Author: Jahanvi Gupta

Top Software Testing Services

emvbug

New Research Revealed Flaw in Pin Verification System of EMV

A recent study by a group of researchers at ETH Zurich University has revealed severe flaws in the EVM protocol design that makes it prone to many types of attacks. Although the security for EMV has been advertised, many attacks over the years have indicated otherwise.  EMV is the international standard protocol for smart card…
Read more

File Manager WordPress Plugin Zero-Day Vulnerability Risked Thousands Of Websites

A new zero-day vulnerability was founded by Wordfence in a WordPress plugin. The vulnerability existed in the file manager plugin and allows unauthenticated attackers to execute arbitrary code on a WordPress site. WordPress is a popular website building website and is used by millions of users worldwide. The vulnerability has affected 70,000 active users of…
Read more

HaveIbeenPwned to go Open-Source

HaveIBeenPwned (HIBP) is a website that allows its users to check whether their data has been compromised. Its founder Troy Hunt who is also a Microsoft Regional Director, an MVP, and a renowned speaker, regularly shares his journey about HIBP through his blog. A recent announcement about the platform going open source has put it into the limelight. …
Read more

India as an Emerging Hack-For-Hire Hub

As the Cyberworld is advancing, so are the methods of invading cybersecurity by the attackers. Hacking, just like any other profession, has two types of usage- legitimate and non-legitimate. A recent report by Google TAG indicated a rise in hack-for-hire operations and claimed that most operations are based in countries like Iran, India, China, etc. …
Read more

Iranian Hacker group: first APT to use DNS over HTTPS for Attacks

An Iranian cybercriminal group, also known as APT34, has been reported as the first-ever known group to use DNS over HTTPS protocol to exfiltrate data on compromised systems. Vicente Diaz, a malware analyst for antivirus maker Kaspersky, spoke about the attacks at a webinar last week. He said that these types of attacks had been…
Read more

Arrested Whitehat Hackers Requested for Good Samaritan Law

Last year in September, two pen testers Justin Wynn and Gary Demercurio, who work for the firm coalfire, were arrested for felony charges by the authorities when they were just doing their job. They had been appointed by the state on a contract basis to check the physical and technical security of the courthouse premises.…
Read more

COVID 19

Cybersecurity to take a front Seat for Businesses since COVID-19

For any organization, its data is the most crucial entity that needs extensive protection, given the type of data breaches that are happening around the world. The attackers employ various ways to get access to the data.  The novel Covid-19 has resulted in a substantial shift from a centralized network database to the remote cloud-based…
Read more

WhatsApp ‘hijacking’ Resurfaces again

The WhatsApp hack that has been in the news for a year has seen a recent spike in the number of attacks since the novel coronavirus pandemic has hit the world. An audio message of the recent hack victim Deepa Lekshmi went viral on WhatsApp, where she recounted her plight of her WhatsApp account being…
Read more

US intelligence authorities warns of new strain of chinese virus ‘Taidoor’

A Chinese virus named Taidoor has been recently reported as a potential threat by the US government in its Malware Analysis Report (MAR) jointly released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD). The virus poses a threat mainly because of its ever-evolving…
Read more

Apple’s Touch Id- a possible gateway to your iCloud account?

A security specialist at an IT firm Computest, Thijs Alkemade, found a security flaw in Apple’s Touch ID feature in February. This possible security breach could leave the iCloud accounts of the apple users vulnerable and accessible to the attackers when apple’s touch Id feature is used for verification. Authentication Flaw According to the specialist,…
Read more