Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
October 8, 2022This Cybersecurity Advisory (CSA) outlines the most common vulnerabilities and exposures (CVEs) used by state-sponsored cyber actors from the People’s Republic of China (PRC) since 2020, as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA),...
Advisory: CVE-2021-44228 Apache’s Log4jshell Vulnerability
January 2, 2022Introduction Security researchers recently disclosed the vulnerability CVE-2021-44228 in Apache’s log4j, which is a common Java-based library used for logging purposes. Components such as Struts2, Kafka etc. make use of log4j library. JNDI The Java Naming and Directory InterfaceTM (JNDI) is an application...
Focusing on the 4 Contemporary Security Fundamentals
October 12, 2021There’s an old age saying that prevention is better than cure. The biggest hindrance when it comes to cybersecurity is that there are so many trajectories that cybercriminals can possibly exploit, it’s often difficult for cybersecurity experts to conclude where best to...
APPLICATION SECURITY TRENDS TO WATCH OUT FOR 2021
October 4, 2021Application security specialists are steering on a security landscape that has become increasingly complicated in recent years with the majority of people adopting the cloud and the growing use of Application Programming Interfaces. In a new survey conducted by Forrester Research...
Self-Gravitating Protection of Applications in a Cloud Progression World
September 30, 2021The increase in cloud adoption is driving the need for nimble-footed application security. According to various reports, 80% of web applications now run in cloud environments, while 70% of organizations have stimulated their plans to migrate to the cloud in...
OWASP Top 10 Threats for 2021
September 21, 2021OWASP Top 10 threats list acts as a standard framework document that represents a broad consensus about the most critical security risks to web applications. Lately, The OWASP group, in an announcement made on 8th September 2021, has released its...
Akamai Suffers Disruption, Jeopardizing Website Services of Major Corporations
July 29, 2021Various major web services suffered due to an outage caused by cloud services provider Akamai Technologies DNS service. Content Delivery Platform, Akamai Technologies gave an alert on an “Edge DNS” service incident, noting a “partial outage” on its website and said it...
Why you should Trust no one and Verify Everyone: Zero Trust Policy
June 29, 2021The classical theory of the security boundary is growing increasingly troublesome at the heels of highly publicized attacks. The boundaries are becoming nonexistent, as cloud-based architectures push back legacy systems. Adding on, the cyber kill chain is likewise altering into...
Chinese Hackers Targeted India’s Power Grid Amongst Geopolitical Tensions
May 17, 2021In the middle of intensifying border tensions between India and China, cybersecurity researchers have discovered a unified campaign against India’s hypercritical infrastructure, including country’s power grid, from Chinese state-sponsored groups. The attacks, which corresponded with the deadlock between the two nations in May...
