Introduction Nowadays, the cybersecurity field is becoming more and more important in everyday life as technologies evolve continuously and more malicious people, so-called hackers, want
Category: General security
Phishy Basic Authentication prompts
In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they
Practical JSONP Injection
JSONP injection is a lesser known but quite widespread and dangerous vulnerability and it surfaced in the last years due to the high rate of
Penetration Testing in IT/ Security Assurance Projects
There are various cases when during an IT/ security assurance projects there are specific requirements to rely on penetration testing projects/ reports completed by a
Penetration Testing or Vulnerability Assessment – Which one should I choose?
In this post we will take a quick look at the differences between vulnerability assessment (VA) and penetration testing (PT). Furthermore, we’ll give a set of
When Cryptographic API Design Goes Wrong
Whether we like to admit it or not, failing to account for human factors and usability issues when designing secure systems can have unwanted consequences.