Entersoft Team

Entersoft Team
Your friendly neighbourhood hackers.

Recent Posts

24 Hours, 5 Hackers - 7 Products Secured!

Posted by Entersoft Team on 28 juin 2019 22:38:02

Entersoft hosted the Brisbane Hackfest earlier this month, as a practical, ethical hacking event to test digital assets of participating companies for vulnerabilities and fix them immediately with the help of our expert cybersecurity team. The 2-day program was organised in collaboration with AustCyber, Advance QLD and OCQE at The Precinct, Brisbane, Queensland. 

Read More

Topics: Application Security, cybersecurity, Security in Fintech, Blockchain Security

What is your approach to security - Manual testing or a Web scanner?

Posted by Entersoft Team on 17 juin 2019 18:57:15

A good answer is - Both.

There is no silver bullet to cybersecurity. Conventional approaches rely entirely on a single type of testing - either manual or automated web scanners - leaving business leaders in a difficult spot of choosing one way or the other for their products. While manual testing brings nuanced and intuitive strategy to the table, it could cause human-errors while taking several days to deliver results. On the other hand, automated tools that give instant results, do not promise the intuition that an actual human contributes. To add to the uncertainty, security testing vendors often position their approach as superior to the other, underplaying obvious shortcomings, jeopardizing entire products or businesses.

Read More

Topics: Application Security Guidelines, cybersecurity, Security Guidelines

Addressing RBI compliance requirements for banks & NBFCs

Posted by Entersoft Team on 13 févr. 2019 03:19:38

 

Segasec and Entersoft to strengthen their partnership in India

Tel Aviv, February 13, 2019 – India is among the top four nations targeted by phishing attacks according to a recent research. Consequently, the Reserve Bank of India (RBI) lately regulated that all Indian banks need to have in place a robust cybersecurity framework. This should include a Cyber Crisis Management Plan (CCMP) that addresses early detection, fast response, recovery and containment including protection against customer facing phishing attacks.

Read More

Topics: Application Security, FinTech Security, Hacks and news

Remote Code Execution Vulnerability in Adobe Flash Player

Posted by Entersoft Team on 22 mars 2018 21:10:18

Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Flash Player version 28.0.0.137 and prior versions are vulnerable.

Read More

Topics: cybersecurity, Hacks and news, cyber attack, vulnerability

Implementing Security in IoT

Posted by Entersoft Team on 29 nov. 2017 21:44:36

 

The Internet of Things continues to connect an ever-increasing number of devices. We're heading towards a seamlessly connected world that will have 24 billion IoT devices by 2020. Connected devices are making headway into each and every aspect of our lives, including homes, offices, cars and even cities.

Read More

Topics: Application Security, Application Security Guidelines, cyber security, IOT Security

Vulnerability: XSS in Image Name

Posted by Entersoft Team on 25 oct. 2017 21:54:32
We have frequently come across cross-site scripting vulnerability ( more about XSS ) in input fields where HTML special characters are not sanitized. However, these days most developers are aware of this vulnerability and diligently filter user-supplied inputs in forms and URLs.
Read More

Topics: Application Security, XSS, Cross site scripting, vulnerability

Race Condition Vulnerabilities in Web Applications

Posted by Entersoft Team on 15 sept. 2017 20:14:29

Race conditions in software arise when two concurrent threads of execution access a shared resource in a way that unintentionally produces different results; depending on the time at which the code is executed. For example, a multi-threaded program may spawn 2 threads that have access to the same location in memory.

Read More

Topics: Application Security, Application Security Guidelines, cyber security

Demystifying ARP Spoofing

Posted by Entersoft Team on 11 sept. 2017 22:14:18

 

 What is ARP Poisoning or ARP Spoofing attack?

ARP spoofing attack is an attack in which an attacker sends falsified ARP (Address Resolution Protocol) messages over LAN. As a result, the attacker can link his MAC address with the IP address of a legitimate computer (or server) on the network.

Read More

Topics: Application Security, cyber security, cyber attack

New Attack "XSSJacking" Combines Clickjacking, Pastejacking, and Self-XSS

Posted by Entersoft Team on 22 août 2017 22:39:05
Read More

Topics: Application Security, cyber security, cyber attack

New Vulnerability: IoT Devices Compromised by "Rakos"

Posted by Entersoft Team on 8 août 2017 22:41:03
Have you been in situations in which you find your IoT devices getting overloaded with networking and computing tasks? If the answer is yes, the chances are high that your devices are Rakos’s latest victims.
Read More

Topics: Application Security, cyber security, IOT Security, cyber attack