A web application penetration testing focuses on finding loopholes in the application and its working environment, which attackers can exploit to compromise the application. Before you go ahead with testing, it is good to be aware of the steps involved in web app pen testing. Steps in Web application penetration testing 1.Information Gathering Information Gathering or Reconnaissance is the first step in web application penetration testing. It involves gathering all data about the web app. It includes looking for data from public sources (including Open Source Intelligence (OSINT)), port scanni ..read more

Here is a weekly roundup on what is happening in the cybersecurity world: A quick recap of the latest cyber-attacks, upcoming threats, critical vulnerabilities and patches to be applied. Recent Cyber Attacks Ransomware Attacks 1.Taiwan’s motherboard maker Gigabyte suffers a ransomware attack and attackers threaten to expose 112 GB of stolen data including confidential information concerning Intel, AMD and Megatrends. [Read More on Gigabyte Ransomware Attack] Data Breaches 2. US’ waste management firm, Waste Management Resources suffers a data breach exposing the healthcare information of its e ..read more

Username & Password combination is a time tested lock and key mechanism to protect information assets. But what if that is stolen? Two Factor Authentication is an extra layer of security that helps in declining access using hacked credentials. As a business owner, implementing a secure login for employees, customers and third parties give you a sense of protection that all your critical business information is safe.  But a recent study by Verizon shows something different.  Source: Verizon 2021 Data Breach Investigations Report, pg 22 As per the report, almost 61% of data breache ..read more

Both data breaches and data leaks are used interchangeably when it comes to information security. Invariably both of them refer to compromise on data in the organisation. The difference between a data breach and a data leak lies in how they happen. Data Breach refers to intentional exposure of data whereas Data Leak is unintentional. Here goes in detail the difference between a data breach and a data leak: What is a Data Breach? When a deliberate attempt exposes data, it is called a data breach. It is usually carried out by cybercriminals or users with malicious intent. They find data as a val ..read more

Here is a weekly roundup on what is happening in the cybersecurity world: A quick recap of the latest cyber-attacks, upcoming threats, critical vulnerabilities and patches to be applied.  Recent Cyber Attacks Ransomware 1. Italian energy company quickly recovers from Ransomware Attack, thanks to comprehensive cybersecurity policy implementation. [Read More on ERG Ransomware Attack] 2. Italy’s Lazio region reports a ransomware attack on its administration system including the covid-19 vaccination network. [Read More on Lazio Ransomware Attack] Data Breach 3. Marketing firm Reindeer (not op ..read more

A web application penetration testing focuses on finding loopholes in the application and its working environment, which attackers can exploit to compromise the application. Before you go ahead with testing, it is good to be aware of the steps involved in web app pen testing. Steps in Web application penetration testing 1.Information Gathering Information Gathering or Reconnaissance is the first step in web application penetration testing. It involves gathering all data about the web app. It includes looking for data from public sources (including Open Source Intelligence (OSINT)), port scanni ..read more

Data is the new gold. Organisations reporting data breaches are exponentially growing every passing year. Besides, the business and financial loss associated with data breaches is alarming. Read on to understand what exactly is a data breach and what is its impact on a business. Whatever business you are into, one thing is common for all organisations. It is the immense amount of data that you store and communicate with. It could be data related to your product or service, customer details, employee information, client data, confidential files, legal documents, intellectual properties, partner ..read more

Cyberattack statistics for 2020 shows that India is a favorite target for cyber criminals. The trend continues in 2021 too. Here is a list of publicly reported cyber incidents in India so far. Cyberattacks: 1st March 2021: Chinese hacking group Stone Panda (or APT10) targets vulnerabilities in the IT infrastructure of vaccine makers Bharat Biotech and Serum Institute of India to exfiltrate intellectual property.   Data Breaches: 25th February 2021: Air India reports a cyberattack in its passenger service system (SITA’s PSS) resulting in a massive data breach. – 4.5 million ..read more

Here is a weekly roundup on what is happening in the cybersecurity world: A quick recap of the latest cyber-attacks, upcoming threats, critical vulnerabilities and patches to be applied.  Recent Cyber Attacks Ransomware 1. D-Box motion experience technology maker says it is recovering from a ransomware attack. [Read More on D-Box Ransomware Attack] 2. Transnet SOC, South Africa’s state-owned rail and port logistics company hit by the Death Kitty ransomware attack. [Read More on Transnet Ransomware Attack] Data Breach 3. UC San Diego Health reports of a data breach via compromised staff em ..read more

A web application penetration testing focuses on finding loopholes in the application and its working environment, which attackers can exploit to compromise the application. Before you go ahead with testing, it is good to be aware of the steps involved in web app pen testing. Steps in Web application penetration testing 1.Information Gathering Information Gathering or Reconnaissance is the first step in web application penetration testing. It involves gathering all data about the web app. It includes looking for data from public sources (including Open Source Intelligence (OSINT)), port scanni ..read more