Entersoft hosted the Brisbane Hackfest earlier this month, as a practical, ethical hacking event to test digital assets of participating companies for vulnerabilities and fix them immediately with the help of our expert cybersecurity team. The 2-day program was organised in collaboration with AustCyber, Advance QLD and OCQE at The Precinct, Brisbane, Queensland.
A good answer is - Both.
There is no silver bullet to cybersecurity. Conventional approaches rely entirely on a single type of testing - either manual or automated web scanners - leaving business leaders in a difficult spot of choosing one way or the other for their products. While manual testing brings nuanced and intuitive strategy to the table, it could cause human-errors while taking several days to deliver results. On the other hand, automated tools that give instant results, do not promise the intuition that an actual human contributes. To add to the uncertainty, security testing vendors often position their approach as superior to the other, underplaying obvious shortcomings, jeopardizing entire products or businesses.
Segasec and Entersoft to strengthen their partnership in India
Tel Aviv, February 13, 2019 – India is among the top four nations targeted by phishing attacks according to a recent research. Consequently, the Reserve Bank of India (RBI) lately regulated that all Indian banks need to have in place a robust cybersecurity framework. This should include a Cyber Crisis Management Plan (CCMP) that addresses early detection, fast response, recovery and containment including protection against customer facing phishing attacks.
Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Flash Player version 220.127.116.11 and prior versions are vulnerable.
The Internet of Things continues to connect an ever-increasing number of devices. We're heading towards a seamlessly connected world that will have 24 billion IoT devices by 2020. Connected devices are making headway into each and every aspect of our lives, including homes, offices, cars and even cities.
Race conditions in software arise when two concurrent threads of execution access a shared resource in a way that unintentionally produces different results; depending on the time at which the code is executed. For example, a multi-threaded program may spawn 2 threads that have access to the same location in memory.
What is ARP Poisoning or ARP Spoofing attack?
ARP spoofing attack is an attack in which an attacker sends falsified ARP (Address Resolution Protocol) messages over LAN. As a result, the attacker can link his MAC address with the IP address of a legitimate computer (or server) on the network.