Detectify Asset Inventory and Monitoring

Continuing the topic about perimeter services. As I mentioned earlier, I don't think that the external perimeter services should be considered as a fully functional replacement for custom Vulnerability Management processes. I would rather see their results as an additional feed showing the proble...

How to browse the Internet safely at work

This Safer Internet Day, we teamed up with ethical hacking and web application security company Detectify to provide security tips for both workplace Internet users and web developers. This article is aimed at employees of all levels. If you’re a programmer looking to create secure websites, visi...

Unikrn: CSRF logs the victim into attacker's account

Description: There is no session validation while logging in which leads to csrf. Steps To Reproduce: 1. Create a CSRF login POC using the following code. 2. Replace the email and password with the valid credentials. 3. Send the script to the victim to make them click. References: 1. You've...

WordPress WooCommerce PDF Invoices & Packing Slips plugin <=2.0.12 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Detectify in WordPress WooCommerce PDF Invoices & Packing Slips plugin versions =2.0.12. Solution Update the WordPress WooCommerce PDF Invoices & Packing Slips plugin to the latest available version at least 2.0.13...

Experts Warn Too Often AWS S3 Buckets Are Misconfigured, Leak Data

A rash of misconfigured Amazon Web Services storage servers leaking data to the internet have plagued companies recently. Earlier this week, data belonging to anywhere between six million and 14 million Verizon customers were left on an unprotected server belonging to a partner of the...

Paragon Initiative Enterprises: Subdomain Takeover

Hello, Your Subdomain engineering.github.com/paragonie is Pointing to Tumblr.com You should immediately remove the DNS-entry for engineering.zomato.com is Pointing to Tumblr.com.. Any One Can Claim That Domain , Please Read The Advisory Below. Remediation Please make sure you're always going...

RCE In AddThis

This vulnerability has been fixed as of July 20, 2016 and is shared with consent from the vendor. If you wish to share the information provided in the write up, provide credit for the original author or contact [email protected] for more info. Timeline of the report 1. July 20, 2016 8:59 AM:...

LastPass Patches Ormandy Remote Compromise Flaw

LastPass has patched a vulnerability in its Firefox add-on found by Google Project Zero researcher Tavis Ormandy that allows attackers complete remote compromise of the password manager, . The divisive Ormandy submitted a bug report on Tuesday to LastPass after a series of tweets hinting at serio...

Stored XSS in gallery application - ownCloud

Due to a recent migration of the Gallery app to the new sharing endpoint a parameter changed from an integer to a string value. This value wasn't sanitized before and was thus now vulnerable to a Cross-Site-Scripting attack. To exploit this vulnerability an authenticated attacker has to share a...

Slack Plugs Token Security Hole

Popular collaboration and communication firm Slack rushed to plugged a security hole in its platform Thursday that was leaking some of its users’ private chats and files for anyone to access. Slack, a leading tool used by companies to communicate internally, was alerted by security firm Detectify...

Zomato: Subdomain Takeover

Hello, Your Subdomain engineering.zomato.com is Pointing to Tumblr.com You should immediately remove the DNS-entry for engineering.zomato.com is Pointing to Tumblr.com.. Any One Can Claim That Domain , Please Read The Advisory Below. Remediation Please make sure you're always going through your...

Ubiquiti Inc.: Subdomain Takeover in http://assets.goubiquiti.com/

Hi there, Its urgent issue about your subdomain http://assets.goubiquiti.com pointing to AWS S3 but no such website configuration is made. This unused subdomain can claim by anyone and fully take over it. An attacker can fully takeover this subdomain and do whatever he wants. this can cause huge...

Chrome third-party extensions to be exposed can record private information and sell it-vulnerability warning-the black bar safety net

The Swedish security firm Detectify Labs currently represents some of the Chrome extension app will track The user's Internet history, and even also includes Facebook Connect and privacy of the access token, is connected to a private Dropbox and Google Drive file link. Affect a wide range is not...

codeigniter -- multiple XSS vulnerabilities

The CodeIgniter changelog reports: Fixed a number of XSS attack vectors in Security Library method xssclean thanks to Frans Rosén from Detectify...

Vimeo: URGENT - Subdomain Takeover on status.vimeo.com due to unclaimed domain pointing to statuspage.io

Hi, Brief This is an urgent issue and I hope you will act on it likewise. Your subdomain status.vimeo.com is pointing to hosted.statuspage.io, but no statuspage was connected to it. This means that anyone can claim the subdomain by setting up a statuspage.io site and using "status.vimeo.com" as t...

Self-XSS due to unescaped HTML output in database structure page.

PMASA-2014-4 Announcement-ID: PMASA-2014-4 Date: 2014-07-17 Summary Self-XSS due to unescaped HTML output in database structure page. Description With a crafted table comment, it is possible to trigger an XSS in database structure page. Severity We consider this vulnerability to be non critical...