Posts By Shubham Agarwal

TED is a nonprofit organization spreading great ideas. TED works with the tagline, " Ideas worth spreading". Since its start, TED has been renowned with the inclusion of subject expert speakers with groundbreaking and Eye-opening ideas revolutionalising our thought process. Astra brings you the collection of 5 best TED Talks on the topic of Cyber Security. Why I teach people…

The importance of privacy was recognized from archaic times when in 300 B.C. when Aristotle differentiated the public and private sphere of one's life. Fast forward to the current era of connected devices and internetworked technologies, making it difficult to keep the private information actually private. Most of the times we end up sharing crucial information on the internet, which…

About the Joomla SQLi If you are using the version 3.7 of popular CMS Joomla! an update awaits your approval. The version 3.7 suffers from a severe SQLi (SQL Injection) vulnerability with a dread score of 8.6/10 and easy exploitation. An update for the same was released in next patch. All details for the same have been mentioned below. Identifying…

Server Error Message Disclosure

A well-thought-out server error handling plan during application development is of vital importance in order to prevent information leakage. That's because an error message is capable of forsaking insightful information about an application’s inner workings. Apart from giving up any information to the attacker, a planned error handling strategy is easier to maintain and saves the application from encountering any…

Recently, we published an update on a severe Magento vulnerability which was released by the DefenceCode team. Soon after Bosko Stankovic (the Defensecode researcher who discovered this Magento vulnerability) released a follow-up article. Bosko confirms that Magento would be patching these in the upcoming updates. Through this article, Astra aims to explain the severity of these vulnerabilities, and how one needs to…

CSRF-All You Need to Know -Astra Security

Cross-Site Request Forgery (CSRF) is one of the most rampantly occurring online attack. Also notoriously known as XSRF or “Sea-Surf”, it is listed as the 8th most common web application vulnerability in the OWASP Top 10 report of 2017 cyber-attacks. Understanding CSRF Execution of a CSRF attack involves a malicious website sending a request to a web application via another formerly authenticated…

A recently discovered unpatched vulnerability has rendered Wordpress. the most popular CMS in the world in peril of user credential exposure. The vulnerability could allow hackers to compromise targeted admin passwords. What's more perturbing is that it renders all versions of Wordpress as vulnerable. The wordpress vulnerability (CVE-2017-8295) had been brought to light by Dawid Golunski, a Polish security researcher who reported…

Recently a new severe 0-day Magento vulnerability has been released by DefenceCode team in an advisory. If you are vulnerable from this, attackers are capable of remotely executing  arbitrary code. As of now the vulnerability has been confirmed for the Magento Community edition as the researcher did not test for the enterprise edition. But since both the version use same base code there is…

WordPress Security Astra Security

You have just launched your online store or expert blog and WordPress is powering it! You are finding new ways to generate traffic, installing new plugins to help you in SEO and keeping your customers happy by giving superb support. But one thing that you might have ignored is: security of your freshly installed WordPress website. 7 out of 10 times,…

In arguably the most common question small business owners have, when they are asked about security is that "why would anyone hack me, I'm just a small business owner ?". People should understand the greater consequences which await their immediate attention. Truth be told, small and medium size businesses are targeted by hackers the most. Here's why hackers hack small and medium businesses…

12
Close