xss

Tier3 Cyber Alerts
Blog & News

Hackers attack Pakistani Govt’s passport application tracking site

Scanbox framework used to hack Pakistani Govt’s passport application tracking site http://tracking.dgip.gov.pk Experts uncovered a watering hole attack against the Pakistani Govt’s passport application tracking site, hackers used the Scanbox Framework to steal visitors’ data ...
Read More

WhatsApp Hacked – Vulnerable App used for Surveillance

Hackers were able to use the vulnerability and install other malware on phones. After 2 Weeks WhatsApp confirms its 1.5 Billion users need an upgrade. WhatsApp the most popular messenger app, is also owned by ...
Read More

Fileless Malware Attacks -The Growing threat to Pakistani Enterprises

Fileless malware attacks are increasing every day.They can nowadays be seen as the perfect crime of opportunity. The initial vector of these attack can be a seemingly innocuous business email with a link to an ...
Read More

Authorities Issue Alert Warning of Potential for Cyber Attacks

In a latest security alert email sent by PKNIC (registrar of all .PK domains ) to its customers, it is reported that there has been an increase in cyber attacks on Pakistani IT installations in ...
Read More

Worst passwords for 2018?

Even if security experts continue to make awareness campaign, people continue to use bad passwords exposing their data to the risk of hack. Bad habits are hard to die, 123456 is the most used password ...
Read More

How to Protect yourself from bank fraud and cyber crime in Pakistan?

1. Do not give any personal information (name, address, bank details, email or phone number) to organisations or people before verifying their credentials. Always question unsolicited calls, texts or emails requesting your personal or financial ...
Read More

DEBIT / CREDIT CARD FRAUD in Pakistan. A guide on what to do ?

Payment/ bank card fraud involves the compromise of any personal information from credit, debit or store cards. The personal information stolen from a card, or the theft of a card itself, can be used to ...
Read More

Bank Islami denies losing $6 million in country’s ‘biggest cyber attack’

Karachi-based Bank Islami acknowledged on Sunday of suffering a security breach of its payment cards system but denied reports of having lost an alleged $6 million in what local press have called the biggest cyber-attack ...
Read More

Pakistani hackers attack institutions in EU and the US

The Pakistani hacker group is attempting to attack government organizations using the infrastructure it also uses to send spam to malware. According to researchers from Palo Alto Networks Unit 42, the group Gorgon Group is ...
Read More

Afghan diplomats in Pakistan suspicious of targeted “Cyber attacks” by state-backed APT Groups

Afghan diplomats in Pakistan have been warned they are believed to be victims of "government-backed" cyber attacks trying to steal their email passwords.Afghan embassy sources told the BBC two staff members and a generic account received ...
Read More
April 12, 2017

paperpk.com – XSS Vulnerability [Cyber Alert]

Website : paperpk.com Description : Jobs in Pakistan Newspaper ads & classified careers – PaperPk.com. Paperpk jobs in Pakistan from all newspaper ads on paperpk.com with careers […]
April 12, 2017

na.gov.pk – XSS Vulnerability [Cyber Alert]

Website : na.gov.pk Description : National Assembly of Pakistan. Notification & Disclosure Timeline 10 April, 2017 at 12:05 GMT Vulnerability reported via Open Bug 11 April, 2017 […]
March 15, 2017

Cyber Alert – ntp.gov.pk [XSS Vulnerability]

 National TB Control Program – Pakistan. 6 March, 2017 at 18:14 GMT Vulnerability reported via Open Bug Bounty 7 March, 2017 at 06:47 GMT Notification sent […]
March 15, 2017

Cyber Alert – civildefence.gov.pk [XSS Vulnerability]

Cyber Alert – civildefence.gov.pk [XSS Vulnerability] Civil Defence Pakistan. Directorate General Civil Defence Pakistan 12 March, 2017 at 20:43 GMT Vulnerability reported via Open Bug Bounty […]
January 19, 2017

expopakistan.gov.pk – Xss vulnerability

website : expopakistan.gov.pk Description Expo Pakistan 2015 Home. Vulnerable URL: http://www.expopakistan.gov.pk/mission-admin/login.php?err=<script>ale rt(‘OPENBUGBOUNTY’)</script> Vulnerability type: XSS Vulnerability status: Publicly disclosed Alexa Rank 2132001  
January 19, 2017

bisedgkhan.edu.pk – XSS vulnerability

Website :bisedgkhan.edu.pk Description BISE DG.KHAN Cookies: PHPSESSID=aaaeu2298dhad69191psjpvp01 Other details: Patched: No Vulnerability type: XSS Vulnerability status: Publicly disclosed Alexa Rank:149711 security researcher : KHIZER_JAVED47
July 26, 2016

http://www.aiou.edu.pk – sql vulnerability

Allama Iqbal Open University website : http://www.aiou.edu.pk/All_Dept_List.asp?dt=1 (GET) vuln type : sql injection submitted by : Waqas Haider Poc : Parameter: dt (GET) Type: stacked queries Title: […]
July 26, 2016

www.hu.edu.pk – Sql Vulnerability

website : www.hu.edu.pk/oldwebsitehu/webtest/view_deg_prog.php?id=1 Vuln type : Sql Injection Submitted by : Waqas Haider POC : Vuln-Parameter: id (GET) Type: AND/OR time-based blind Title: MySQL &gt;= 5.0.12 […]