IoT Security

Basics Of IoT Security Threat Modelling

⦁ Basic of IoT Security Threat Modelling The Internet of Things or IoT as we call it can be treated as to be interrupting the interruption. IoT where all the non humans are both clients as well as servers is said to be on the edge of widely interrupting the most famous, Internet. There was…

VAPT

Wireless Security Devices Compliance

RCIE Course Modules: 3.9 Wireless Security Devices Compliance What are wireless security protocols? Wired Equivalent Privacy (WEP), (WPA) Wi-Fi Protected Access, Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3) are security protocols developed to secure computer networks. WPA to WPA 3 was developed by the Wi-Fi Alliance to make networking more secure…

Web Security

Web Application Security Vulnerabilities

WEB APPLICATION VULNERABILITY Web Application Vulnerabilities are some of the most common flaws leading to modern data breaches, These are not limited to only XSS(Cross Site Scripting) and SQL INJECTION. Application Vulnerability – Software system flaws or weaknesses in an application that could be exploited to compromise the security of the application.  Buffer Overflow – Buffer Overflows occur…

VAPT

Vulnerabilities Framework Latest

Vulnerabilities in Ruby-on-Rails Framework & How to prevent it: Ruby-on-rails—it’s modular, easy-to-read, and broadly supported by legions of loyal developers. Many of the world’s most trafficked websites have relied on Rails to deliver scalable and highly available web services. As per the CVE database: Arbitrary file existence disclosure in Sprockets CVE 2015-7819 Available as Ruby…

VAPT

Vulnerabilities in Ruby

Vulnerabilities in Ruby-on-Rails Framework & How to prevent it: Ruby-on-rails—it’s modular, easy-to-read, and broadly supported by legions of loyal developers. Many of the world’s most trafficked websites have relied on Rails to deliver scalable and highly available web services. As per the CVE database: Arbitrary file existence disclosure in Sprockets CVE 2015-7819 Available as Ruby…

VAPT

Vulnerabilities in play Framework

Vulnerabilities in play Framework Http only cookie bypass CVE-2015-2156 Description A vulnerability has been found in Play’s cookie handling code that could allow an attacker to bypass the httpOnly flag on sensitive cookies. Impact Any Play apps that reflect cookie values back into the body of a response are vulnerable to this. One example of when this…

VAPT

Vulnerabilities in meteor framework

Vulnerabilities in meteor framework Meteor, or MeteorJS, is a  free and open source isomorphic JavaScript web framework written using Node.js. Meteor allows for rapid prototyping and produces cross-platform (Android, ios, web) code. It integrates with MongoDB and uses the distributed data protocol and a  publish subscribe pattern to automatically propagate data changes to clients without requiring the developer to write any…

VAPT

Vulnerabilities in Angular js Framework

Vulnerabilities in angular js framework What is angularjs ? Angular JS is a framework by Google (originally developed by Misko Hevery and Adam Abrons) which helps us in building powerful Web Apps. It is a framework to build large scale and high performance web application while keeping them as easy-to-maintain. Vulnerabilities in angular js Security…

VAPT

Securing Email Servers Compliance

RCIE Course Modules: 3.10 Securing Email Servers Compliance What is email server security compliance? Securing your corporate email server is one of the most important aspects of ensuring compliance. With the rise in cyber-threats and the focus on phishing and malware, there is stronger need for deeper compliance in the email domain. With advanced tools…