Entersoft Security Blog

New Attack "XSSJacking" Combines Clickjacking, Pastejacking, and Self-XSS

Posted by Entersoft Team on Aug 22, 2017 6:09:05 PM
Read More

Topics: Application Security, cyber security, cyber attack

New Vulnerability: IoT Devices Compromised by "Rakos"

Posted by Entersoft Team on Aug 8, 2017 6:11:03 PM
Have you been in situations in which you find your IoT devices getting overloaded with networking and computing tasks? If the answer is yes, the chances are high that your devices are Rakos’s latest victims.
Read More

Topics: Application Security, cyber security, IOT Security, cyber attack

Entersoft Security Pack: FinTech

Posted by Mohan Gandhi on Jul 25, 2017 1:09:07 PM
 
Banks now work hand in hand with companies in Fintech. Banks regularly partner with Fintech startups to implement innovative technologies such as Robo advice, Chatbots, KYC and Regtech, Blockchain, Wealth Management, Artificial Intelligence, Big Data and so on.
 
Read More

Topics: Application Security, cyber security, FinTech Security, Fintech Security standards

IoT Attack Surface Mapping

Posted by Entersoft Team on Jul 17, 2017 12:54:09 PM
Read More

Topics: Android App Security, Application Security, cyber security, IOT Security, Internet of things

New Vulnerability: Raspberry Pi Malware Mines Cryptocurrency

Posted by Entersoft Team on Jul 4, 2017 5:49:51 PM

What is Raspberry Pi?

Read More

Topics: Application Security, cyber security, Hacks and news

Entersoft Vulnerability Overview: Insufficient Attack Protection

Posted by Entersoft Team on Jul 3, 2017 4:22:10 PM

 

What follows in the article is a brief overview of a OWASP Top 10 2017 vulnerability - A7-Insufficient Attack Protection.

This post is useful for beginners who want to understand about Insufficient Attack Protection and for developers to help protect their applications against this vulnerability.

Whenever a user with malicious intention visits any application, his first motive is to damage the application or to create a sense of panic among the application’s admins or users who are using the application.

It is natural behaviour for most attackers targeting an application to perform extensive research about the application, its services and categories of users accessing the application. The research usually starts with an ‘information gathering’ phase which includes collecting information about the application stack and usernames that are available to any random user who has access to the application, in addition to observing contact-us forms’ structures.

Once the attackers have enough information about the application, they try to start with their attacks on the application. 

Read More

Topics: Application Security, cyber security, Security Guidelines

A Glance at the Hong Kong Startup Fintech Ecosystem

Posted by Celine Leong on Jan 24, 2017 4:42:57 AM

hong-kong-1990268_1280.jpg

Building on the momentum from the first week at Supercharger, we moved into our 2nd week on a strong note.

Read More

Topics: cyber security, cybersecurity, Events, fintech, FinTech Security, Hong Kong

A Week at Fintech SuperCharger 2.0

Posted by Angad Gill on Jan 18, 2017 9:50:29 AM

Supercharger, what a great way to begin our acceleration! Being part of Supercharger can fuel Entersoft to fulfil the mission to be the best in application security. Entersoft is well-positioned to meet this goal by being 1 out of the top 8 startups selected to be part of the Supercharger accelerator program. 

Read More

Topics: Android App Security, Android Security, cyber security, fintech, FinTech Security, Fintech Security standards, Fintech security Startup, Security in Fintech, cyber security startup's, Fintech startup's, cyber attack

Top Hacks of 2016

Posted by Japish on Jan 10, 2017 11:36:20 AM

As it turns out, 2016 was even worse than the popular public opinion, with cyber-attacks on major companies practically every day. It was a yearlong Christmas for cyber criminals. Some were politically motivated, most did it for money and a few special snowflakes just did it for the giggles. From Silicon Valley giants to top governmental organisations, everyone was affected as over a billions records were compromised. Here are a few (of the many, many) hacks from last year’s cyber-shitstorm:

Read More

Topics: Application Security, cyber security, Hacks and news, IOT Security

Introducing Jared!

Posted by Angad Gill on Sep 15, 2016 10:37:32 PM

Jared.jpg

 

 

 

 

 

 

 

 

 

We are very pleased to announce Jared's arrival to our team as a social engineering expert.

Read More

Topics: Android App Security, Android Security, Application Security, cyber security, Fintech security Startup, cyber security startup's, Fintech startup's