Could you imagine that something very dangerous has been present in billions of devices since 2013 that can potentially take over more than 3.5 billion devices? That seems like chaos! Right? In Christmas time, on Thursday December 9th The Apache Software Foundation released details on a critical vulnerability in Log4j, a logging library used in
The recent years have emphasised the importance of cyber security in a data-driven world where everyone, regardless of their size or mission, is cultivating their online presence to reap the numerous benefits. Attacks have become more commonplace, and the misuse of stolen data has also become the standard, requiring individuals and businesses that use data
Cybersecurity expert and hacker Jeff Forristal initially described the SQL injection attack in 1998. It has been more than two decades since its discovery and it is still leading the Owasp Top 10. To define SQL injection vulnerability we can say that when invalid or incompletely verified strings are combined into a dynamic SQL query
Introduction To Follina (CVE-2022-30190) On May 27th, 2022, Nao_sec discovered a strange Word document uploaded from a Belarusian IP address. Apparently, this was a zero-day vulnerability in Microsoft Office or Windows known as Follina. A malicious Word document can exploit the Follina vulnerability and execute arbitrary code. A vulnerability exploits the built-in URL handlers in
