Preventing cryptographic protocols from “DROWN attack”
DROWN is an abbreviation for Decrypting RSA with Obsolete and Weakened encryption and is seems to be applicable on servers using SSLV2. Just like Heartbleed, it may impact more than 11 million websites...
View ArticleThe A to Z of Public Cloud Security Tools
You may wonder why an arrangement of servers, constructed of hard metal, which tend to run hot and weigh thousands of pounds, be called a “cloud”? This can be propped up only by an engineering diagram,...
View ArticleSecurity Best Practices
Security Best Practices More and more organizations today realize how important it is to manage security of their websites and applications on cloud or on-premise datacenters. Organizations are rapidly...
View ArticleBenefits of Using a Host-Based Intrusion Detection System
This blog discusses the utility and benefits of using a Host-based Intrusion Detection System (HIDS) tool: OSSEC in your environment. A host-based intrusion detection system provides real-time...
View ArticleHow to Perform event on successful login via Spring Security in Grails
Some applications require to store and show last login of the user which is quite common. With this feature a user can verify the last login date and time upon successful login. I would like to explain...
View ArticleTop 10 Security Recommendations for Online Businesses
Recently, cyber attacks have been on a rise, and it appears that every other day due to these attacks, businesses are being held to pay ransom to protect themselves or go out of business. There are...
View ArticleXSS (Cross Site Scripting) Blog Series I Blog 1: Overview, Vulnerabilities...
Have you witnessed a scenario where a trusted site gets injected with a malicious script attack? Well, commonly people refer this as a “‘Cross Site Scripting’ attack. The XSS scripts injected into a...
View ArticleWhat Lies Ahead of Web Attacks in 2017?
Being in the middle of the second quarter of 2017, we can already find a number of reports regarding web attacks, also known as cyber-attacks or cyber threats. Due to a constant rate of increase of...
View ArticleRansomware – A CryptoViral Extortion Attack
Ransomware is malicious software that blocks access to data until the ransom is paid. An advanced type of ransomware encrypts the files on the system. Since it restricts the user from accessing their...
View ArticleDeadliest Web Attacks and How to Shield from Them
Do you think your web application is sheltered and safe? Think again! 2016 was a year which saw a portion of the most exceedingly awful digital assaults whether it be the 32 lakh Indian bank...
View ArticleWhy Payment Gateway Process Needs to be Tested?
A company that handles the transactions between two parties (i.e. merchant and customer) is called payment processor. The payment is accomplished by passing on the payment information, like a credit...
View Article
More Pages to Explore .....