Securing AWS Cryptographic Keys

Securing sensitive data that resides on Amazon Web Services (AWS), enabling security features, is becoming a tough task nowadays. Recently, an AWS employee, DevOps Cloud Engineer, leaked over a gigabyte worth of data to a […]

Vidar Malware

Introduced in December 2018, Vidar is a family of malware and trojan horse virus that steals sensitive information and cryptocurrency from infected users. Presumed to have originated in Russia, Vidar is a family of malware […]

Secure Yourself From The Digital Grinch

It’s the holiday season! And while you are busy shopping, the Grinch is lurking just around the corner. Global consumers are predicted to spend Ghost of Christmas Past 43% of holiday shopping identity theft occurs […]

OWASP TOP 10 API SECURITY RISKS

Why OWASP API Top 10? The Open Source Web Application Security Project has compiled a list of the 10 biggest API security threats faced by organizations. According to the Gartner API strategy maturity model report, […]

RF Hack using SDR Dongle

Radio Frequency plays a vital role in IoT(Internet of Things), in devices like vehicle monitoring, remote control, wireless data transmissions, garage Openers, etc. Want to understand the basics of RF or other types of frequencies. […]

Open-source Intelligence

Have you ever thought that the Amazon AWS access credentials of your company can be found in GitHub? Assume that, your company is relying on amazon web service and GitHub and the web application server […]

Sensitive Files/Configuration Enumeration on Github

Version Control System: Version Control System (VCS) is a software that helps software developers to work together and maintain a complete history of their work. Listed below are the functions of a VCS:1. Allows developers […]

Remote Code Execution Vulnerability in Adobe Flash Player

Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause […]

New Attack “XSSJacking” Combines Clickjacking, Pastejacking, and Self-XSS

XSSJacking is a new web-based attack that combines three other techniques  — Clickjacking, Pastejacking, and Self-XSS — to steal data from users. XSSJacking can help attackers reach sensitive information for which they would normally need a […]