Word-press plugin lightspeed caches security flaws and how to exploit them
5242
02/08/2022
WordPress plugin LiteSpeed Cache has a cross-site scripting vulnerability because it does not properly sanitize user input. An attacker can take advantage.
Read More
XML Rpc Attack
12313
29/07/2022
Yes, I am talking about U.S department of defense get hacked. Bibek Dhakal found that the xmlrpc.php file on the U.S. Department of Defense website had been turned on leaving it open to an attack on other sites. The XML Rpc.php in WordPress is turned on by default
Read More
What is the difference between VA and PT ?
7758
22/07/2022
Thief plots heist at home. It takes him some time to figure out how to get into the house without being noticed. What we're doing here is called Vulnerability assessment.The thief could have used a glass door .
Read More
What Is CRLF Injection Attack?
6440
15/07/2022
Twitter is one of the most popular social media platforms available today, with 100 million daily active users and 500 million tweets sent daily. But, do they have the best cybersecurity defense? Youssef discovered It was possible to inject the CRLF injection
Read More
What Is FTP Penetration Testing and What It Is Not?
7896
05/07/2022
File transfer protocol, a standardized protocol used to allow transmission of files between computers. It consists of a set of coded signals which are transmitted between computers, and which inform
Read More
How to save yourself from Phishing attacks? A quick guide
4145
30/06/2022
Phishing is a type of social engineering attack used to obtain sensitive information from users, such as login credentials and credit card information.It
Read More
What is spring4shell vulnerability and how to address this vulnerability
3964
23/06/2022
Spring is a popular lightweight Java platform application framework that enables developers to easily create Java applications with enterprise-level features
Read More
Is there a difference between authentication and authorization in an API?
5561
21/06/2022
As with web applications, APIs operate on the web, but many require some sort of authentication or authorization before you can access the valuable.
Read More
Is CDN WAF enough to protect your web application?
5602
16/06/2022
What would you say if we told you that certain service was at USD 1.53 Billion in 2016 and is expected to reach USD 7.63 Billion by 2022.Is not this an exponential increase? Yes, that service is CDN WAF.
Read More
How hackers bypass file upload and how to prevent it?
17525
14/06/2022
Starbucks does have the best coffee in the world. But, do they have the best cybersecurity defense? ? Johnstone discovered It was possible to execute arbitrary code by uploading a webshell
Read More
While testing sql injection why do testers frequently use single quotes
16309
09/06/2022
SQL injection is often referenced as the most common type of attack on websites. It is being used extensively by hackers and pen-testers on web applications.
Read More
My Website has HTTPS implemented. Should i really worry about implementing HSTS.
3589
26/05/2022
HTTP and that all redirection to the site using HTTP should be changed to HTTPS requests by default.
Read More
How To Minimize The Impact Of False Positives?
4204
24/05/2022
Web applications are updated on a frequent basis in today's fast-paced development settings, and agile, integrated methodologies like DevOps are swiftly becoming the norm.To design, test, and update diverse apps
Read More
Json web token and its exploitation
5062
12/05/2022
As an open standard, the JSON Web Token (JWT) defines a compact and self-contained method for securely transmitting information between parties as a JSON object (RFC 7519).
Read More
80 percent of the backend technologies have banner exposed why is it a serious issues
6656
10/05/2022
Banner grabbing or active reconnaissance is a type of attack during which the attackers send requests to the system they are attempting to attack in order.
Read More
Is Beast Attack Really Breaking Your SSL TLS
6679
04/05/2022
BEAST (Browser Exploit Against SSL/TLS) is a network vulnerability attack against TLS 1.0 and older SSL protocols. Security researchers carried out the attack for the first time in 2011, but the theoretical vulnerability was discovered in 2002.
Read More
Security Flaws in Third Party Apps
3472
21/12/2021
One thing that you have to remember is that outside parties such as auditors, customers don’t care how vulnerabilities got into your environment. Even if your hands are tied, application security flaws can and likely will .
Read More
Introduction to HTTP Request Smuggling Vulnerability
5222
15/12/2021
HTTP Request Smuggling is one of the critical web application vulnerabilities that is often goes unnoticed by many security reasearchers and penetration testers due to its complexity.
Read More
What and How to address LOG4J CVE-2021-44228 Vulnerability?
5602
13/12/2021
CVE-2021-44228 is the name of the zero-day vulnerability, which can affect any programme that logs user input. The effect may be seen in a variety of places, including Minecraft, which registers the names of users.
Read More
6 Cybersecurity measures that Organizations tend to overlook
4527
16/11/2021
Cyberattacks are a major nuisance that aren't going anywhere anytime soon. Growing at an estimated 15% year over year, cybercrime costs to organizations worldwide are forecast to reach $10.5 trillion annually by 2025.
Read More
Why Is It Important To Understand Owasp Automated Threats To Web Applications To Develop Better Security?
11279
05/10/2021
The primary goal was to create an ontology that would serve as a common language for developers,
Read More