In July 2023, a serious breach involving Ivanti’s EPMM surfaced due to the CVE-2023-35078 zero-day vulnerability. Attackers exploited this flaw, gaining unauthorized API access, manipulating server functions, and potentially exfiltrating…
Welcome to the seventh installment of our blog series on “Insufficient Attack Protection.” In this edition, we shine a spotlight on the growing concern of CAPTCHA bypass attacks, a well-known…
Simple Object Access Protocol (SOAP) is a Connection or an interface between the web services or a client and web service. SOAP is operated with application layer protocols like HTTP,…
Modern applications often depend on Cross-Origin Resource Sharing (CORS) to enable smooth integrations between services – but this convenience can become a serious security risk if misconfigured.
A web application firewall is a specific kind of application firewall that applies explicitly to web applications. It is released before web applications and investigates Bi-directional web-based (HTTP) traffic -…
In the last blog we had explored OWASP IoT Top 10 vulnerabilities overview, now we will explore the impact of each of these OWASP vulnerabilities on IoT technologies and product…
With ever increases attack surfaces with IoT devices, physical hardening is also one of the important aspects of IoT Security. Many times these devices are being part of critical infrastructure…
OWASP, also known as the Open Web Application Security Project, is an online platform that creates articles available freely, programs, documentation, tools, and technologies for web application security. It is…
An Application Programming Interface (API) is a component that enables communication between two different applications. They can be applications developed on different platforms and it uses a different server for…
Cross Site Scripting (XSS) is the most popular web application vulnerability. It is a code injection attack that allows attackers to execute malicious JavaScript code in user’s browser. In this…
