Hey dear readers it’s been awhile, tldr; How to avoid apple from yelling out your location to their servers I personally like to use the Searchlight function of OSX, it provides me a fast way to access my files – but this it also sends my geolocation to apple everytime i do a search. This blogpost will […]
[Research] – Stop OSX Spotlight from sending your location Read More »
Dear readers, today i want to share a short story of a bug i found on one of prezi’s subdomains called mailroom.prezi.com.The Webserver at http://mailroom.prezi.com is configured to redirect the Users to the Login Page of Prezi, so far so good, i found out that if you add a Domain lets say http://mailroom.prezi.com/.anydomain.com to the end
[BugBounty] malicious redirect on mailroom.prezi.com Read More »
Dear followers, I’ve recently set up a honeypot tool called Kippo, Kippo runs a virtual SSH environment and tracks all the SSH bruteforce attemps on our Server. We started the test on third of November and got about 4000 bruteforce attempts on our Server, what is remarkable here is that almost all of the logins
[Research] SSH Honeypot (honey.it-securityguard.com) Read More »
Dear followers, during an installation for one of our customers, we had to install a suitable chat plugin for WordPress. There are a lot of them but we decided to choose the first one that comes in the row. Due to the fact that we like security we of course tested the plugins against some
[WordPress] 3x vulnerable Chat Plugins Read More »
Today i reported a strange bug to the devs of the Chromium Project, look at the following lines of code : <html> <script src=http:\\\\\\\\\\\\monitor.it-securityguard.com\\\\\\\\\\\\\test.js> </script> </html> You see those leading slashes ? Do you think that this is an valid URL a Browser would process ? In fact it does not look like a valid
English 
German