Insecure Direct Object Reference (IDOR)
What is an Insecure Direct Object Reference (IDOR) Risk? IDOR stands for Insecure Direct Object Reference occurring when an application displays an indication of an…
Port Forwarding – Pivoting and Tunneling
Port forwarding is a key activity in any network security testing. Once we get an initial foothold into the victim network, our next stage is…
IT Security Controls
IT security controls play a foundational role in shaping the efforts security professionals take to protect an organization. Security Controls are protecting things that are…
Adware – New Age Weapon
Are you seeing ads every time while browsing the web and it is asking you to install software or enter personal details? Clicking on links…
Cyber Law in INDIA
In this article we will see in detail overview of Cyber Law in India and various sections of IT Act 2000. What is Cyber…
DROZER – Android Security Assessment Framework
Drozer is a framework for Android security assessments developed by MWR Labs. It is one of the best Android security assessment tools available for Android…
ASSET SECURITY
When we think of asset security, at the first glance it looks pretty simple. After all, what is the big deal about tracking a few…
Covid 19 and Business Continuity Planning
COVID – 19 Initial Precautionary Measures for Business Continuity Basic Emergency measures for Covid-19 Pandemic to Avoid Cyber Risks for Business Continuity Follow Government/WHO guideline…
Essentials of Third Party Risk Management (TPRM)
Risk management is the process of carrying out evaluative decisions based on analytics and calculations that will ensure to mitigate the adverse effects of risk…
“OAuth” Related Vulnerabilities
What is OAuth? OAuth is a mechanism that is used by many companies like Amazon, Google, Microsoft, etc., which allows the user to view or…
Categories
- Android Security (19)
- Application security (1)
- Authentication & Authorization (22)
- Blockchain Security (1)
- Bug Bounty (2)
- BYOD (5)
- Case Study (29)
- Chatbot Security (1)
- Cloud Security (14)
- Containerization Security (1)
- Corporate Training (6)
- Cyber Attack (34)
- Cybersecurity Frameworks and Solutions (1)
- Data Breaches (35)
- Data Leakage (27)
- Data Privacy (29)
- Email Phishing (8)
- Encryption & Cryptography (14)
- Ethical Hacking (19)
- General (34)
- Governance Risk & Compliance (8)
- iOS Security (2)
- IOT Security (7)
- Java Security (2)
- Mobile Application Security (19)
- Mobile Device Management (10)
- Network Pentesting (9)
- News (48)
- Password Security (10)
- Past Events (8)
- Patch Management (3)
- Ransomware Attack (14)
- Reverse Engineering (3)
- Secure SDLC (5)
- Security Advisory (34)
- Security Best Practices (42)
- Security Hardening (38)
- Social Engineering Attack (10)
- Social Networking Security (5)
- Source Code Review (2)
- SPAM (2)
- Student Oriented Courses (2)
- Thick Client Penetration Testing (4)
- Unix/Linux Security (1)
- Upcoming Events (3)
- Viruses & Malware (16)
- VoIP Penetration Testing (4)
- Vulnerability Disclosure (21)
- Web Application Security (34)
- Windows Mobile Security (1)
- Zero Day Attack (8)