Red Team Specialist in Consulting Role
Cyber Sins
by
4M ago
You’ve spent years honing your skills in the trenches of in-house security, helped identify and fix numerous blind spots, and vulnerabilities. Now you’re ready for a new challenge by joining a consulting firm as a coveted red teamer. This is an exciting opportunity to apply your expertise in a new context and help hundreds of organizations strengthen their security posture. To ensure you ace the interview process, I’ve compiled some key pointers to help you prepare for your interview in consulting domain ..read more
Visit website
Spear Phishing, an issue with PayTM
Cyber Sins
by
4M ago
Before you deep dive in the technical information, I wish to confirm that this vulnerability has been FIXED. Thanks to PAYTM for taking a quick action. Looking forward for such quick response on security concerns. Kudos! Don’t get this wrong. I wish to share a vulnerability that can be leveraged by attackers to perform/ initiate a spear phishing attack. The website in discussion is paytm.com. There is an information disclosure vulnerability in the main website, and an un-authenticated user can query for a mail address against a mobile number ..read more
Visit website
I got a phishing mail, and I followed it
Cyber Sins
by
4M ago
We come across so many links via social networking websites, and we unknowingly click many of these. The malicious links have catastrophic results and the system as well as yours privacy is either compromised or your data takes the hit. Here is one such analysis of a link dated 17.April.2012 that I came across via Twitter and LinkedIn. NOTE: All links have been appended with ‘non-clickable’ suffix hxxp:// to prevent mistaken clicks ..read more
Visit website
What should you look for in a Pen-test, anyway?
Cyber Sins
by
4M ago
Vulnerabilities are increasing by leaps and bounds and any industry – technical or non-technical has to grow its security in sync or else, it is highly vulnerable and lucrative target. There is news of data loss, breaches every now and then. A rough estimate of the growth of vulnerabilities (as reported) over last decade (1995-2008) is shown in Figure 1. This accounts to vulnerabilities as reported, wherein there are hundreds of active (non-reported or un-patched) vulnerabilities floating underground which are in the hands of money driven and black hat profit driven attackers ..read more
Visit website
Is Social Network, a forbidden fruit?
Cyber Sins
by
4M ago
It’s the kind of evening that anyone would expect me to be sitting in office for a snacks time conversation. But today due to some power problems, we called the day off pretty early. I was feeling a little restless, so came out and walked into a Cafe Coffee Day (CCD) to have an Expresso. On the table next to me, there is a group of teens discussing about Facebook, Orkut etc ..read more
Visit website
Implement "security.txt" to advocate responsible vuln. disclosures
Cyber Sins
by Rishi Narang
4y ago
After discussing CAA record in DNS to whitelist your certificate authorities in my previous article, do you know it's a matter of time that someone finds an issue with your web-presence, website or any front-facing application? If they do, what do you expect them to do? Keep it under the wrap, or disclose it to you "responsibly"? This article is for you if you advocate the responsible disclosure; else, you have to do catch up with reality (I shall come back to you later!). Now, while we are on responsible disclosure, the "well-behaved" hackers or security researchers can either reach you via b ..read more
Visit website

Follow Cyber Sins on FeedSpot

Continue with Google
Continue with Apple
OR