Category: VAPT

  • Blog
  • Category: VAPT
Log4j – A Billion Device Vulnerability
Log4j – A Billion Device Vulnerability
Log4j – A Billion Device Vulnerability
Log4j – A Billion Device Vulnerability

Log4j – A Billion Device Vulnerability

Could you imagine that something very dangerous has been present in billions of devices since 2013 that can potentially take over more than 3.5 billion devices? That seems like chaos! Right? In Christmas time, on Thursday December 9th The Apache Software Foundation released details on a critical vulnerability in Log4j, a logging library used in

Getting Started into the Network Security

The recent years have emphasised the importance of cyber security in a data-driven world where everyone, regardless of their size or mission, is cultivating their online presence to reap the numerous benefits. Attacks have become more commonplace, and the misuse of stolen data has also become the standard, requiring individuals and businesses that use data

Ultimate Guide To SQL Injection – Part I

Cybersecurity expert and hacker Jeff Forristal initially described the SQL injection attack in 1998. It has been more than two decades since its discovery and it is still leading the Owasp Top 10. To define SQL injection vulnerability we can say that when invalid or incompletely verified strings are combined into a dynamic SQL query

CVE-2022-30190 THE FOLLINA VULNERABILITY

Introduction To Follina (CVE-2022-30190) On May 27th, 2022, Nao_sec discovered a strange Word document uploaded from a Belarusian IP address. Apparently, this was a zero-day vulnerability in Microsoft Office or Windows known as Follina. A malicious Word document can exploit the Follina vulnerability and execute arbitrary code. A vulnerability exploits the built-in URL handlers in