Khushi TrivediforKeploy Community Blogkeploy.hashnode.dev·Dec 18, 2024How Fuzz Testing Saved a Software Company Millions?What would happen if your software faced an unpredictable input that no one ever thought to test? Could it withstand the challenge or fail catastrophically? Software has been a backbone for every industry, whether e-commerce platforms or the finance ...fuzzing
HOT HEADhothead01th.hashnode.dev·Dec 9, 2024Exposing the Dark Side of JSON Web Tokens (JWT)JSON Web Tokens (JWTs) have become the backbone of modern web authentication, promising secure identity and privilege transfer. JWTs are cryptographically protected tokens transferring identity and privilege information about a user or client. Encode...JWT
Cyber Hack Whip Bloghackwhip.hashnode.dev·Nov 26, 2024How I Escaped a WhatsApp Scam: A Close Call with PhishingA few weeks ago, I received a call from an unfamiliar number. The caller introduced himself as a pastor and claimed to be a member of a Christian group on WhatsApp to which I belonged. His tone was warm and friendly, and he opened with the usual past...10 likes·62 reads#cybersecurity
Keshav Agrawalsecopsbyte.com·Nov 24, 2024Unveiling the Nearest Neighbor AttackIn the ever-evolving landscape of cybersecurity, new threats emerge regularly, challenging organizations to stay one step ahead. Recently, researchers from Volexity uncovered a particularly alarming method employed by Russian hackers, known as the Ne...Cyber Security News#cybersecurity
Đinh Văn MạnhforFIS Securityblog.fiscybersec.com·Nov 22, 2024Palo Alto Networks Phát Hành Bản Vá Khẩn Cấp Cho Lỗ Hổng Zero-DayPalo Alto Networks đã phát hành các bản vá cho hai lỗ hổng zero-day nghiêm trọng trong hệ thống tường lửa của họ. Những lỗ hổng này đã bị khai thác tích cực, đe dọa đến an ninh của nhiều tổ chức sử dụng sản phẩm của công ty. Chi tiết về lỗ hổng Lỗ h...38 readsNewslettersthreat intelligence
Sergio Medeirosgrumpz.net·Nov 10, 2024My Journey to Passing the CAPenX Certification: A Guide for Aspiring Expert-Level AppSec PentestersIntroduction: As a seasoned cybersecurity researcher and penetration tester, I am constantly on the lookout for certifications that sharpen my skills and keep me at the forefront of web application security. The Certified AppSec Pentesting Expert (CA...11 likes·170 readssoftware development
Bhuwan Bhetwalblog.bhuwanbhetwal.com.np·Nov 7, 2024Breaking In: How RXSS and SQLi Can Lead to Full Account Takeover and Database AccessThese vulnerabilities were Identified on one of the YesWeHack’s Private Program. I was hunting late night when i received an invitation from one of the Private Program. As they Were Interested on critical reports. I was looking for SQLi, Command Exec...2 likes·924 readsSQL
Đinh Văn MạnhforFIS Securityblog.fiscybersec.com·Oct 30, 2024Lỗ hổng zero-day mới trong Windows ThemesMột lỗ hổng zero-day mới trong Windows Themes đã được phát hiện, cho phép kẻ tấn công đánh cắp thông tin xác thực NTLM của người dùng từ xa. Lỗ hổng này đã gây ra mối lo ngại lớn trong cộng đồng bảo mật, đặc biệt là khi NTLM đã từng bị khai thác rộng...Newslettersvulnerability
Abhiramcloudbuddy.hashnode.dev·Oct 25, 2024Software Composition Analysis (SCA): Identifying Open Source Vulnerabilities in Your CodeIn today's software development landscape, open-source components have become an integral part of building applications. While open-source libraries and frameworks offer numerous benefits, they also introduce new security risks. Software Composition ...shiftlefttesting
Bisola Adedijibeesola.hashnode.dev·Oct 23, 2024File Upload VulnerabilitiesWhen files are not uploaded securely, applications are vulnerable. Code injection into the target application by uploading malicious scripts is frequently the first step taken by attackers. The attacker then just has to figure out how to get the code...Security
