Read on Twitter
To the entire #infosec and reverse engineering community.
There has been a huge issue concerning @ExamSoft and their website and application security over the past few weeks.
I welcome any and all of you to please take a look at this and evaluate it.
It appears concerning. https://twitter.com/ExamSoft/status/1311321042980425728">https://twitter.com/ExamSoft/...
There has been a huge issue concerning @ExamSoft and their website and application security over the past few weeks.
I welcome any and all of you to please take a look at this and evaluate it.
It appears concerning. https://twitter.com/ExamSoft/status/1311321042980425728">https://twitter.com/ExamSoft/...
I have received several messages from many concerned people attempting to use the platform to take their tests
I have also attempted to reach their security team to no avail.
I have also attempted to reach their security team to no avail.
Let me show everyone a serious and valid concern https://twitter.com/technologyatty/status/1311162739570610177?s=19">https://twitter.com/technolog...
Additionally let me demonstrate the condition of their website in this thread:
Figure 1
Figure 1
Figure 2
Figure 3
They also appear to process usernames and password requests in a concerning way
This locked up their login system for several minutes vs any other username password combination
This locked up their login system for several minutes vs any other username password combination
Dear @ExamSoft
It is my professional opinion, as a recognized individual in cybersecurity, that you please reevaluate your website, application, and communication processes for the sake of security. Your users have genuine concerns.
Please address & fix them
It is my professional opinion, as a recognized individual in cybersecurity, that you please reevaluate your website, application, and communication processes for the sake of security. Your users have genuine concerns.
Please address & fix them
