulnerability in the Microsoft Windows Remote Desktop Protocol (RDP). Tracked as CVE-2019-9510, this vulnerability could allow client-side attackers to bypass the lock screen in remote desktop sessions. The flaw was discovered by the Carnegie Mellon University researcher Joe Tammariello; in his report, the […]
Web application security testing specialists reported a data breach incident in Canva, a web design platform developed in Australia; a malicious actor claims to have compromised the security of the platform to steal information belonging to about 139 million users. According to the reports, the extracted information includes: Users’ full names Website usernames Email addresses […]
Threat actors have compromised the Asus technology manufacturer update mechanism to install malware that allows installing a backdoor on compromised computers. According to web application security testing experts, this is due to a Man-In-The-Middle (MiTM) attack campaign against routers to exploit some unsecured HTTP connections between Asus computer users and company servers. This malware, known […]
According to web application penetration testing specialists, Google announced the launch of a Chrome OS update that includes a series of fixes for the MDS vulnerabilities that, if exploited, could allow a malicious hacker access privileged parts of the memory. The bad news for Chrome users is that Hyper-Threading technology will be disabled by default. […]
According to web application security testing specialists, over 25k Linksys Smart WiFi routers are impacted by a vulnerability that, if exploited, would allow hackers remote access without authentication to extensive critical resources on compromised devices. Experts comment that this incident is similar to a security flaw in the firmware of these devices emerged in 2014 […]
After performing a web application security testing, the operators of Wyzant, well-known website to contact and hire personal tutors in more than 200 different subjects, have confirmed a data breach that exposes sensitive details of the users of the platform. Currently Wyzant has over two million users and more than 70k active tutors. Wyzant sent […]
Web application security testing experts reported a critical vulnerability in Cisco Elastic Services Controller (ESC), which could allow an unauthenticated remote hacker to take full control of the compromised system using just a specially designed request. ESC is a virtual network function manager employed by hundreds of companies to automate the implementation and monitoring of […]
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art […]
The websites and web applications are mission-critical business systems that must operate without security problems to process corporate confidential information. And to respect data protection rules, companies must consider web application security testing services. There are statistical evidences supported by web application security companies which present that in countries like Mexico, Brazil, United States, Colombia, […]