Category Archives: Vulnerability Assessment

SegmentSmack – A TCP Vulnerability Targeting Linux 4.9

SegmentSmack – A TCP Vulnerability Targeting Linux 4.9 Induced DoS Attacks. Recently, a critical TCP vulnerability was found in the Linux Kernel. A detailed vulnerability assessment revealed that the flaw could induce denial-of-service (DoS) attacks in Linux 4.9 and above. Gladly, Linux has already released patches for the vulnerability in the 4.9.116 and 4.17.11. SegmentSmack – Read more »

The ‘Unhackable’ BitFi Cryptocurrency Wallet

The ‘Unhackable’ BitFi Cryptocurrency Wallet: Recently, there has been a lot of hype about the John McAfee’s claim for his ‘unhackable’ BitFi cryptocurrency wallet. Amidst so many incidents of crypto hacking, making such a claim is indeed a bold step.   The ‘Unhackable’ BitFi Cryptocurrency Wallet – Is It Truly Unhackable?   He has clearly Read more »

SamSam Ransomware Has Raised $6 Million

samsam ransomware: Criminal Hackers exploit ransomware attacks as a robust money making strategy as they easily coerce the victims to pay money. Continuing with this strategy, they are now making money with the notorious SamSam malware. A latest study reveals that SamSam ransomware has raised around $6 million for Criminal hackers in ransom demands. SamSam Read more »

Web Security: top 5 attacks targeting web applications

Web Security is a hot topic for everyone in these days. A Positive Technologies report of 2017 showed how all of the websites and web applications have at least one well-known vulnerability. The same report shows how the 70% of websites and web applications have at least one high severity vulnerability as well.   As a matter of Read more »

Wi-fi Security: WPA3 is not hacker proof.

Wi-Fi Security? It’s time. Wi-Fi Alliance launched WPA3. It will certainly ensure a higher CyberSecurity level and, as a consequence, it will benefit users both in terms of privacy and GDPR Compliance. However, WPA3 does not make wireless networks hacker proof. First of alla, let’s have a look together at the features and benefits of WPA3. Read more »

CyberSecurity for SMBs: an issue to face as soon as possible

Cybersecurity for SMBs CyberSecurity for SMBs is a growing and growing need because enterprises are no longer the only target of hackers. However, hackers succeed in their attacks both because of: their skills; the lack of knowledge of the employees. As we briefly mentioned before SMBs need to implement their CyberSecurity measures because companies are one of the Read more »

OWASP Top 10: which are the main threats?

OWASP Top 10 The Open Web Application Security Project or OWASP , as we said in a previous article, is a not-for-profit organisation that aims at providing ‘best-in-class’ application security solutions. Their advices and tools are free, vendor neutral, unbiased yet practical. The organisation also lists the OWASP Top 10 web application security risks to help developers and system Read more »

OWASP: Open Web Application Security Project

OWASP The Open Web Application Security Project or OWASP is a foundation that came into being on December 1, 2001. Basically, this foundation has a specific goal: improving software security. This not-for-profit organisation aims to provide unbiased, practical solutions to governments, organisations, educational institutes, trade organisations, groups, development organisations etc. OWASP offer tools and documents that have been Read more »

Cross site scripting: what do you need to know about it?

Cross site scripting Cross Site Scripting or XSS is a particular form of injection attack. Basically, attackers inject malicious scripts into a website. The attackers typically use web applications to transmit malicious codes, usually browser side scripts, to a different end user. In return, the web applications in a system generate output in response to the malicious input Read more »

Path traversal: what do you need to know about it?

Path traversal What is Path Traversal or Directory Traversal? Basically, it is an attack method where a hacker attacks or accesses files/directories, which are mainly kept outside a web document’s root directory. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, there is the chance to Read more »