Web Cache Poisoning – Through Host Header Inject ...
To understand the concept of web cache poisoning first we have to understand what web cache is and why it is being used. Then we…
Read MoreApache Struts-2 Exploited to Remote Code Execution ...
This blog is to describe my finding on a web-based application which is a very well-known vulnerability found on Apache Struts-2 RCE (Remote Code Execution)….
Read MoreVulnerabilities Related to SAML [Security Assertio ...
In this blog, we are going to discuss about what is the SAML(Security Assertion Markup Language) and how it works as well as we are…
Read MoreMicrosoft Zero Day – VCard Vulnerability ...
Introduction: A zero-day vulnerability has been discovered and reported in the Microsoft’s Windows operating system. Under a certain scenario it could allow a remote attacker…
Read MoreAdvisory | Microsoft Zero Day – Windows Task ...
Introduction A previously unknown zero-day vulnerability has been disclosed in the Microsoft’s Windows operating system that could help a local user or malicious program to…
Read MoreWhat Makes Penetration Testing Impactful – P ...
As a penetration tester, we often come across this riddle – What Makes Penetration Testing Really Impactful. As per penetration testing methodology – we identify…
Read MoreBeware Android Users – CLOAK AND DAGGER is h ...
The WORLD has still not got over with the WannaCry ransomware menace and here comes one more! People have been debating for years over Android…
Read MoreBuffer Overflow Attacks ...
Introduction Buffer is a storage place in memory where data can be stored. It’s mostly bound in a conditional statements to check the value given…
Read MoreThreat Advisory Report on WannaCry Ransomware (Cri ...
1. Introduction On Friday, May 12, countless organizations around the world began fending off attacks from a ransomware strain variously known as WannaCrypt, WanaDecrypt and…
Read MoreShellshock-Security Patching Aftermath ...
On September 24th 2014, a publicly disclosed vulnerability was revealed in the UNIX/Linux which we have discussed in our blog https://www.varutra.com/blog/?p=1010. Although a patch has…
Read MoreCategories
- Android Security (8)
- Authentication & Authorization (12)
- Blockchain Security (1)
- Bug Bounty (1)
- BYOD (4)
- Case Study (28)
- Chatbot Security (1)
- Cloud Security (3)
- Containerization Security (1)
- Corporate Training (4)
- Cyber Attack (9)
- Data Breaches (11)
- Data Leakage (14)
- Data Privacy (16)
- Email Phishing (2)
- Encryption & Cryptography (10)
- Ethical Hacking (11)
- General (1)
- iOS Security (2)
- IOT Security (2)
- Java Security (2)
- Mobile Application Security (11)
- Mobile Device Management (6)
- Network Pentesting (5)
- Password Security (2)
- Patch Management (3)
- Ransomware Attack (4)
- Reverse Engineering (3)
- Secure SDLC (3)
- Security Advisory (24)
- Security Best Practices (20)
- Security Hardening (19)
- Social Engineering Attack (4)
- Social Networking Security (4)
- Source Code Review (2)
- SPAM (2)
- Student Oriented Courses (2)
- Thick Client Penetration Testing (2)
- Unix/Linux Security (1)
- Viruses & Malware (9)
- VoIP Penetration Testing (4)
- Vulnerability Disclosure (16)
- Web Application Security (6)
- Windows Mobile Security (1)
- Zero Day Attack (5)