Advisory: CVE-2021-44228 Apache’s Log4jshell Vulnerability
January 2, 2022Introduction Security researchers recently disclosed the vulnerability CVE-2021-44228 in Apache’s log4j, which is a common Java-based library used for logging purposes. Components such as Struts2, Kafka etc. make use of log4j library. JNDI The Java Naming and Directory InterfaceTM (JNDI) is an application...
Focusing on the 4 Contemporary Security Fundamentals
October 12, 2021There’s an old age saying that prevention is better than cure. The biggest hindrance when it comes to cybersecurity is that there are so many trajectories that cybercriminals can possibly exploit, it’s often difficult for cybersecurity experts to conclude where best to...
APPLICATION SECURITY TRENDS TO WATCH OUT FOR 2021
October 4, 2021Application security specialists are steering on a security landscape that has become increasingly complicated in recent years with the majority of people adopting the cloud and the growing use of Application Programming Interfaces. In a new survey conducted by Forrester Research...
Self-Gravitating Protection of Applications in a Cloud Progression World
September 30, 2021The increase in cloud adoption is driving the need for nimble-footed application security. According to various reports, 80% of web applications now run in cloud environments, while 70% of organizations have stimulated their plans to migrate to the cloud in...
OWASP Top 10 Threats for 2021
September 21, 2021OWASP Top 10 threats list acts as a standard framework document that represents a broad consensus about the most critical security risks to web applications. Lately, The OWASP group, in an announcement made on 8th September 2021, has released its...
Akamai Suffers Disruption, Jeopardizing Website Services of Major Corporations
July 29, 2021Various major web services suffered due to an outage caused by cloud services provider Akamai Technologies DNS service. Content Delivery Platform, Akamai Technologies gave an alert on an “Edge DNS” service incident, noting a “partial outage” on its website and said it...
Why you should Trust no one and Verify Everyone: Zero Trust Policy
June 29, 2021The classical theory of the security boundary is growing increasingly troublesome at the heels of highly publicized attacks. The boundaries are becoming nonexistent, as cloud-based architectures push back legacy systems. Adding on, the cyber kill chain is likewise altering into...
Chinese Hackers Targeted India’s Power Grid Amongst Geopolitical Tensions
May 17, 2021In the middle of intensifying border tensions between India and China, cybersecurity researchers have discovered a unified campaign against India’s hypercritical infrastructure, including country’s power grid, from Chinese state-sponsored groups. The attacks, which corresponded with the deadlock between the two nations in May...
5 Network Security Mistakes you’re Making Right Now and doesn’t Even Know About It
May 16, 2021Network security attacks are capturing headlines, often with information regarding the size of the attack, who was behind it, who all were affected and most importantly what all information was leaked or the severity of the attack. Mistakes are in human...
