|
By Keshav Malik
One famous case of a major telecom player involved 10 million customer accounts being breached, and days later, an extortion demand for $1 million pounds cash was also made. The weak link? A forgotten ‘Zombie API.’
|
By Jinson Varghese
What is the worst that could happen if you don’t continuously test your web application for vulnerabilities? Imagine if 4 billion private messages from 650 million of your users were leaked online. This nightmare became a harsh reality for Discord in April 2024.
|
By Jinson Varghese
A new Cross-Site Request Forgery (CSRF) vulnerability has been discovered in PowerAdmin. This vulnerability poses a significant risk, potentially compromising user data and disrupting the designated functionality across roles.
|
By Jinson Varghese
Penetration Testing in cyber security is a vital process that aids in evaluating an application’s security through hacker-style exploitation to expose and assess security risks. Security risks can be present in various areas such as system configuration settings, and, login methods.
|
By Keshav Malik
Modern software is built on the backs of APIs (Application Programming Interface). It unites separate bits of the web, allowing systems to communicate with each other. With APIs being used on such a wide scale, managing them becomes a mammoth task.
|
By Ananda Krishna
Vulnerability scanning is a process where an automated tool is used to scan IT networks, applications, devices, and other internal or external assets of an organization for known potential security loopholes and vulnerabilities. At the end of every vulnerability scan, you receive a report that documents the vulnerabilities that were found along with risk scores for each vulnerability and in some cases security recommendations.
|
By Aakanksha Khanna
Two vulnerabilities—stored XSS and insecure file upload— have been detected in the Alpha 0.5 version of CervantesSec. This article will outline what CervantesSec does, the vulnerabilities found, and its current status.
|
By Keshav Malik
Cybersecurity is the most crucial curve in today’s rapidly evolving digital landscape, and all organizations of any size need to be at the forefront of it. With AI becoming mainstream, new emerging trends shape the cybersecurity industry daily.
Critical OpenSSH Vulnerability 'RegreSSHion' Potentially Exposes Millions of Servers (CVE-2024-6387)
|
By Shikhil Sharma
Recently, Qualys identified a new remote unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems, nicknamed regreSSHion (CVE-2024-6387).
|
By Keshav Malik
Cyber threats are getting more sophisticated and frequent. As a result, organizations are always looking for ways to outsmart cybercriminals. This is where artificial intelligence (AI) comes in handy. Artificial intelligence (AI) is transforming the cybersecurity landscape by offering faster, more precise, and more efficient means of identifying cyber threats.
|
By Astra
WireMock is an API developer productivity platform that provides developers with the tools and technologies needed to get the job done easily when they depend on APIs in the development process. It allows developers to be productive when they're consuming 3rd party and internal APIs that delay their development or when they prototype and deliver APIs.
|
By Astra
Hi! In this video, we talk about evolution (or the lack of) of Pentest Reports/VAPT Reports in the last decade. We review a few key components of a VAPT/Pentest Report and also take a dive into new exciting feature 'Reports' by Astra Pentest.
|
By Astra
Zenduty is a business critical application used by some of the top engineering teams across the world. When it comes to continuous Pentest, Zenduty trusts Astra’s platform. See what Ankur, (CTO & co-founder of Zenduty) has to say about their experience with Astra.
|
By Astra
Astra is a cyber security SaaS company that makes otherwise chaotic penetration tests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 8300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to DevSecOps with Astra's CI/CD integrations.
|
By Astra
Established in 2015 by David De Guz, Rebrandly provides a holistic link management platform to create substantial touchpoints between brands and their customers. Embracing the assets links to every company, Rebrandly’s link management services help brand, track, and share short, catchy URLs with customized domain names.
|
By Astra
We've brought security to your workplace Astra users can now manage their security within Slack 🥳 You can stay on top with alerts about the target, manage vulnerabilities and collaborate with Astra's security experts - right within Slack
|
By Astra
2022 was awesome for us at Astra Security 🚀 We hit new milestones, improved security & saved millions in potential loss for our users, launched tonnes of new features and had a lot of fun doing it all! A big "THANK YOU" to our team, customers & everyone who has supported us throughout 🙏
|
By Astra
Directory Traversal might not be considered as a high-impact vulnerability but it can be a stepping stone to information leak and shell upload vulnerability. The lack of directory traversal security can allow an attacker to manipulate the file path to gain unauthorized access to different files in the directory. You need penetration testing to detect the directory traversal vulnerability. This video is a short explanation of how the file traversal vulnerability can be exploited, and how you can avoid it.
|
By Astra
Clickjacking is an interface-based attack where the hacker manipulates the CSS of a website to insert a malicious iframe, button, or link which hides behind a seemingly harmless button of link. It takes the user to a malicious page and triggers some unsolicited action on the user's behalf. A clickjacking attack may be used to trigger a malware download, loss of content, or money, among other things. You can detect it with the help of penetration testing.
- July 2024 (9)
- June 2024 (3)
- May 2024 (2)
- March 2024 (3)
- January 2024 (4)
- December 2023 (3)
- November 2023 (2)
- October 2023 (6)
- September 2023 (13)
- August 2023 (7)
- July 2023 (1)
- June 2023 (2)
- May 2023 (10)
- April 2023 (8)
- March 2023 (7)
- February 2023 (8)
- January 2023 (9)
- February 2022 (2)
- January 2022 (1)
- November 2021 (1)
- May 2021 (1)
- January 2021 (1)
- December 2020 (4)
- October 2020 (2)
- September 2020 (2)
- August 2020 (2)
- July 2020 (1)
Astra Security Suite makes security simple and hassle-free for thousands of websites & businesses worldwide.
Find and fix every single security loophole with our hacker-style pentest:
- Test for 3000+ vulnerabilities: Including industry standard OWASP & SANS tests.
- Shift DevOps to DevSecOps: Integrate security into your CI/CD pipeline.
- Get ISO, SOC2, GDPR or HIPAA Compliant: Cover all the essential tests required for compliance.
- Scan your critical APIs: Protect your business critical APIs from vulnerabilities.
- Automated & manual pentest: We combine automated tools with manual, in-depth pentest to uncover all possible vulnerabilities.
Arm your website against every potential threat:
- Rock-solid firewall and malware scanner: Protect your website in real time and uncover any malicious code.
- Scan for vulnerabilities: Scan and protect your site from the most common vulnerabilities and malware.
- Seal up vulnerabilities automatically: Astra’s firewall automatically virtually patches known exploits which can be patched by firewalls principally.
- Perform daily malware scans: Get peace of mind and keep hackers at bay with Astra's daily malware scans.
- Build custom security rules. With Astra’s security boosters, build custom security rules for your website using our no code builder.
Protect your business from all threats, with Astra's hassle-free security.