April 20, 2022

SecureLayer7 at Nullcon 2022 Berlin Conference

Nullcon is a well-known Indian cybersecurity conference and first time held in the Berlin, Germany location. The conference is known for its technical research talks and […]
April 4, 2022

Redis sandbox escape affects only Debian, Ubuntu, and other derivatives

Recently on www.ubercomp.com, a post was made regarding how the Redis sandbox was broken for Debian and Debian derived Linux distributions. Also, it was mentioned that […]
April 2, 2022

Spring4Shell RCE a new Vulnerability in Spring Framework via Data Binding

In the Spring Framework, a new remote code execution vulnerability has been discovered and named CVE-2022-22965. Overview On March 30, 2022, various websites and technical blogs […]
March 22, 2022

Ransomware Targeted Attacks: CISO Mitigation Playbook

Hello there!  Today we will discuss something scary but interesting: The “Ransomware attack”. Occasionally we hear from people about their data being tied up, and it’s […]
February 9, 2022

Why Is Gartner Talking About External Attack Surface Management (EASM)

Why Is Gartner Talking About External Attack Surface Management (EASM) In a recent report from Gartner, External Attack Surface Management (EASM) has been introduced as an […]
January 24, 2022

Critical Log4j Vulnerability and Recommendations to Resolve it

What is Log4J? Log4j is an open-source logging utility offered by Apache Software Foundation. This logging library is widely used by businesses in its application to […]
January 21, 2022

Webinar – Mobile app pen testing: Understanding android apps and how to secure them

With 2.5 billion android users across 190 countries, the digital expansion offers limitless opportunities for businesses. But along with opportunities come the challenges that plague the […]
December 22, 2021

postMessage(): common issues and how you can mitigate them?

Introduction to postMessage() The application uses the window.postMessage () method to allow cross-origin communication between different window objects. This method provides a way to circumvent the […]
December 17, 2021

Websocket: common vulnerabilities plaguing it and managing them.

What is WebSocket? Efficient two-way communication protocol WebSocket is stateful where HTTP is stateless Two main parts: Handshake and data transfer WebSockets allows the client/server to […]
Enable Notifications    OK No thanks