XSS Case Study

XSS Case Study

XSS Case Study Written by Gergő Turcsányi You’ve probably heard about the recent Cross-Site Scripting vulnerability in the Google search engine. With a clever payload, you could have crafted a link which executes JavaScript after opening it and clicking into the input...
Wild card to win USPS customer data

Wild card to win USPS customer data

Wild card to win USPS customer data Written by Richárd Raciborski The US Postal Service launched their Informed Visibility program last year to provide better insight into their mailstream service. For example, one can obtain near real-time notifications about...
The three fatal bugs behind the Facebook breach

The three fatal bugs behind the Facebook breach

The three fatal bugs behind the Facebook breach Written by Ákos Hajba The breach was discovered after Facebook saw an unusual spike of user activity that began on September 14, 2018. A few days later, on Tuesday, September 25, Facebook’s engineering team discovered an...
Report a vulnerability in a responsible way!

Report a vulnerability in a responsible way!

Report a vulnerability in a responsible way! Written by Judit Szőcs If you have found a vulnerability and you want to act responsibly, discretion is most important. Always remember you have information that can be exploited by black-hats putting not only the...
Broken Access Control

Broken Access Control

Broken Access Control Written by Márton Németh  In this article we cover examples of broken access control, how to find it in your application and possible consequences. Access control, or authorization, is how a web application grants access to resources to...