2 million network storage devices affected by unpatched zero-day vulnerabilities!

2 million network storage devices

Network storage devices (NAS), are critical for small and medium businesses as it adds to the extra storage space when these business are running out of space. Critical shortcomings have been discovered in the NAS devices such as WD my book, SeaGate home, Medion Lifecloud, Netgear Stora. This critical vulnerability allows actors to exploit the […]

Continue reading


Facebook’s massive Data breach: what you need to know

facebook data breach

The worries for facebook do not seem to stop with cambridge analytica and this time around it’s a massive data breach of almost 50 million user accounts and another 40 million which are at risk, the vulnerability allowed hackers to take direct access to all these accounts information. As per Facebook, the bugs that enabled […]

Continue reading


Mitre ATT&CK Framework: A boon to your company’s Red Team

MITRE ATT&CK

The MITRE ATT&CK Framework has become increasingly popular over the last few years. It was originally developed to support Mitre’s cyberdefense work but at this point it is both an enormous knowledge base of cyberattack technology and tactics and a model for understanding how those elements are used together to penetrate a target’s defenses. The […]

Continue reading


Why you must switch to HTTPS right now?

Secure your website with HTTPS

It is high time to switch to HTTPS. The most important question lingering here is Why to move to HTTPS? To understand why, first we need to understand what is HTTPS? The Hypertext Transfer Protocol (HTTP) is an application protocol for communication over distributed, collaborative, and hypermedia information systems. HTTPS (HTTP Secure) is an adaptation of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network, and is […]

Continue reading


Avoiding the rising DNS Binding Attacks for the smart devices

Is your device safe from DNS Rebinding Attack_

What is a DNS Rebinding Attack? DNS Rebinding Attacks are where the attacker tricks the user into binding with malicious websites and then making the user browser or device access unintended domains. Such attacks are normally used to compromise the system and exploit it as proxy for attacking the internal network. How DNS Rebinding Attacks […]

Continue reading


FelixRoot Backdoor Malware Resurfaced in a recent Campaign

Felixroot Backdoor

Felixroot Backdoor was first spotted in September 2017 in Ukraine spreading through pernicious banking documents with macros downloading the back door of C&C server. Felixroot Backdoor malware campaign has resurfaced using Microsft Office vulnerabilities CVE-2017-0199 and CVE-2017-11882 to compromise the victim’s windows computers. It is being distributed by the file name “Seminal.rtf” claiming to provide information on […]

Continue reading


FlawedAmmyy RAT being delivered via TA505 email spam campaigns

FlawedAmmyy RAT

Always be cautious while opening email attachments. Recently, hackers have been sending weaponized PDFs containing malicious SettingContent-ms files containing FlawedAmmyy RAT, reported by researchers at SecurityOps. SettingContent-ms file opens the Control Panel for the user. The interesting aspect of this file is the <DeepLink> element in the schema. This element takes any binary with parameters and executes […]

Continue reading


Cloud Technology has brought in a paradigm shift in Storing Data

Cloud Technology has brought a paradigm shift in storing Data

Cloud Computing has flourished enormously over the past few years. It has changed the concept of data storage altogether. Every day new innovations and developments are made in cloud computing. Here are some major points how cloud computing is reshaping the IT world: Storing data safely with minimal human effort Data is being stored in […]

Continue reading


What is DMARC? Why is it important for your business?

DMARC policies

What is DMARC? DMARC (Domain-based Message Authentication, Reporting and Conformance) is a technology advancement in preventing email and domain spoofing. It ensures that emails go through a domain based check and then sent to the recipient. It uses DKIM and SPF standards along with additional standards of its own. It is really challenging to tell […]

Continue reading