Blog

This article is the second part of the Session Management topic. The focus is on prevention practices, with one particular example of inactivity timer implementation!

Storing data on an organization’s network is not an easy feat. Companies want their network as secure as possible, identifying loopholes and weak points to uncover and address vulnerabilities that cyber attackers can exploit. This need for protection is where Vulnerability Scanners enter the picture.

Zimbra Collaboration is back on CISA's shi... I mean Known Exploited Vulnerabilities Catalog. Today's theme is remote code execution without authentication.

Most common types of attacks. Social engineering, phishing. Ransomware.

As cybersecurity increasingly becomes a national security issue, the UK approach stands out for several reasons that everyone (public and private sectors) can learn from.

More security tools, and other resources.

Basics about TI - Threat Intelligence, and a brief overview of Abuse.ch - a TI community platform for analysts and other security professionals.

In this first part of the Session Management, I have given the introduction to the topic as well as the implementation of Cookie Service and Session Storage Manager.

An overview of some useful tools in the Cyberspace.

A short primer on SQL Injection - SQLi; what is SQLi and what are some of the most common types of SQLi.

This isn’t just another “next step” of computing… The application of emerging quantum computing tech in the cybersecurity industry will result in arguably the most significant disruption the world has ever seen. Just how can a new evolution of computing do all this? Through the strange world of quantum mechanics.

Welcome to vsociety – the open, independent, and user-centered community with features built specifically to make vulnerability research shareable and actionable at scale. We don't make many self-posts, but wanted to share our origins with you...

In this blog post, we will be detailing a new vector to exploit a vulnerable version of Google SLO Generator, a widely used Python library publicly available on Github. In other words, we will be searching for an older version that we can exploit to highlight the importance of keeping software packages up to date.

A new threat is on the horizon. And this new paradigm promises to be the most profound shift for security professionals since the dot-com boom of the nineties. I’m talking about blockchains and decentralized economies in the 2020s. To get a sense for the scope of change in front of us, we need to take a trip down memory lane – to the advent of the internet.

CVE-2022-27924, a vulnerability published in May 2022, has been added to CISA's Known Exploited Vulnerabilities Catalog.