Blockchain Network is Secured! But not the apps and their Integrations
Overview During the security assessment for a blockchain-based web application, it was observed that some of the functions were vulnerable to unauthenticated ETH transfer from an admin wallet to the attacker’s wallet. The web application was a booking application where […] The post Blockchain Network is Secured! But not the ... Read More
Browser-in-the Browser (BITB) – A New Born Phishing Methodology
Introduction There is no one who we can trust in this digital age! Phishing has become a prevalent assault in the previous decade, with the attacker using a false login screen to acquire users’ credentials. A novel phishing technique called […] The post Browser-in-the Browser (BITB) – A New Born ... Read More
Devil for Modern Security: RANSOMWARE
Detail overview of trending issue in cyberspace, Ransomware What is Ransomware? Ransomware is a kind of software or programming script which encrypt the user’s files and block the user to access their data. The new generation ransomware malware is built […] The post Devil for Modern Security: RANSOMWARE appeared first ... Read More
A simple entry point can lead to Server Compromise
During a web application penetration project, our team has exploited a simple bug that can turn into remote code execution to the main server. Recently our team escalated a straight forward template injection to a Remote Code Execution and compromised […] The post A simple entry point can lead to ... Read More
