Imagine you are taking a stroll in your neighborhood and you notice that backdoor of one of your neighbor is wide open. You being the good Samaritan would ring their bell and tell them, right? I know you will. You will do this because you know that the world is not all sunshine and rainbows and there are chances of…
Malware attacks are bad! They bring your business to a stand still and cause a loss money, reputation and even customers. Usually business owners only start caring about malware after they get infected with it. As they say everyone feels secure until they get hacked, and they haven't got hacked until now because a hacker didn't try. Once infected, it…
In 2016, the Magecart infrastructure, notoriously known as a fraudulent payment stealing script was making waves across the e-commerce industry. Named so because it largely targeted e-commerce platform giants like Magento, Powerfront CMS and OpenCart, leading to massive theft of credit card information from these e-commerce sites. However, even a year later, the Magecart issue hasn't been dissolved and remains a…
Award winning CMS Joomla is a popular choice for many businesses. Owing to its large user base, this CMS regularly encounters a wide-range of security related issues. In this article, we discuss 3 of the most common vulnerabilities encountered in various Joomla versions in the past. 1. SQL Injection Vulnerability Recently, Joomla 3.7 became victim to an SQL Injection Vulnerability: CVE-2017-8917. Easily…
Cross-Site Request Forgery (CSRF) is one of the most rampantly occurring online attack. Also notoriously known as XSRF or “Sea-Surf”, it is listed as the 8th most common web application vulnerability in the OWASP Top 10 report of 2017 cyber-attacks. Understanding CSRF Execution of a CSRF attack involves a malicious website sending a request to a web application via another formerly authenticated…
A variety of web applications employs database systems for the provision of backend functionality. A widely used language used to query, operate, and administer database systems is Structured Query Language (SQL). Owing to its rampant use in web applications globally, SQL-powered databases are easy and frequent targets for cyber-criminal acts, the severity of which depends solely on the intricacies of…
Often stated as one of the most overlooked of all web vulnerabilities, clickjacking aka UI redress attack refers to a type of attack that tricks users into unwarily clicking on nefarious links set up by the attacker. On clicking these links, the attacker is able to gather confidential information, compromise the user’s privacy, or make a user perform actions online…
Internet Security for online businesses and applications is an ever pressing issue. While organizations are regularly updating their defense mechanisms against rising cyber-attacks, cyber criminals are constantly finding new hack techniques to break into firewalls and steal sensitive information. 2016 witnessed a steep rise in cyber-crime attacks, all the while with no exception of insider threats getting prominent each year. Enlisted below are…
Cross-Site Scripting (XSS) attacks are stated as one of the most rampant occurring yet easily fixable injection attack faced by e-commerce businesses and a variety of other web applications. From targeting applications built on archaic web technologies to newer ones using rich, client-side UIs, XSS has plagued them all. However, it is imperative to realize that vulnerabilities posing as a…