Implementing Security in IoT

Posted by Entersoft Team on 29 nov. 2017 21:44:36

 

The Internet of Things continues to connect an ever-increasing number of devices. We're heading towards a seamlessly connected world that will have 24 billion IoT devices by 2020. Connected devices are making headway into each and every aspect of our lives, including homes, offices, cars and even cities.

Read More

Topics: Application Security, Application Security Guidelines, cyber security, IOT Security

What Happened at the IoT Hackfest

Posted by Angad Gill on 27 nov. 2017 21:52:26

 

Entersoft Security in collaboration with IOT Forum India and TiE Bangalore conducted IOT Hackfest on 7th November 2017 at the TiE Bangalore office.

Read More

Topics: cyber security, Events, IOT Security, Security Guidelines

Race Condition Vulnerabilities in Web Applications

Posted by Entersoft Team on 15 sept. 2017 20:14:29

Race conditions in software arise when two concurrent threads of execution access a shared resource in a way that unintentionally produces different results; depending on the time at which the code is executed. For example, a multi-threaded program may spawn 2 threads that have access to the same location in memory.

Read More

Topics: Application Security, Application Security Guidelines, cyber security

Demystifying ARP Spoofing

Posted by Entersoft Team on 11 sept. 2017 22:14:18

 

 What is ARP Poisoning or ARP Spoofing attack?

ARP spoofing attack is an attack in which an attacker sends falsified ARP (Address Resolution Protocol) messages over LAN. As a result, the attacker can link his MAC address with the IP address of a legitimate computer (or server) on the network.

Read More

Topics: Application Security, cyber security, cyber attack

New Attack "XSSJacking" Combines Clickjacking, Pastejacking, and Self-XSS

Posted by Entersoft Team on 22 août 2017 22:39:05
Read More

Topics: Application Security, cyber security, cyber attack

New Vulnerability: IoT Devices Compromised by "Rakos"

Posted by Entersoft Team on 8 août 2017 22:41:03
Have you been in situations in which you find your IoT devices getting overloaded with networking and computing tasks? If the answer is yes, the chances are high that your devices are Rakos’s latest victims.
Read More

Topics: Application Security, cyber security, IOT Security, cyber attack

Entersoft Security Pack: FinTech

Posted by Mohan Gandhi on 25 juil. 2017 17:39:07
 
Banks now work hand in hand with companies in Fintech. Banks regularly partner with Fintech startups to implement innovative technologies such as Robo advice, Chatbots, KYC and Regtech, Blockchain, Wealth Management, Artificial Intelligence, Big Data and so on.
 
Read More

Topics: Application Security, cyber security, FinTech Security, Fintech Security standards

IoT Attack Surface Mapping

Posted by Entersoft Team on 17 juil. 2017 17:24:09
Read More

Topics: Android App Security, Application Security, cyber security, IOT Security, Internet of things

New Vulnerability: Raspberry Pi Malware Mines Cryptocurrency

Posted by Entersoft Team on 4 juil. 2017 22:19:51

What is Raspberry Pi?

Read More

Topics: Application Security, cyber security, Hacks and news

Entersoft Vulnerability Overview: Insufficient Attack Protection

Posted by Entersoft Team on 3 juil. 2017 20:52:10

 

What follows in the article is a brief overview of a OWASP Top 10 2017 vulnerability - A7-Insufficient Attack Protection.

This post is useful for beginners who want to understand about Insufficient Attack Protection and for developers to help protect their applications against this vulnerability.

Whenever a user with malicious intention visits any application, his first motive is to damage the application or to create a sense of panic among the application’s admins or users who are using the application.

It is natural behaviour for most attackers targeting an application to perform extensive research about the application, its services and categories of users accessing the application. The research usually starts with an ‘information gathering’ phase which includes collecting information about the application stack and usernames that are available to any random user who has access to the application, in addition to observing contact-us forms’ structures.

Once the attackers have enough information about the application, they try to start with their attacks on the application. 

Read More

Topics: Application Security, cyber security, Security Guidelines