Category: Uncategorized

Public Cloud Outages; A New Normal
The Incident Many Avenger fans would have felt frustrated when they were not able to view the latest Hawkeye series 4th episode when Disney+ was down due to an AWS outage. The outage also affected the competitor of Disney+ thats Netflix. Condesk, Tinder, Roku and many other services depended on AWS backbone were out last […]
Read More...

Ajit Hatti December 9, 2021 Uncategorized

Securing Atlassian & Jenkins Deployment
Atlassian & Jenkins Atlassian is a globally popular provider of software development and collaboration tools. Jenkins, an open source automation server has more than 200,000 deployments. Both are being actively attacked due to recently disclosed vulnerabilities CVE-2021-26084 &  CVE-2021-39124 in Atlassian products, as they are used in conjunction at many organisations. These security issues pose […]
Read More...

Bhushan Hinduja November 19, 2021 Uncategorized

Passwords & MFA Melting VPNs
The VPN Meltdown Throughout the March & April month, Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agent (CISA)  has reported numerous  incidents where old vulnerabilities in popular VPNs were exploited by organized (or state sponsored)   hackers, around the world. Large numbers of malware families & malicious actors across the globe […]
Read More...

Shivani Thopte April 27, 2021 Uncategorized

3 Ways, Passwords are Failing the Enterprises
Online world majorly relies on passwords for access control and content security. Enterprises and individuals alike use passwords to keep sensitive information out of the wrong hands. However, enterprises are an extremely high value target for attackers and that level of attention cannot be handled by the humble passwords.  In this blog I will be […]
Read More...

Atharva Chincholkar February 22, 2021 Uncategorized

Logokit – The most advanced phishing tool kit; You cannot ignore
Amongst the many known cyber-attacks, Phishing takes the throne. Users, including the experienced ones, can fall prey to phishing. Phishing has become a very cost effective, low skill & straightforward way for cyber criminals over the years now to harvest credentials from across the globe. The effectiveness of phishing attacks is getting better and better […]
Read More...

Ramya Erramilli February 4, 2021 Uncategorized

Nissan : Git, default-set, Gone..
Git Server with default credentials When you set up things that are connected to the internet, they generally require protection from unauthorized access. This protection is often provided by passwords. In most of these cases, a default password with a username is given for first time configuration. As a general security practice, you are supposed […]
Read More...

Atharva Chincholkar February 4, 2021 Uncategorized

Old vulnerability haunts unpatched FortiOS installations
In 2018, a vulnerability (CVE-2018-13379) allowed attackers to read FortiOS files without authentication by sending a carefully crafted HTTP request. This vulnerability only existed in the SSL VPN. It affected FortiOS version 5.6.3 to FortiOS version 6.0.4. According to CloudSEK this vulnerability has come back to haunt networks that use FortiOS and missed the memo […]
Read More...

Atharva Chincholkar November 27, 2020 Uncategorized

Dumping & Abusing Windows Credentials [Part-1]
Introduction: We all know how crucial our credentials are to us, these shared secrets are basically the access to our resources present on various platforms. The whole process of authentication and authorization is pretty much always dependent on these shared secrets which can be in the format of passwords, access tokens, keys, tickets etc. Today […]
Read More...

Satyam Dubey September 13, 2020 Uncategorized

Passwords are like Plastic; Lets get rid of ’em
Passwords are at the foundation of security and access control ever since humans felt the need of securing resources and access to it. Passwords have been used and abused since millennium and the best documented example of this is “Open Sesame”.  The surprising fact is even after millennium passwords are ubiquitous, and mean anything but […]
Read More...

Ajit Hatti May 31, 2020 Uncategorized

Popular Posts

© PureID. All Rights Reserved