IEDB Holds Gatherings Nationwide
In recent weeks and months users and friends of the hardworking IEDB team which has very active forum and Telegram group have suffered by the absence of the director of this team, Mr. Amir Moosavi, and they have missed him…
4tt4ck3r Finds Flaw in UK Government Websites
Iranian hacker 4tt4ck3r has previously found Reflected XSS -Cross Site Scripting- vulnerabilities in government websites of the UK as follows : Parliament of the United Kingdom The vulnerable website address is : https://www.parliament.uk/search/results/ The URL of website changed to this type : https://www.parliament.uk/search/results/?q=HellO…
4tt4ck3r Discovers XSS Vulnerability for London University
After some time we are pleased to see return 4tt4ck3r, who has had many successes with XSS vulnerabilities in the past and if God helps hopefully also in the future. The latest vulnerability discovered by 4tt4ck3r is on the website…
ZeroSec Discover Open Redirect Vulnerability in Amazon Simple Storage Service (S3)
ZeroSec (https://t.me/ZeroSecOfficial) hacker Ghostman discovered an open redirect vulnerability in Amazon Simple Storage Service (S3). The vulnerability, which lies in scoping Amazon subdomain s3.amazonaws.com into the main aws.amazon.com/s3, allows the attacker to draw the victim onto a different landing page…
Manoto Defaced by Cluwix
We can see in the picture that website of Manoto TV show “Stage” was hacked by Black Hat Hacker Cluwix. Manoto is a Persian TV station that broadcasts illegally in Iran from overseas. Stage is a competition show for choosing…
New Iranian & Global Cyber News Site
ICNA has decided to launch our ICNA site on paper.li, which has articles both about Iran and other global hacking news. See sample page below. Please keep telling us about your successes, because we still want to tell the world…
Apa Isfahan University of Technology Capture The Flag
APA_IUTcert CTF The APA_IUTcert CTF -Capture the Flag- competition held by Isfahan University of Technology will start on 26 January 2017 The site to register/login for the CTF is hereThe challenge categories -see here for full details – are: Web…
Directadmin ControlPanel DoS and XSS Vulns Exposed By Amir Of The IEDB Team
Iranian security researcher and IEDB Team member/IEDB/IrIsT.ir and Xssed.ir founder Amir has published a DoS vulnerability in the Directadmin ControlPanel software -http://www.directadmin.com- Directadmin is a web hosting control panel for the remote web-based administration of multiple web servers. The vulnerability affects Directadmin…
4TT4CK3R Finds ViewState Bug in UK Geological Society Site
Iranian security researcher 4TT4CK3R has disclosed a vulnerability in the website of the UK’s Geological Society. The web site runs on Windows web server IIS 7.5 with ASP.NET -version 4.0.30319- but does not have the ViewState parameter encrypted. This means that there…
Ehsan Cod3r Discovers Mail.Ru Vulnerability
Iranian whitehat cybersecurity researcher Ehsan Hosseini -aka Ehsan Cod3r- has disclosed a send edited message vulnerability in the Russian mail provider software mail.ru. The vulnerability is in the design allowing a potential privilege escaltion to the attacker. Ehsan Cod3r also credits…