Posts By Bhagyeshwari Chauhan

All You Need to Know About Android App Vulnerability: Insecure Authentication

The Open Web Application Security Project (OWASP) has listed Insecure Authentication as the fourth most exploited risk in mobile applications. Insecure Authentication exploits vulnerable authentication schemes by faking or bypassing authentication. They do so by submitting service requests to the mobile app’s backend server, in order to bypass any direct interaction with the mobile app. The attacker carries out this process via mobile malware…

Crypto Malware Website Infection on a Rise: Redirects Website Users to Malicious Sites & Infects Their Computers

Cryptocurrencies have been the fad of 2017. This year further witnessed the massive rise of Bitcoins and a rampant emergence of various other cryptocurrencies worldwide. What's more, even online attacks worldwide demanded ransom in the form of bitcoins. Lately, in another rampant online attack, more than 2000 Wordpress websites have been compromised of user credentials by crypto malware to mine cryptocurrency. The hackers…

Drupal Vulnerability: Highly Critical Remote Code Execution Vulnerability Found

Occupying a significant market share in Content Management Systems (CMS) used to develop websites, after Wordpress and Joomla, Drupal is a highly sought after CMS by major businesses and government organizations including the White House. Drupal is arguably the most secure CMS as it strictly adheres to online software standards (OWASP). While Drupal has gained prominence with the developers, it embodies an active…

Hacked WordPress, Joomla & CodeIgniter Website? This ionCube Malware Could be the Cause

Over 700 WordPress and Joomla Websites have been infected with the ionCube malware that disguises as legitimate ionCube-encoded files. IonCube is an old and powerful PHP Encoder which is used for to encrypt and protect files with PHP encoding, encryption, obfuscation and licensing capabilities. Owing to licensing costs, ionCube isn’t generally a contender for malicious uses. However, attackers found a way to…

2017 was the year of hackers. From content management systems, e-commerce portals, data breaches to hacked websites of financial institutions, cybercrime is on the rise with every passing year. 2017 witnessed staggering cyber attacks like the massive financial data theft in the Equifax Data Breach,  the WannaCry Cyber Attack which was 2017's deadliest ransomware attack, the Petya Ransomware attack, and the notorious yahoo…

WordPress Code Injection

Wordpress sites have always been targets for internet fraudsters owing to its large user base and a wide range of functionalities. Using vulnerable Plugins, not timely updating to the latest versions, not applying patches regularly, and carelessness in security measures are the major reasons for a large number of attacks on Wordpress Sites. Unfinished Wordpress installations have rendered the world's…

3 Most Common Apache Vulnerability Found

Apache, the world's widely used web server software, has been a victim of notorious vulnerabilities time and again. These vulnerabilities render the server prone to various form of malicious attacks and other internet frauds leading to information theft and loss. While Apache regularly releases updates for its vulnerable versions, following Apache vulnerabilities have gained infamy for their potential imperilment to…

How Does the WordPress DoS Exploit Work?

Wordpress, one of the most popular content management systems in the world is rendered vulnerable to yet another vulnerability capable of bringing down an entire WordPress powered system. Statistically powering nearly 29% of the web, an unattended Wordpress vulnerability breeds serious consequences for businesses and websites. The Wordpress DoS Vulnerability The vulnerability (CVE-2018-6389) was discovered by Israeli researcher Barak Tawily. According to Tawily, the flaw…

All You Need to Know About Android App Vulnerability: Insufficient Cryptography

The Open Web Application Security Project (OWASP) has listed Insufficient Cryptography as the fifth most exploited risk in mobile applications. Insufficient Cryptography or insecure usage of cryptography is a common vulnerability in mobile apps that leverage encryption. Due to weak encryption algorithms or flaws within the encryption process, the potential hacker is able to return the encrypted code or sensitive data to its…

Close