LATEST POST

ARTICLES

You are safe! ROPEMAKER is nothing but a ruse

In last couple of days my security feed exploded with mention of ROPEMAKER (Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky) and my first reaction was "wow! someone broke the email, and that too post delivery. #WTF". I immediately opened the source i.e. the blogpost that Mimecast has posted explaining the issue. Frankly on first read, it was a disappointment! I think most of the people that are talking about it like a new, big fancy issue to panic about, do not understand the complete picture. Disclaimer: This post is not to offense Mimecast, or in...
Continue reading

Tools tools everywhere, not a single one they look

The Rime of the Ancient Mariner, a poem by Samuel Taylor Coleridge about an old sailor who is compelled to tell strangers about the supernatural adventures that befell him at sea after he killed an albatross, a friendly sea bird. Water water everywhere, not any drop to drink. This metaphor was so apt in the middle of the sea; so it is in the middle of thousands of logging events. Most of the security...
Read more

Satellite beams 'unbreakable' cipher from space

If you are closely following the Quantum advancements, you would have come across the news of Chinese satellite "Mozi" launch in August, 2016. With this successful launch, Chinese proved they are way ahead (atleast per the public information) and are taking quantum-communication seriously. Mozi is dedicated to understand and test the phenomenon of Quantum entanglement. Mozi, a 500Kg satellite derived it's name from the 5th century BC chinese scientist and is motivated...
Read more

Wake up call. Apache Struts is being exploited

Dislaimer: It's a tale of incident response for a vulnerability dated March 2017, that wasn't patched on the server. And, someone exploited it naively. It was in the night that I received a message - "We have been hacked". As with most of the hacks, people tend to overreact (or sometimes under) and the 1st message delivers the least amount of information. It started a chain of events, and forensics to identify...
Read more

Need for WAF in the world of Secure SDLC

You have a secure development lifecycle, and you do perform a pen-test before going live, or rolling out an application in production; then why do you need a Web Application Firewall? At the end, it is one more security product where ROI is difficult to prove. This is one of the most common question I have been asked when talking about application security. People are still conservative when it comes to buying a good...
Read more

Jump Air-gap, Low Level C&C

The threat landscape is very dynamic, and new threat vectors are exploiting vulnerabilities for fun and profit. The whitehat security community is having a race against time with their counterparts. And, often the companies are becoming a target to spear phishing, APT and bots. Some institutions like financial sector, insurance sector, defense etc. have strong regulations to protect the perimeter. But, often these sectors have people working on their modern laptops with different adaptors...
Read more

Revamp of OWASP Top 10 for 2017

Yes, the OWASP 2017 is coming but that doesn't mean it's your bible. Finally OWASP is performing a revamp of the Top 10 web-vulnerabilities as per the inputs received from the community. For the first time the OWASP community have also shared the inputs received from different Security consulting/ services firms. Reading through the list, it gives a good idea on what kind of vulnerabilities are more common in the industry, and the ones...
Read more

Are you using SIEM as a service?

SIEM as a service; in the cloud - Is it possible? Is it a fad? Or, is it yet to evolve? While we are catching up on cloud transformations, and moving generously in someone's data center, someone's VM or container; SIEM as well joined the cloud market. And, out emerged the companies who offer such SIEM as a Service model[1]. These companies promise to provide SIEM in the cloud, and you gather your...
Read more