July 15, 2015

CVE-2015-2652 – Unauthenticated File Upload in Oracle E-business Suite.

During my regular penetration testing job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be […]
March 27, 2015
WordPress Plugin – Revslider update captions CSS file critical vulnerability
Today was another day at work for SecureLayer7 to recover our client’s defaced website. And bang!! I think I hit upon a nasty vulnerability of a […]
March 13, 2015

Reason Why Companies should Outsource Vulnerability & Penetration Testing Services

If you are looking to manage everything that relates to web security of your company on your own, then this blog is not for you. On […]
March 9, 2015

Malware Cleanup: Analysis of an Undetectable web-shell code uploaded via RevSlider Vulnerability

I started my day with my regular Malware Cleanup activity when I came across an interesting backdoor web shell file on the server.  The server is not specific […]
March 7, 2015

Google OAuth Target URL and Domain Description Vulnerable to UI redress attack

Over last 3 years, I’ve participated in the Google Reward Program and found some relatively serious vulnerability. Google OAuth Target URL, Upload X.509 Cert and Domain […]
January 31, 2015
securelayer7-services

SecureLayer7 Launches Information Security Testing Services

We are excited to announce the launch of SecureLayer7 Security Testing Services. Securelayer7 brings it all together provides a bunch of comprehensive security services including the […]
January 29, 2015

CVE-2015-0235 – How to secure against Glibc Ghost Vulnerability

CVE-2015-0235 Ghost (glibc gethostbyname buffer overflow) Vulnerability is serious cause for all Linux servers. In effect, this vulnerability is leveraged to execute remote end code execution […]
Enable Notifications    Ok No thanks