Mobile Application Security Assessment – Proxying for Windows Phone
While conducting mobile application security assessment of Windows Phone capturing application traffic will allow penetration tester to modify the traffic and analyze the responses from…
CSRF Vulnerability on LinkedIn
In previous blog we have seen a critical vulnerability in LinkedIn password reset module allowing an attackers to compromise LinkedIn user’s account and how helpless…
Better Secure Than Sorry! Neglected, Assumed and Hence Vulnerable Menace: Password Attacks
On July 16, 1998, CERT reported an incident where an attacker had found 186,126 encrypted passwords. By the time they were discovered, they had already…
How secure is my LinkedIn account ?
LinkedIn is a business-oriented Social networking service. One purpose of the sites is to allow registered users to maintain a list of contact details of…
Social Engineering and How It Helped Us Find A Mole
Social Engineering is essentially the art of influencing some person into doing things that he may or may not do willingly. It is not a concept…
Bug Bounty : An Introduction
What exactly is Bug Bounty ? In the Wild West, when outlaws roamed the land, local sheriffs did not have the resources to track them…
Insecure URL redirection in Google+
Our team identified a vulnerability in Google+ (Google Plus) service which can be used to perform malicious insecure URL redirection in google+. It was possible…
Proxying HTTP/HTTPS traffic on android
Proxying HTTP/HTTPS traffic on android – There are several stages to perform thorough penetration testing on android based application including but not limited to Authentication,…
Hacking Google account through Locked Android Devices
Hacking Google account through Locked Android Devices Varutra revealed an issue in the text message notification implementation of Google’s Android operating system which may lead…
Categories
- Android Security (19)
- Application security (1)
- Authentication & Authorization (22)
- Blockchain Security (1)
- Bug Bounty (2)
- BYOD (5)
- Case Study (29)
- Chatbot Security (1)
- Cloud Security (14)
- Containerization Security (1)
- Corporate Training (6)
- Cyber Attack (34)
- Cybersecurity Frameworks and Solutions (1)
- Data Breaches (35)
- Data Leakage (27)
- Data Privacy (29)
- Email Phishing (8)
- Encryption & Cryptography (14)
- Ethical Hacking (19)
- General (34)
- Governance Risk & Compliance (8)
- iOS Security (2)
- IOT Security (7)
- Java Security (2)
- Mobile Application Security (19)
- Mobile Device Management (10)
- Network Pentesting (9)
- News (48)
- Password Security (10)
- Past Events (8)
- Patch Management (3)
- Ransomware Attack (14)
- Reverse Engineering (3)
- Secure SDLC (5)
- Security Advisory (34)
- Security Best Practices (42)
- Security Hardening (38)
- Social Engineering Attack (10)
- Social Networking Security (5)
- Source Code Review (2)
- SPAM (2)
- Student Oriented Courses (2)
- Thick Client Penetration Testing (4)
- Unix/Linux Security (1)
- Upcoming Events (3)
- Viruses & Malware (16)
- VoIP Penetration Testing (4)
- Vulnerability Disclosure (21)
- Web Application Security (34)
- Windows Mobile Security (1)
- Zero Day Attack (8)